From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.6 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 6EB78140E2; Fri, 6 Jan 2023 13:27:59 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id A8F7A140B8; Fri, 6 Jan 2023 13:27:56 +0000 (UTC) Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by atuin.qyliss.net (Postfix) with ESMTPS id E0ADF140B6 for ; Fri, 6 Jan 2023 13:27:52 +0000 (UTC) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 5D9A85C00C9; Fri, 6 Jan 2023 08:27:51 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Fri, 06 Jan 2023 08:27:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1673011671; x=1673098071; bh=QjTE0LrQpl siNMrHsAxk0ai6GsemMSiSjcX2nxJB1YQ=; b=PAaH1SHw31xBPrRroO3+33cHbv TP/n2jOTM/iudi43dM7zGr9FJ5j7l2U5/bCa2Qpd+ERZZjeEe8BKf1NGIb2PZgj5 LngPmeqHDvFOTZxSxNRVifWp/8+SxYmI5KHQUFdzF/0gPsdf9Wc9aKNHxgwBCC5a j5A18EBPJDRRHyKN+jdV0rB3069BzvF8aHU+vvoD6u0E6iLenrR/J5LglXT5n7d0 bJlNZ55LjXnttqtQsZw5+6nBjb9fKBtj6ADlociYOIgteDy9kp60cOFI88Gp7GYu 6rmePBCC1NHwsbp1Z3J3sOZ7+1ehN3GQqnY76p1o4unJySNtf9k/kz+uihqw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1673011671; x=1673098071; bh=QjTE0LrQplsiNMrHsAxk0ai6Gsem MSiSjcX2nxJB1YQ=; b=e79tC0ZSYoVsdTSUKA8ANVsg7IkeBcyHFcT6xn0Tuz9i aJHWBapHAWjZa6z54JUhDS4gWwhOjuLRtvJ399KM6wlAbiSsYnnUGwXLkbJQVyPg +3BfzN4tTvmta3Se5TL6tmZhAMJp1UEQiywy4g1T8RD1p4HGjwaMwyFeuoYss88T LWXNKTiJOl/dNIh/t6vV4obMceDzPsRx/IiZ8dgFs9/m75jIDtS2pZ2kVyMChap5 tHO67I4MKzSML1Go8KSKXk1HFEfE9LeYdTpTL5H882ct1RGbaIXcOt0AmV7wKBqH rjvGpPuxWsYcFLH3MeiZrYUagB0EaALcQgG8Js0LvA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrkedtgdehfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpeffhffvvefukfhfgggtuggjsehgtderredttdejnecuhfhrohhmpeetlhihshhs rgcutfhoshhsuceohhhisegrlhihshhsrgdrihhsqeenucggtffrrghtthgvrhhnpeeivd dtfefgledthfeuheffheffkeelieefgfeiheegieeihfejieeuvdefffetffenucffohhm rghinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg hmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrihhs X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 6 Jan 2023 08:27:50 -0500 (EST) Received: by x220.qyliss.net (Postfix, from userid 1000) id 07A353EB; Fri, 6 Jan 2023 13:27:48 +0000 (UTC) Date: Fri, 6 Jan 2023 13:27:47 +0000 From: Alyssa Ross To: Adam Joseph Subject: Re: [PATCH] Documentation: Architecture Decision Record Message-ID: <20230106132747.kad4pfyne5pgxopj@x220> References: <20220708110215.92996-1-ville.ilvonen@unikie.com> <167272942335.19302.1324067862019435223@localhost> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="ytep3tjg2fhy3cnf" Content-Disposition: inline In-Reply-To: <167272942335.19302.1324067862019435223@localhost> Message-ID-Hash: 6EZ66JBXNB6KZHJGMOW7TXFRDASKZM2H X-Message-ID-Hash: 6EZ66JBXNB6KZHJGMOW7TXFRDASKZM2H X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: devel@spectrum-os.org, Ville Ilvonen X-Mailman-Version: 3.3.5 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --ytep3tjg2fhy3cnf Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jan 02, 2023 at 11:03:43PM -0800, Adam Joseph wrote: > Quoting Ville Ilvonen (2022-07-08 04:02:15) > > +++ b/Documentation/decisions/006-drivers-on-host.adoc > > ... > > +## Consequences > > +No networking on the host. Responsibilities of the host are expected t= o get > > +smaller over time. > > I know you're probably a long, long way from worrying about wifi, but whe= n you > get to that point, I suggest taking a look at running `eiwd` in the netvm: > > https://github.com/illiliti/eiwd/ > https://github.com/NixOS/nixpkgs/pull/208844 > > - It is way more robust than wpa_supplicant. > - (unlike iwd) it does not require plumbing a dbus connection from the ho= stvm to > the netvm (nor all the attack surface that would entail). > - You control it by simply editing its state files, which it watches with > `inotify()`. > - It has zero runtime dependencies! > - `pkgsStatic.eiwd` builds (caveat: I have not tested it) > - You should be able to boot a VM with `init=3D/nix/store/...-eiwd/bin/= eiwd` > and run it as PID 1 (note: I have not tried this). > > I've been running this on my daily driver laptop for the last few weeks a= nd am > extremely happy with it. Thanks for the recommendation! IMO, we're not too far away from worrying about Wi-Fi =E2=80=94 it would ju= st involve setting up Wi-Fi modaliases to pass through to the appropriate VM, and setting up the VM to do the right thing if any Wi-Fi devices were connected to it. For embedded use cases, where you could just bake the network configuration in to a custom netvm, that'd be it. But for e.g. a laptop, for Wi-Fi to be useful we'd really need a way to have persistent storage for on-the-fly network configuration. That's the main reason I haven't looked at Wi-Fi yet. It's a very pressing problem, though, so hopefully won't be too long... --ytep3tjg2fhy3cnf Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEH9wgcxqlHM/ARR3h+dvtSFmyccAFAmO4IdIACgkQ+dvtSFmy ccB0HQ//f+Wbh519o7cGP5e9uvO45yZWGeRe1cllysTclIzHbIaoTeMh0uShMNjg 3NNEqrMJ+jkewVm02xymbhUVSWfcTOsE45ylGpgz6duwSZWBFQaZlO/th72au8Dh rLS0S+/T4hMao5OQyGE2QH50pBtImdQXPFCMiOLg29gSRLK8bUNUybEbCZCqpAzc hbqb+8srUk1mJTmXQVCnnFGXRps3Gr5e66CvnyTAasrw3ec99HFXbqQU9T83YHck 2q7oosvDgcMI+0DNOx3lHCftQ6M9IKdU+P+KtB3BqakcGzbXdJGSEDRMPd1Ju0WN SGtPgXOdq3Jb8mhnhTN9x8C4kURiVPINOffg6aYkvfDxJm8veU4fwdESgqjpR0VC OyiNbSAKS6ssYAZAge1z4bTbGS5Q5JrCnUgcLTOWd+6kfxSFq8/IQVSzMnKuL0v4 DiviB1FZOIiAdTUN+M5ov+X6kge99oa+5c4BHX+akxYVAuyt7iOgrt0TF5lZbSBO wYi5gegjyTuXc4xT4JGyuoAZTTRESjzckN2buxTXcjtyF3y3M3VpJIwUuadYjZJQ 6/7x87E9JIjS7u9tYh7iQYuSBNeeS66lfzCkIq2aOAfCtNa6FOQlol5iGGMZegYO B6Q5myxSzsAYDHlcOjd5bE8QYADPoLKbwyoxP8EmMOVRuNK7dC4= =Il8Y -----END PGP SIGNATURE----- --ytep3tjg2fhy3cnf--