From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 66B138147; Wed, 29 Oct 2025 10:14:36 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id C0CA08075; Wed, 29 Oct 2025 10:14:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_PASS,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=4.0.1 Received: from mail-yx1-xb135.google.com (mail-yx1-xb135.google.com [IPv6:2607:f8b0:4864:20::b135]) by atuin.qyliss.net (Postfix) with ESMTPS id 65E2C8082 for ; Wed, 29 Oct 2025 10:14:28 +0000 (UTC) Received: by mail-yx1-xb135.google.com with SMTP id 956f58d0204a3-63e19642764so7278363d50.1 for ; Wed, 29 Oct 2025 03:14:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1761732867; x=1762337667; darn=spectrum-os.org; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:from:to:cc:subject:date:message-id :reply-to; bh=ybecEg8XSmPyGNbGUdiRiLjrjKy8eOWSZti6Ok9ANtM=; b=JG8TPVD6Wk0ad4VdQuJ7PKMyaPcgGpSUC49QTrX+nLxb6fW8ziueLBUzSONW6/Fi3h REIYuftX6L+HTF8s0IhEI/ziPwJOatZCZNkwS5hH52w4UG21vKZpqsVhsnuyyupysQ0k pRyk61gRSFF9BRuMQnZBdmWHMxZEevF8NNqMDAsbYrlY/rxbDQuAQxA0e4FeB5WIR4cy zH228eImEobBogSZ3pDwyBvzYJJsIDKi+BA6zrH/3Jao+qIY+5AtlTVRMzJE/FeiwbLu e+8fsMB6gCnzqByolcNO21dQKSaQ+0npYl/ddsPEGKJ/RlMNfp0jZYhd9XqA77uoFOf0 oaTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1761732867; x=1762337667; h=cc:to:in-reply-to:references:message-id:content-transfer-encoding :mime-version:subject:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ybecEg8XSmPyGNbGUdiRiLjrjKy8eOWSZti6Ok9ANtM=; b=Z92ZHb6UujeYqRikyRds39TvuBfuNGUhiQ3ofapQkxWxY0eLNu81aqetTFQv7uraX2 NTLW1CqHBz40NHbBzHo1rgshB0J78xLR+kWCI1wZwAukUf/hFWqP+JOBmAwagGHUgwg+ jifXaewJ3YxLhhckDZPPgUVK1ZWAIhnN3uf4hAcZ1HNPTo5WLrqWAbRfZh+2kJDTKIV5 nIvpMDE7R1FbvZ4BQwQvwfjfeVvUmFlnxBxCu2TEkEiTLJEyRkwqz6k9mcom+Prj3Yut A1pYuUrx04EJhcFyGUtzndPfGOKD3yyGwFsfaokAAHqJkXBAyvl6PciGuJ35WuquA5// aKAw== X-Gm-Message-State: AOJu0Yw3qElAdp6VYeqfOWTEBc12OSPE2hjLnaYm2vy3L5l4ycmg1QV3 T6sIgtpfiHvO+dxmBOqMzFlBzohf0VJulCex4hP8gd9leEJ65NsUTSAWPsfF/w== X-Gm-Gg: ASbGnct+aH9O88gEuquJG9eSmP6t9oeRxmcnc3XnsMucdq9r6JEieZbNgpIzJZRkoXX xpmAHe+F9VdOrjVyB+lLUwpV9xbJ3htIWQCb4Di4rU6gjhWUZNCMr7lUxmfsGbddKF2jYleR49J F4DKtvuosuAgybN6R/hBHCYNvcpWrb23RP6xSM82vyD8EwoCmjuxBGBOEyK83YUrCKM04xsieHi H5dXjxV6Rws1x4vUixAcwtQRbIt/hKP7EWSvojyCCuMxGJyoochM59D/9G4lnaJVYLx/Dq3IKRK 63B1Md/7swKRCyzgpVkiK3P8rRwls6XQzvaCPceoIpyJ7YSw0//fMXgSBWjdglu5OqiIHFhLLNf c2SicxgwDpLqIdQjPY/qVQrl/sZwayguWFefNoaYqoSzCdO4zkBcD4j6GP8ptEGl708vVxWPs1n HfGWmEt99zkZjkfgYy4BUPOOaPHiMRKMjdw1qGTq7s2VOPerj/watQ2L/ETpOsyQV6q1JYWDIlB OHuJM+BXxhb+ODO8vSEedyD X-Google-Smtp-Source: AGHT+IEYIjyjrJuQxJTnCPY/wrU0vWYguQe+sSWFii/oXrKIebIVwEA+kCMpVKKPAhpiVRCuuKiNxw== X-Received: by 2002:a05:690e:429c:20b0:63e:1ca0:be6e with SMTP id 956f58d0204a3-63f76bfd917mr1695472d50.0.1761732866887; Wed, 29 Oct 2025 03:14:26 -0700 (PDT) Received: from localhost.localdomain (h96-60-249-169.cncrtn.broadband.dynamic.tds.net. [96.60.249.169]) by smtp.gmail.com with UTF8SMTPSA id 956f58d0204a3-63f4c442052sm4051284d50.16.2025.10.29.03.14.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Oct 2025 03:14:26 -0700 (PDT) From: Demi Marie Obenour Date: Wed, 29 Oct 2025 06:12:46 -0400 Subject: [PATCH 7/7] Support updates via systemd-sysupdate MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <20251029-updates-v1-7-401c1be2a11b@gmail.com> References: <20251029-updates-v1-0-401c1be2a11b@gmail.com> In-Reply-To: <20251029-updates-v1-0-401c1be2a11b@gmail.com> To: Spectrum OS Development X-Mailer: b4 0.14.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1761732759; l=22468; i=demiobenour@gmail.com; s=20250729; h=from:subject:message-id; bh=l0Mv9uvesATmozNKhf+9XRNSJtfdACcr+UHo4ZMiDKo=; b=FNWzC6TtTOxYNZ4dmMMWYAhtUUrVqfwul50hxKIzUixdx9EnEUxqEaOcwtUA5wffeTESKYL0o flFiypRTY7BBm2RNYAON4Gme/U+jE+dWBbyvVqcdZuax/z42vpFJI7D X-Developer-Key: i=demiobenour@gmail.com; a=ed25519; pk=X57Q4/YQDj9t4SBeKaDwvXYKB6quZJVx/DE2Ly2out0= Message-ID-Hash: TNTHTZE77VLO3VUUABO57PFTRSZAFWQS X-Message-ID-Hash: TNTHTZE77VLO3VUUABO57PFTRSZAFWQS X-MailFrom: demiobenour@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Demi Marie Obenour , Alyssa Ross X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Include a new 'update' command to update the system. This works as follows: 1. Take a global, system-wide lock. 2. Create a BTRFS subvolume for the sys.updates VM to write the updates. 3. Bind-mount this subvolume into the VM's shared directory. 4. Start sys.updates to get the updates. 5. Wait for the VM to shut down. 6. Take a BTRFS snapshot of the subvolume. 7. Call syncfs() to flush all of the data on the subvolume. 8. Inspect the contents of the subvolume. Check that everything is a regular file and that the names are reasonable. Check that SHA256SUMS and SHA256SUMS.gpg are present. 9. Call systemd-sysupdate to run the actual update. Signed-off-by: Demi Marie Obenour --- host/rootfs/Makefile | 8 ++- host/rootfs/default.nix | 17 ++++--- host/rootfs/file-list.mk | 5 ++ host/rootfs/image/etc/fstab | 1 + .../image/etc/sysupdate.d/50-verity.transfer | 21 ++++++++ host/rootfs/image/etc/sysupdate.d/60-root.transfer | 21 ++++++++ .../image/etc/sysupdate.d/70-kernel.transfer | 25 ++++++++++ host/rootfs/image/usr/bin/run-update | 54 ++++++++++++++++++++ host/rootfs/image/usr/bin/update | 56 +++++++++++++++++++++ host/rootfs/image/usr/bin/vm-start | 25 +++++++++- host/rootfs/os-release.in | 13 +++++ host/rootfs/os-release.in.license | 2 + host/rootfs/shell.nix | 2 +- update-signing-keys.gpg | 1 + update-signing-keys.gpg.license | 2 + update-url | 1 + update-url.license | 2 + vm/app/sysupdate.d/50-verity.transfer | 18 +++++++ vm/app/sysupdate.d/60-root.transfer | 18 +++++++ vm/app/sysupdate.d/70-kernel.transfer | 18 +++++++ vm/app/updates.nix | 57 ++++++++++++++++++++++ 21 files changed, 356 insertions(+), 11 deletions(-) diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile index 4712d9063e9f2e3c9b8b7b4fb2a7e54d119c6840..2faa1e46c1a3bbbdf31baf1e972d9b4ecb389ae5 100644 --- a/host/rootfs/Makefile +++ b/host/rootfs/Makefile @@ -10,6 +10,7 @@ include file-list.mk dest = build/rootfs.erofs DIRS = \ + boot \ dev \ etc/s6-linux-init/env \ etc/s6-linux-init/run-image/configs \ @@ -47,11 +48,13 @@ DIRS = \ FIFOS = etc/s6-linux-init/run-image/service/s6-svscan-log/fifo -BUILD_FILES = build/etc/s6-rc +BUILD_FILES = build/etc/s6-rc build/etc/os-release $(dest): ../../scripts/make-erofs.sh $(PACKAGES_FILE) $(FILES) $(BUILD_FILES) build/empty build/fifo file-list.mk + set -euo pipefail; \ { \ cat $(PACKAGES_FILE) ;\ + printf '%s\n%s\n' ../../update-signing-keys.gpg /etc/systemd/import-pubring.gpg; \ for file in $(FILES) $(LINKS); do printf '%s\n%s\n' $$file "$${file#image/}"; done ;\ for file in $(BUILD_FILES); do printf '%s\n%s\n' $$file $${file#build/}; done ;\ printf 'build/empty\n%s\n' $(DIRS) ;\ @@ -99,6 +102,9 @@ debug: $(VMLINUX) .PHONY: debug +build/etc/os-release: os-release.in build/etc + sed 's#@VERSION@#$(VERSION)#g' < os-release.in > $@ + run: build/live.img $(EXT_FS) build/rootfs.verity.roothash ../../lib/kcmdline-utils.mk @set -x && \ ext="$$(mktemp build/spectrum-rootfs-extfs.XXXXXXXXXX.img)" && \ diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix index cb39f0d77b6640198da3ab840a2c8ca7cc1c91a1..c412fe17f45bde79f1efa42cadb29cfd5fbc3991 100644 --- a/host/rootfs/default.nix +++ b/host/rootfs/default.nix @@ -8,10 +8,10 @@ import ../../lib/call-package.nix ( }: pkgsStatic.callPackage ( -{ busybox, cloud-hypervisor, cryptsetup, dbus, erofs-utils, execline -, inkscape, inotify-tools, iproute2, jq, lib, mdevd, nixos -, runCommand, s6, s6-linux-init, s6-rc, socat, spectrum-host-tools -, stdenvNoCC, util-linux, virtiofsd, writeClosure +{ btrfs-progs, bash, busybox, cloud-hypervisor, cryptsetup, dbus +, erofs-utils, execline, inkscape, inotify-tools, iproute2, jq, lib +, mdevd, nixos, runCommand, s6, s6-linux-init, s6-rc, socat +, spectrum-host-tools, stdenvNoCC, util-linux, virtiofsd, writeClosure , xdg-desktop-portal-spectrum-host, xorg }: let @@ -40,8 +40,8 @@ let no_pgo_foot = foot.override { allowPgo = false; }; packages = [ - cloud-hypervisor crosvm cryptsetup dbus execline inotify-tools - iproute2 jq mdevd s6 s6-linux-init s6-rc socat + btrfs-progs cloud-hypervisor crosvm cryptsetup dbus execline + inotify-tools iproute2 jq mdevd s6 s6-linux-init s6-rc socat spectrum-host-tools virtiofsd xdg-desktop-portal-spectrum-host (busybox.override { @@ -90,6 +90,7 @@ let appvm-firefox = callSpectrumPackage ../../vm/app/firefox.nix {}; appvm-foot = callSpectrumPackage ../../vm/app/foot.nix {}; appvm-gnome-text-editor = callSpectrumPackage ../../vm/app/gnome-text-editor.nix {}; + appvm-updates = callSpectrumPackage ../../vm/app/updates.nix {}; }; packagesSysroot = runCommand "packages-sysroot" { @@ -135,13 +136,15 @@ stdenvNoCC.mkDerivation { ../../lib/common.mk ../../lib/kcmdline-utils.mk ../../lib/verity.mk + ../../lib/kcmdline-utils.mk ../../scripts/make-erofs.sh ../../version + ../../update-signing-keys.gpg ]); }; sourceRoot = "source/host/rootfs"; - nativeBuildInputs = [ erofs-utils spectrum-build-tools s6-rc ]; + nativeBuildInputs = [ erofs-utils spectrum-build-tools s6-rc bash btrfs-progs ]; env = { PACKAGES = runCommand "packages" {} '' diff --git a/host/rootfs/file-list.mk b/host/rootfs/file-list.mk index 9acaa1d90bed674814775becf89c1c847d0ce3e3..905422ebda0f70ce32def788e0c093527af293fc 100644 --- a/host/rootfs/file-list.mk +++ b/host/rootfs/file-list.mk @@ -42,13 +42,18 @@ FILES = \ image/etc/s6-linux-init/run-image/service/xdg-desktop-portal-spectrum-host/template/notification-fd \ image/etc/s6-linux-init/run-image/service/xdg-desktop-portal-spectrum-host/template/run \ image/etc/s6-linux-init/scripts/rc.init \ + image/etc/sysupdate.d/50-verity.transfer \ + image/etc/sysupdate.d/60-root.transfer \ + image/etc/sysupdate.d/70-kernel.transfer \ image/etc/udev/rules.d/99-spectrum.rules \ image/etc/xdg/weston/autolaunch \ image/etc/xdg/weston/weston.ini \ image/usr/bin/assign-devices \ image/usr/bin/create-vm-dependencies \ image/usr/bin/run-appimage \ + image/usr/bin/run-update \ image/usr/bin/run-vmm \ + image/usr/bin/update \ image/usr/bin/vm-console \ image/usr/bin/vm-import \ image/usr/bin/vm-start \ diff --git a/host/rootfs/image/etc/fstab b/host/rootfs/image/etc/fstab index 6a82ecc85090a37b13603b29f74ca6e554a28c33..78cec99f29dda993ad97048771097121a0e42622 100644 --- a/host/rootfs/image/etc/fstab +++ b/host/rootfs/image/etc/fstab @@ -4,3 +4,4 @@ proc /proc proc defaults 0 0 devpts /dev/pts devpts defaults,gid=4,mode=620 0 0 tmpfs /dev/shm tmpfs defaults 0 0 sysfs /sys sysfs defaults 0 0 +tmpfs /tmp tmpfs defaults,mode=0700 0 0 diff --git a/host/rootfs/image/etc/sysupdate.d/50-verity.transfer b/host/rootfs/image/etc/sysupdate.d/50-verity.transfer new file mode 100644 index 0000000000000000000000000000000000000000..07a698f3956e19f9f55efff52db51128c16a5b56 --- /dev/null +++ b/host/rootfs/image/etc/sysupdate.d/50-verity.transfer @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +# Uses example code from systemd man pages which is under MIT-0 +# (no attribution required). +[Transfer] +ProtectVersion=%A +Verify=yes + +[Source] +Type=url-file +Path=file:///run/updater +MatchPattern=Spectrum_OS_@v.verity + +[Target] +Type=partition +Path=auto +MatchPattern=Spectrum_OS_@v.verity +MatchPartitionType=root-verity +PartitionFlags=0 +ReadOnly=1 diff --git a/host/rootfs/image/etc/sysupdate.d/60-root.transfer b/host/rootfs/image/etc/sysupdate.d/60-root.transfer new file mode 100644 index 0000000000000000000000000000000000000000..ebc102d1d7f4341565cd452f1bd89ffe9640b361 --- /dev/null +++ b/host/rootfs/image/etc/sysupdate.d/60-root.transfer @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +# Uses example code from systemd man pages which is under MIT-0 +# (no attribution required). +[Transfer] +ProtectVersion=%A +Verify=yes + +[Source] +Type=url-file +Path=file:///run/updater +MatchPattern=Spectrum_OS_@v.root + +[Target] +Type=partition +Path=auto +MatchPattern=Spectrum_OS_@v +MatchPartitionType=root +PartitionFlags=0 +ReadOnly=1 diff --git a/host/rootfs/image/etc/sysupdate.d/70-kernel.transfer b/host/rootfs/image/etc/sysupdate.d/70-kernel.transfer new file mode 100644 index 0000000000000000000000000000000000000000..6f75dfb04abf5ae911be3ae95318685321a86f5f --- /dev/null +++ b/host/rootfs/image/etc/sysupdate.d/70-kernel.transfer @@ -0,0 +1,25 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +# Uses example code from systemd man pages which is under MIT-0 +# (no attribution required). +[Transfer] +ProtectVersion=%A +Verify=yes + +[Source] +Type=url-file +Path=file:///run/updater +MatchPattern=Spectrum_OS_@v.efi + +[Target] +Type=regular-file +Path=/EFI/Linux +PathRelativeTo=boot +MatchPattern=Spectrum_OS_@v+@l-@d.efi \ + Spectrum_OS_@v+@l.efi \ + Spectrum_OS_@v.efi +Mode=0644 +TriesLeft=3 +TriesDone=0 +InstancesLeft=2 diff --git a/host/rootfs/image/usr/bin/run-update b/host/rootfs/image/usr/bin/run-update new file mode 100644 index 0000000000000000000000000000000000000000..c1938df01189c26f6c7ffd4c0010fabdc5fb3405 --- /dev/null +++ b/host/rootfs/image/usr/bin/run-update @@ -0,0 +1,54 @@ +#!/bin/execlineb -S1 +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2024 Alyssa Ross + +backtick -E dir { mktemp -d /run/vm/by-id/XXXXXX } +backtick -E id { basename -- $dir } + +if { mkdir -p /run/configs/${id}/fs } +if { redirfd -w 1 /run/configs/${id}/fs/type echo appimage } +if { touch /run/configs/${id}/fs/run } +if { mount --rbind $1 /run/configs/${id}/fs/run } +if { + ln -s /usr/lib/spectrum/img/appvm/blk /usr/lib/spectrum/img/appvm/vmlinux + /run/configs/${id} +} + +if { ln -s /run/configs/${id} ${dir}/config } + +if { create-vm-dependencies $id } + +piperw 4 3 +background { + fdclose 3 + fdmove 0 4 + + # Wait for the VMM to be up, then start the VM. + if { redirfd -w 1 /dev/null head -1 } + vm-start $id +} +fdclose 4 + +foreground { run-vmm $id } +fdclose 3 + +if { + forx -pE service { + dbus + vhost-user-fs + vhost-user-gpu + xdg-desktop-portal-spectrum-host + } + s6-instance-delete /run/service/${service} $id +} + +if { + forx -E mount { + /run/configs/${id}/fs/run + ${dir}/fs/config + ${dir}/fs/doc + } + umount $mount +} + +rm -r $dir /run/configs/${id} diff --git a/host/rootfs/image/usr/bin/update b/host/rootfs/image/usr/bin/update new file mode 100755 index 0000000000000000000000000000000000000000..8e147929cecbef5873cd02c946adf1355da444c6 --- /dev/null +++ b/host/rootfs/image/usr/bin/update @@ -0,0 +1,56 @@ +#!/bin/execlineb -WS1 +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +# Steps: +# +# 1. Take a global, system-wide lock. +# 2. Create a BTRFS subvolume for the sys.updates VM to write the updates. +# 3. Bind-mount this subvolume into the VM's shared directory. +# 4. Start sys.updates to get the updates. +# 5. Wait for the VM to shut down. +# 6. Take a BTRFS snapshot of the subvolume. +# 7. Call syncfs() to flush all of the data on the subvolume. +# 8. Inspect the contents of the subvolume. +# Check that everything is a regular file and that the names are reasonable. +# Check that SHA256SUMS and SHA256SUMS.gpg are present. +# 9. Call systemd-sysupdate to run the actual update. + +if { mkdir -p -m 0700 /run/updater } +if { + case $1 { + /[0-9A-Za-z._/-]+ { true } + } + foreground { fdmove -c 1 2 echo 'Update directory path has forbidden characters or is not absolute' } + exit 1 +} +execline-cd $1 +s6-setlock /run/update-lock +foreground { + # This might fail with a "File exists" error, but that is fine. + foreground { redirfd -w 2 /dev/null btrfs subvolume create -- shared } + if { umask 0022 mkdir -p shared/etc/systemd shared/update-destination } + # TODO: use a safe copy program that is not vulnerable to symlink attacks. + # This should be okay as the directory has not been shared yet, but better + # safe than sorry. Also nosymfollow should be a mitigation, but still, + # better safe than sorry. + if { cp /etc/systemd/import-pubring.gpg shared/etc/systemd } + if { + if { + backtick -E update_vm_id { + backtick -E id_path { readlink /run/vm/by-name/sys.appvm-updates } + basename -- $id_path + } + vm-start $update_vm_id shared + } + if { btrfs subvolume snapshot -- shared private } + if { sync -- private } + if { updates-dir-check private/update-destination } + unshare --mount + if { mount --bind -o ro -- private/update-destination /run/updater } + /usr/lib/systemd/systemd-sysupdate update + } +} +importas -i sysupdate_exit_status "?" +foreground { btrfs subvolume delete -- shared private } +exit $sysupdate_exit_status diff --git a/host/rootfs/image/usr/bin/vm-start b/host/rootfs/image/usr/bin/vm-start index 67480e5215d8a8260ce3f03c67f71ba8f210c291..8ae8d94203345c4f3e8b6e46de0d139fda6c11d6 100755 --- a/host/rootfs/image/usr/bin/vm-start +++ b/host/rootfs/image/usr/bin/vm-start @@ -1,6 +1,24 @@ -#!/bin/execlineb -S1 +#!/bin/execlineb -Ws0 # SPDX-License-Identifier: EUPL-1.2+ # SPDX-FileCopyrightText: 2022-2023, 2025 Alyssa Ross +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +if { + case "${#}" { + 1 { true } + 2 { + multisubstitute { + define sourcedir ${2} + define fsdir /run/vm/by-id/${1}/fs/user + } + if { mkdir -p ${fsdir} } + foreground { redirfd -w 2 /dev/null umount ${fsdir} } + mount --bind -- ${sourcedir} ${fsdir} + } + } + foreground { fdmove -c 1 2 echo "Bad number of arguments ${#} (expected 1 or 3)" } + exit 100 +} foreground { s6-rc -bu change vm-env } @@ -20,4 +38,7 @@ foreground { redirfd -w 2 /dev/null s6-svwait -U /run/service/vmm/instance/${1} } -ch-remote --api-socket /run/vm/by-id/${1}/vmm boot +if { ch-remote --api-socket /run/vm/by-id/${1}/vmm boot } +case "${#}" { + 2 { s6-svwait -D /run/service/vmm/instance/${1} } +} diff --git a/host/rootfs/os-release.in b/host/rootfs/os-release.in new file mode 100644 index 0000000000000000000000000000000000000000..8a167a39366dedc6ff9024efdb98383ec84618ec --- /dev/null +++ b/host/rootfs/os-release.in @@ -0,0 +1,13 @@ +NAME="Spectrum OS" +ID="spectrum" +PRETTY_NAME="Spectrum OS @VERSION@" +VERSION=@VERSION@ +VERSION_ID=@VERSION@ +IMAGE_ID=spectrum_os_@VERSION@ +IMAGE_VERSION=@VERSION@ +RELEASE_TYPE=development +HOME_URL="https://www.spectrum-os.org" +BUG_REPORT_URL="mailto:discuss@spectrum-os.org" +ANSI_COLOR="1;34" +VENDOR_NAME="Spectrum" +VENDOR_URL="https://www.spectrum-os.org" diff --git a/host/rootfs/os-release.in.license b/host/rootfs/os-release.in.license new file mode 100644 index 0000000000000000000000000000000000000000..c4a0586a407fe14c3e0855749a7524ac3871dda4 --- /dev/null +++ b/host/rootfs/os-release.in.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2025 Demi Marie Obenour diff --git a/host/rootfs/shell.nix b/host/rootfs/shell.nix index bd234e90ee19bdfa6591d29c518cb0dc393b01c8..b5ed566062da03944567dd610c88e1a58523e303 100644 --- a/host/rootfs/shell.nix +++ b/host/rootfs/shell.nix @@ -3,7 +3,7 @@ # SPDX-FileCopyrightText: 2022 Unikie import ../../lib/call-package.nix ( -{ callSpectrumPackage, rootfs, pkgsStatic, srcOnly, stdenv +{ callSpectrumPackage, rootfs, srcOnly, stdenv , btrfs-progs, cryptsetup, jq, netcat, qemu_kvm, reuse, util-linux }: diff --git a/update-signing-keys.gpg b/update-signing-keys.gpg new file mode 100644 index 0000000000000000000000000000000000000000..b4c15467614ee15deef02af05f4c6554a1f7a013 --- /dev/null +++ b/update-signing-keys.gpg @@ -0,0 +1 @@ +NOT A VALID KEY - UPDATES WILL NOT WORK diff --git a/update-signing-keys.gpg.license b/update-signing-keys.gpg.license new file mode 100644 index 0000000000000000000000000000000000000000..c4a0586a407fe14c3e0855749a7524ac3871dda4 --- /dev/null +++ b/update-signing-keys.gpg.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2025 Demi Marie Obenour diff --git a/update-url b/update-url new file mode 100644 index 0000000000000000000000000000000000000000..a5b28fe9b3bbeb5e823c9e17c4765a074a83b350 --- /dev/null +++ b/update-url @@ -0,0 +1 @@ +https://your-spectrum-os-update-server.invalid/download-directory/ diff --git a/update-url.license b/update-url.license new file mode 100644 index 0000000000000000000000000000000000000000..c4a0586a407fe14c3e0855749a7524ac3871dda4 --- /dev/null +++ b/update-url.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2025 Demi Marie Obenour diff --git a/vm/app/sysupdate.d/50-verity.transfer b/vm/app/sysupdate.d/50-verity.transfer new file mode 100644 index 0000000000000000000000000000000000000000..e437860426b8a651ca20ee7bddff1a9b3cf39507 --- /dev/null +++ b/vm/app/sysupdate.d/50-verity.transfer @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +# Uses example code from systemd man pages which is under MIT-0 +# (no attribution required). +[Transfer] +Verify=yes + +[Source] +Type=url-file +Path=@UPDATE_URL@ +MatchPattern=Spectrum_OS_@v.verity + +[Target] +Type=regular-file +Path=/run/virtiofs/virtiofs0/user/update-destination +MatchPattern=Spectrum_OS_@v.verity +Mode=0644 diff --git a/vm/app/sysupdate.d/60-root.transfer b/vm/app/sysupdate.d/60-root.transfer new file mode 100644 index 0000000000000000000000000000000000000000..84ab4cd693342bb1118aa9525c797080c5b356dc --- /dev/null +++ b/vm/app/sysupdate.d/60-root.transfer @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +# Uses example code from systemd man pages which is under MIT-0 +# (no attribution required). +[Transfer] +Verify=yes + +[Source] +Type=url-file +Path=@UPDATE_URL@ +MatchPattern=Spectrum_OS_@v.root + +[Target] +Type=regular-file +Path=/run/virtiofs/virtiofs0/user/update-destination +MatchPattern=Spectrum_OS_@v.root +Mode=0644 diff --git a/vm/app/sysupdate.d/70-kernel.transfer b/vm/app/sysupdate.d/70-kernel.transfer new file mode 100644 index 0000000000000000000000000000000000000000..931944ac68483d864600748e469de9cd4829ff4a --- /dev/null +++ b/vm/app/sysupdate.d/70-kernel.transfer @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2025 Demi Marie Obenour + +# Uses example code from systemd man pages which is under MIT-0 +# (no attribution required). +[Transfer] +Verify=yes + +[Source] +Type=url-file +Path=@UPDATE_URL@ +MatchPattern=Spectrum_OS_@v.efi + +[Target] +Type=regular-file +Path=/run/virtiofs/virtiofs0/user/update-destination +MatchPattern=Spectrum_OS_@v.efi +Mode=0644 diff --git a/vm/app/updates.nix b/vm/app/updates.nix new file mode 100644 index 0000000000000000000000000000000000000000..30beca30e578b5c869eaedf2fd7e8913bf616a0c --- /dev/null +++ b/vm/app/updates.nix @@ -0,0 +1,57 @@ +# SPDX-License-Identifier: MIT +# SPDX-FileCopyrightText: 2023 Alyssa Ross + +import ../../lib/call-package.nix ( +{ callSpectrumPackage, lib, pkgsMusl, pkgsStatic, src, writeScript, systemd }: + +pkgsMusl.callPackage ( +{ stdenvNoCC, curl }: + +pkgsStatic.callPackage ( +{ execline, runCommand }: + +let + raw_update_url = builtins.readFile ../../update-url; + update-url = + if builtins.match "^https?://([[:alnum:]:./?=~-]|%[[:xdigit:]]{2})+/\n$" raw_update_url == null then + builtins.abort "Bad update URL" + else + builtins.substring 0 (builtins.stringLength raw_update_url - 1) raw_update_url; + sysupdate-d = stdenvNoCC.mkDerivation { + name = "spectrum-systemd-transfer-files"; + src = ./.; + installPhase = + '' + mkdir -- "$out" + ( + cd -- "$src" && + for i in sysupdate.d/*.transfer; do + s=''${i#sysupdate.d/} && + sed 's,@UPDATE_URL@,${update-url},g' < "$i" > "$out/$s" || exit + done + printf %s\\n '${update-url}' > "$out/update-url" + ) || exit + ''; + }; + l = lib.escapeShellArgs; + mountpoint = "/run/virtiofs/virtiofs0/user"; + sysupdate-path = "${systemd}/lib/systemd/systemd-sysupdate"; + runner = writeScript "update-run-script" ( + "#!/bin/sh --\n" + + builtins.concatStringsSep " && \\\n" [ + (l ["mount" "-toverlay" "-olowerdir=${mountpoint}/etc:/etc" "--" "overlay" "/etc"]) + (l [sysupdate-path "--definitions=${sysupdate-d}" "update"]) + (l ["${curl}/bin/curl" "-L" "--proto" "=http,https" + "-o" "${mountpoint}/update-destination/SHA256SUMS.gpg" + "--" "${update-url}SHA256SUMS.gpg"]) + (l ["${curl}/bin/curl" "-L" "--proto" "=http,https" + "-o" "${mountpoint}/update-destination/SHA256SUMS" + "--" "${update-url}/SHA256SUMS"]) + ]); +in + +callSpectrumPackage ../make-vm.nix {} { + providers.net = [ "sys.netvm" ]; + type = "nix"; + run = "${runner}"; +}) {}) {}) (_: {}) -- 2.51.2