From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on atuin X-Spam-Level: X-Spam-Status: No, score=-1.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=ham autolearn_force=no version=3.4.3 Received: from [127.0.1.1] (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 9EFE8134E0; Sun, 17 May 2020 21:57:06 +0000 (UTC) Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) by atuin.qyliss.net (Postfix) with ESMTPS id E5EE0134CF; Sun, 17 May 2020 21:57:03 +0000 (UTC) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 6986A5D75; Sun, 17 May 2020 17:57:01 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 17 May 2020 17:57:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h= from:to:subject:date:message-id:mime-version:content-type; s= fm3; bh=+VdYZoloOdzr5BKT8WGbCZ4eJJcWI0VDAAkd/pHS88A=; b=GS4jTOB8 CAGMFQFKwIfjiD6fqfXRSZqq1Dm3QskfoOWtRiPNmV8f2k3HLZL26L0VAYZR7r6F bFeodnRm9wXUg14tRGHpKcXRTNtnPyC9EYvXfoxOunfOfJ/MLjpOHzvW2GXXYreZ mKYMRRGQtjjhm4t9FFJpZXJM8UZZv9HgnBz/0ZhzfgWqZhucosnXV8YuhhRnQf/a yneuvhU+495UyR9dwutYr/7/vqufPF+AEicgi8MdXoQohYVyGU4zGc01QU+i8ipI QYDHK8KutMX4kai54/W0oGUNjsd/MnSr6yz5VDhLFe1LIi3tVHSXfnkTTTakKDgs LjXmXQYnH9mbLw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=+VdYZoloOdzr5BKT8WGbCZ4eJJcWI 0VDAAkd/pHS88A=; b=MXs/tBgmSJhKPCeDbv8fJ8O6WNVEhbOSw1qackuuxObpw LFKQ8rkK0O3eCwe8jZJuNvJYxHvAYCQSTsvK42jaMh2e8KAE4IGappFNzLDmNsl3 bR57/Qmz/Bltio5voakIIBtIx/WaNdIjnWqcf19cBnH6PV7NeLpsQNPuOSIXZjuG 1XTA1uohq05l7HQ6ZsVTWn+Nas/EUCFk3xrWGr7IoPsTM7QPaUQYvgNH3mO9tTCJ cv/LZstZXUjuGyOD6YSjitF6ehn1+69hUBxzp6GdsHkihKTHSd/4mQr6d3q7Fcw5 Wo8Uappf8sO3GTggEhzhpJlW3xkNR+IEXqH3z9ShA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedruddtgedgtddvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkgggtsehgtderredttd dtnecuhfhrohhmpeetlhihshhsrgcutfhoshhsuceohhhisegrlhihshhsrgdrihhsqeen ucggtffrrghtthgvrhhnpeefjedtheegueefteefudfghefhtefffeetheelveevvdduhf ffleevudeigfekteenucffohhmrghinhepshhpvggtthhruhhmqdhoshdrohhrghdplhif nhdrnhgvthenucfkphepgeeirdektddrudeffedrvddtnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrihhs X-ME-Proxy: Received: from x220.qyliss.net (p2e508514.dip0.t-ipconnect.de [46.80.133.20]) by mail.messagingengine.com (Postfix) with ESMTPA id 2E34230663D2; Sun, 17 May 2020 17:57:00 -0400 (EDT) Received: by x220.qyliss.net (Postfix, from userid 1000) id 1481E549; Sun, 17 May 2020 21:56:58 +0000 (UTC) From: Alyssa Ross To: discuss@spectrum-os.org, devel@spectrum-os.org Subject: This Week in Spectrum, 2020-W20 Date: Sun, 17 May 2020 21:56:53 +0000 Message-ID: <87eerigr8a.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Message-ID-Hash: KMSKZZA6HCZLIQIJVIJBZYT2YZRDIMY4 X-Message-ID-Hash: KMSKZZA6HCZLIQIJVIJBZYT2YZRDIMY4 X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.3.0 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain It feels like things are finally starting to come together. Infrastructure -------------- Server memory upgraded. We should now be able to handle more than one person cloning Spectrum's nixpkgs repo at once! Documentation ------------- I added a much requested page[1] to the website with a few tasks a potential contributor might want to look into. More to come here, too! [1]: https://spectrum-os.org/todo.html virtio_wl --------- I wrote a simple guest C program that connected to a host socket over virtio_wl, and sent some messages back and forth. In doing this, I've ended up with a nice set of generic functions for interacting with virtio_wl -- virtio_wl_connect(), virtio_wl_send(), etc. This is nice, because it allows me to treat virtio_wl inside a guest much like a regular socket (albeit one that can only be interacted with using a custom set of functions). Otherwise, I'd have to do ioctl operations every time (which seems to be what the various virtio_wl-using Chromium OS components do). Having a simple test program (rather than integrating directly into wlroots) gives me a more simple environment with which to test the other end of this connection. crosvm ------ I implemented a little Rust server that listens on a Unix stream socket. When it receives a message (consisting of an identifier {for debug purposes} and a size), it will allocate a memfd of the requested size, and then send that back to the socket, along with a status byte indicating success or failure. I then integrated this program into crosvm, so it is started as part of the VM initialization, and exposed over virtio_wl as an additional socket. Integrating this into crosvm required some careful thought, because there's no precedent in crosvm for a virtio_wl server of this sort. It has almost nothing with the existing concept in crosvm of a "device", which is something that communicates with a guest kernel driver over PCI. So Spectrum's crosvm now has the concept of "servers". I can see us wanting to provide other VM services over virtio_wl in the future. It allows us to exchange various resources between host and guest (or between guests) without having to write a kernel driver specific to each task. This all now works well enough that my program inside the VM can request a chunk of memory, and receive back something that looks a bit like a memfd, that can then be sent back to the host over a virtio_wl socket. It was great to see this working the first time! One thing crosvm devices do that I would also like to apply to this type of server is sandboxing. The sandboxing mechanism used in crosvm is pretty generic (it's really just a thin wrapper around Minijail[2]), so it should be straightforward to reuse. I just have to understand a bit better how to use it. The other crosvm change I still need to make is to put this functionality behind a command line flag. Most VMs should not be able to give themselves extra memory this way -- really only the Wayland compositor should be using it. I should also impose some upper bound on how much memory is allowed to be allocated this way. Such a limit will probably get harder to add (from a testing point of view) the longer I wait. [2]: https://lwn.net/Articles/700557/ So, at lot of very focused progress this week. From here I plan to finish up the crosvm stuff, and then integrate this protocol into wlroots. Then, not too long from now, we'll finally be able to move the Wayland compositor into its own VM, separate from applications. Exciting! There will also probably be a Chromium OS release next week, which will require some updates in Spectrum. If all goes well, I won't actually be the one doing that this time. ;) --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEH9wgcxqlHM/ARR3h+dvtSFmyccAFAl7BsyUACgkQ+dvtSFmy ccCWZg//WXsT09OgZjW7r5eSGHYQOw6GYdLyxdX+kV0zeLZXmVLPPDs0oM9VIkFA 5VeJ92Nx8eSfOyHGd4eVb8Z6WLALGChmfp7bpY9PiNonBe3KL7jrExwcoc9qw0Vu 92m2sb3TOAra78EhH0pb97kcxPFDx058IDOhtuUxiyo0oPPNM6NFkjyXvL4SKjDY tmrSgUC/UmaMw4+KzFHQIX3to6c9/TCTKgGSHf50QsPPXQKPIqwC339jLp+euOzm nFdDybBpBt1fzkRB0tbwY0GIwIiGuuOvuIgwxGODGTDbL2ze/QlZbNefXIYf1A1/ ZIsRPsia1qbB7Zy0BL9v15aeOPhVJJ9f2cmw4Q4TabaVSjaRYBxLph/FBwl7x7/x JNsQk9mr+ryaXiXmITflNW0rdBjnNN8cOT2djfYcBsRMP6G+Jb/4xBFxh7mcdsU0 BgQkn0MfhJezHTtQpQlVv65q1fb6Gat15V+8StkFiwYdCx2QRWFvskra2nZ9u9iD 2xCH664yFa2uzfrVrSxKc26FjRYk5ng+FD9nFWlAtt+hnuGEHsN0YSQP79U/iTiM sC0vvxaGymRts2y41Ii7DqTTvAqMhlW4GK3HOZFxOT/K2cJdQBsabWEueHzq57PO SvyoNna0XCpQwMkB2HxPpZ9bcuggBDUJjBVmATYIrknN6XMobZE= =Zp+z -----END PGP SIGNATURE----- --=-=-=--