From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on atuin X-Spam-Level: X-Spam-Status: No, score=-1.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.3 Received: by atuin.qyliss.net (Postfix, from userid 496) id 3FCEB1CC9A; Sun, 24 May 2020 23:17:12 +0000 (UTC) Received: from [127.0.1.1] (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id CC60E1CBBD; Sun, 24 May 2020 23:16:53 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id 0E9D91CC52; Sun, 24 May 2020 23:16:51 +0000 (UTC) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) by atuin.qyliss.net (Postfix) with ESMTPS id 2658D1CC50; Sun, 24 May 2020 23:16:47 +0000 (UTC) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id DA45B5C005D; Sun, 24 May 2020 19:16:45 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 24 May 2020 19:16:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h= from:to:subject:date:message-id:mime-version:content-type; s= fm3; bh=23IQ6RRBHVi0ZdcHlBgGPi27zzIgEz13gVlwLL9Xsz8=; b=zgNcPX5k mx9keHOwh4JNFj9L32dv21n2a7ueFkwa01IFxTi5ENANj7hISxLr4d4OcgNVeXtq sJ3e6yNDjVORXMu7yDfA6g0N0GVZVcxIDcqAB8qY/OXapKCAwrdi3ew2hncxibD7 Kar6FbMWeBPEn7tpz4qLwmqku84CWchbVb/ETYy0CtFRu1E0bfdlO53aHyUU1ZyL +votP7i5mkLYWlyAGo2wH3y2oILgNfQm1vvEqq9r7n3pneKh3/3fw0kM2bcHk/bp gzgn2NLf14sgSxw/Og4cmf2aXQcckQfSiIHp9wrwDhFNjiZI4LVwDgvS/qaSCpIU IkFDdbT9+dPKTg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=23IQ6RRBHVi0ZdcHlBgGPi27zzIgE z13gVlwLL9Xsz8=; b=WYxh0iKMaISs9Ln4cyEllTigG2z0plN56qSrq922//F4h SiBGvWT5HK47NwZ6khhydjL4qY3u3DSTiJgNLq5VtPsIxQVRFfG9HNWXZkjPGo6D FMyfDa7opwmxRfnaFm0e86zbsr3sH1ZcwqKvAwJlHdXH3FtqVRLR6LbJMxEozr8K YfzWE4KRIXsLp+V5CscFp97QueTlxDyt2VKtc24w+5VZaAAOFC4S6zBgbcgf0oNF ZXlsR9wL4K1mKoi95c6KdxTJmkODO8yZ7y01qX3OfZHxltLSHosN6z9a8Ozuu+rg 7OxhMNSn1FBk4wguLejq7GxYMkjOgio393Rj443vg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudduledgudelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkgggtsehgtderredttd dtnecuhfhrohhmpeetlhihshhsrgcutfhoshhsuceohhhisegrlhihshhsrgdrihhsqeen ucggtffrrghtthgvrhhnpeeluefhiedtueejffeugfeikeetieehtdehvdetfeffhefffe evudeljeeiieeggfenucffohhmrghinhepshhpvggtthhruhhmqdhoshdrohhrghenucfk phepgeeirdektddrudeffedrvddtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg hmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrihhs X-ME-Proxy: Received: from x220.qyliss.net (p2e508514.dip0.t-ipconnect.de [46.80.133.20]) by mail.messagingengine.com (Postfix) with ESMTPA id 421623066529; Sun, 24 May 2020 19:16:45 -0400 (EDT) Received: by x220.qyliss.net (Postfix, from userid 1000) id D485E457; Sun, 24 May 2020 23:16:43 +0000 (UTC) From: Alyssa Ross To: discuss@spectrum-os.org, devel@spectrum-os.org Subject: This Week in Spectrum, 2020-W21 Date: Sun, 24 May 2020 23:16:41 +0000 Message-ID: <87pnasudnq.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Message-ID-Hash: VMFJKXMAM4J3UTSIQRQFEEH5COBOFFHR X-Message-ID-Hash: VMFJKXMAM4J3UTSIQRQFEEH5COBOFFHR X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.3.0 Precedence: list List-Id: General high-level discussion about Spectrum Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable A week of results! Infrastructure =2D------------- Fixed a misconfigured spam filter that allowed an obvious spam message through to devel@. Oops. crosvm =2D----- Integrated the memfd server[1] on the interguest branch. It's now all sandboxed, and optionally enabled with a command line argument to crosvm run. Not all that much to say here, but it's what took me most of the week! Getting the sandbox working was a bit weird. When I tried to get it to log seccomp failures, it seemed to just disable the sandbox. I had to track them down with strace instead. Annoying. But the sandbox does work in normal operation. I still haven't limited how much memory can be requested this way. I think implementing that would be relatively straightforward for another contributor, so I think I'll add it to the ideas list[2] and see if a patch is forthcoming. Otherwise I'll do it myself. [1]: https://spectrum-os.org/git/crosvm/commit/?h=3Dinterguest [2]: https://spectrum-os.org/todo.html wlroots =2D------ I took my standalone virtio_wl test program, and integrated it into wlroots' allocate_shm_file function. This has the result that, when running under Sommelier, this patched wlroots will request shared memory from the host, rather than allocating it itself. Porting from the standalone test program was nice, because it meant that this all just worked, first try! (Once I got it to compile under Nixpkgs' or wlroots' strict compiler errors, at least.) This will allow that memory to be sent between VMs! I haven't pushed the patch yet because I haven't integrated it into Spectrum's Nixpkgs yet. I plan to do that next week. I'm starting to think about moving the stuff specific to Spectrum VMs into an overlay, but I need to think a bit about how to structure that.=20 Nixpkgs =2D------ There's no sign of the expected Chromium OS release so far, so I backported[3] support for multiple virtio_wl sockets from a more recent Chromium OS kernel to the one in Spectrum's Nixpkgs. We need this to be able to dedicate a named socket to the memfd server. [3]: https://spectrum-os.org/git/nixpkgs/commit/?id=3Df24d310275909265de32c= bc831d5832cbccc68ee It's been another week where I've been very focused on one task. I'm quite excited about the direction this is all going. It's looking like we'll be able to do almost everything inside VMs, which means it might be possible to have a host kernel that does almost nothing apart from KVM and PCI passthrough?? This would mean we'd end up with a tiny Linux a little bit (but not all that much) like a microkernel, with most hardware interaction and all user programs running in VMs. Cool stuff! It's not clear to me yet the exact extent to which this is achievable, but it's a nice vision to keep in mind. It might also make it easier for us to transition to a true microkernel at some point in the future. I'm hoping that I'll hit an NLnet milestone related to this stuff fairly soon. Until I do, I'm now living on the money I've received in the past six months through GitHub Sponsors. Thank you so much to everyone who is helping to make it possible for me to spend this time on the fundamentals so we have a good foundation to build Spectrum on. <3 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEH9wgcxqlHM/ARR3h+dvtSFmyccAFAl7LAFkACgkQ+dvtSFmy ccDmOxAApH2Ixcv59nRxfju4JrWd7Vu3GEDLX/wgkKq1EnkJm6oy01rjW2HhF4dt jjRdfqkmkIvQq9fakR8lt1u8Y5Q9wrrMD9Sgo/2LYrEnKV1+ixxwcxYeTzpK/l6K DdIYZDVonl0IZkI6glQgMTJ1PgmEClGwYzT2W6QB4snU68jDoa0uuOwuyH2KBjwb WXNe35i1/Bq3R6xZMG583KbAxgwNqGXJed9VnTlkFDmOzwap4igvmVE7QmLAii9Y 9ABU7UypMhjWllqpbbcV8h1ejwVAyqMzXb50+S50Y+3UjOZgPGKOpxlj8FRivKq9 PSW8wZDmrmTOSvPoIWKA0KZX8EPHJbEoCNEGXM8S7EIRTWIrM13Hf/c+b1A/ij08 ezC+TDDtHOUWcwpz4/gBUJ7U4/TjTia3eQ35YvXvnGYp3qUtS3k77ioFG6bnyLqH T5/vJdJpNsiav0ejb5LGNEqh/AD7o/xxo310Sid2L/9rm+GL3iWT+o2dMwEDDe9o z2jRdqsQM5XctDaXZWvhnz0c0jMgpQ0x9TsXoftIDCLXMDtdEUjgjAAK2IlZ4FVD r3XOVlJCfbq3xTxTPCmeknKY9z9mt/7h4jNuT77kM1CaswKvOi6novwASLkY3uIn 7M9DHojFU0+UK1/2te8ct2lpuHYzi2JpuoZ1IH2jHAe7Sfqkpag= =KhVF -----END PGP SIGNATURE----- --=-=-=--