| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using Weston was always intended to be temporary — it's not designed
to be a full-featured desktop compositor, and the choice of Weston in
Spectrum was partially made to make it obvious that the compositor
would likely be swapped out later.
COSMIC is aligned with Spectrum in that it's written in a memory-safe
language, and upstream is open to adding customisation points to allow
for things we might want to do differently in Spectrum, like have
custom window decorations.
The reason to make the change now is that otherwise we'd have to fix a
bug in Weston that manifests when running Krita under X11 via
wayland-proxy-virtwl[1], and it makes more sense to invest that effort
in switching compositor, now that COSMIC is at a point where it's
feasible to switch to.
[1]: https://gitlab.freedesktop.org/wayland/weston/-/issues/775
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As we move towards graphical applications, the intuitive way for
things to work is to have application VMs terminate when the
application exits. Once the terminal-based applications are gone (or
at least not the main focus), we can repurpose the console device to
be an interactive shell, so debugging is still possible.
This requires actually implementing an orderly shutdown in the VM.
Prior to now, there's just been poweroff -f.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Now that VMMs and vhost-user devices are started immediately, we don't
need the complexity of s6-rc for them any more. VMMs still depend on
the vhost-user sockets, but since those will be available almost
immediately, it's fine to just wait for them in ext-rc-init.
Since we're now using pure s6, we can use s6 instanced services for
these, which cuts down a lot on how much work ext-rc-init's up script
has to do directly, and provides some nice namespacing.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
Using a character that is not allowed in VM names to separate the VM
name from the filesystem name means that there can't be conflicts
between different VM/filesystem combinations.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
| |
This restriction was in place because we needed to be able to refer to
VM directories on the cloud-hypervisor command line, where commas have
special meaning. Now that we're instead using the JSON API for VM
configuration, there's no need for the restriction.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before this change, the s6 services for cloud-hypervisor and virtiofsd
were only started when a VM was started, and vm-stop would bring the
service down. The problem with this was that if a VM powered itself
off, instead of being stopped on the host using vm-stop, the VM would
instantly be restarted by s6.
To fix this, we disentangle keeping cloud-hypervisor running from
keeping the VM running. cloud-hypervisor will now always be running,
so s6 will never restart it in normal operation, but it won't be
running a VM until it's told to. Accomplishing this means having
start-vmm (renamed from start-vm to reflect its new purpose) configure
the VM in cloud-hypervisor without booting it, which is only possible
using the API, not the command line. As a result, start-vm now
depends on miniserde so that it can construct the VM config JSON
object required by the API.
The build of start-vm has been adjusted to accomodate the complexity
stemming from the new dependencies. Tests are moved into passthru,
because the start-vm used in Spectrum should have panic=abort, but
tests need panic=unwind, and we can't use both in the same Meson
instance without duplicating the non-native dependencies.
We can't use s6-rc dependencies to automatically boot provider VMs in
this setup, so vm-start has been modified to recurse into provider VMs.
lsvm has been updated to check the Cloud Hypervisor API to see whether
a VM is running, rather than just checking to see whether the s6
service is up.
Because cloud-hypervisor is now to be started as early as possible, we
need to make the dependencies of ext-rc-init more precise, so that
cloud-hypervisor does not attempt to start before /dev/kvm or
/dev/net/tun is available.
We're not using Meson's support for Cargo subprojects yet, because it
currently always builds crates with all features enabled.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
| |
Having a symlink in the service directory was a nice idea, but since
it has to be different for every service, it's not compatible with
templated services, and would prevent us switching to them. The only
thing that varies between instances of templated services is the name,
so we have to introduce a mapping of VM name to config directory.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
This will allow adding other services that are not specific to any
particular VM (e.g. multi-VM bundles) without risking conflicts with
user-provided VM names.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
There has never been a message sent to this list, because I consider
the announcement list to be for communicating actionable things to
potential users, and we haven't had any of those yet.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
There was a lot of fluff here that got in the way of actually finding
the information people are coming to this page to find.
"You are strongly encouraged to mirror them." is probably confusing to
people who don't know what mirroring this, so rephrase this to make it
clearer that this isn't something people need to worry about in that
case.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bots have been nonconsensually creating mailman-web accounts for
people to flood them with spam. Aside from using reCAPTCHA (ugh) or
modifying mailman-web, the only thing I can really do to prevent this
is to disable unauthenticated web subscriptions, and the creation of
mailman-web accounts, which I have now done. Ideally, it would be
possible to configure it so that creating mailman-web accounts is only
allowed for email addresses that have already subscribed to the list
by sending an email, but that's not currently the case.
This makes Postorius useless to people who don't already have an
account. Hyperkitty is still useful, but people without existing
accounts won't be able to use it to post to the lists, and the UI
still shows Sign In and Sign Up links, which is pretty confusing when
signups are disabled. It doesn't really offer anything that
public-inbox doesn't any more.
As a result of these changes, I'm removing all references to
mailman-web from the documentation.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
| |
This allows testing Wayland forwarding with the VM running in QEMU.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a manual update to the last commit in Nixpkgs that doesn't
have Meson 1.3.0, which introduces a bug that breaks the Spectrum
build[1], for which upstream have not yet accepted a patch.
We can patch it ourselves if it's still not fixed by the time we need
another update, but for now, we don't need anything more recent than
this, so I'll give it a bit more time to get fixed.
[1]: https://github.com/mesonbuild/meson/issues/12585
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
| |
This was already mostly the case, but now it will be consistent.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
| |
Fixes: 009a036 ("release/checks/start-vm.nix: init")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
"vhost_user" seems to be the only prefix used for vhost-user-specific
changes in the vhost crate, so let's stick with that. It doesn't make
sense to keep the crosvm-specific prefix from the original commits.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
| |
Currently, all Rust code in Spectrum is the 2018 edition. If we ever
end up using multiple editions, we'll have to do something more
complicated here.
Fixes: 6c0c956 ("nix/checks.nix: add rustfmt check")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
| |
At long last, changing one file somewhere won't cause every Spectrum
component to be rebuilt unnecessarily.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
| |
This avoids the need to configure the cache size by getting it from
the backend.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
| |
Fixes: 5ad4b02 ("Documentation: Architecture Decision Record")
Fixes: 6dfedf9 ("Documentation: copy-edit and integrate ADRs")
Fixes: 5a83707 ("host/start-vm: use OnceLock")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
| |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
This will make it possible later to specify which directories actually
need to be present to build a component, so changing a single file
somewhere won't force rebuilds of every Spectrum component.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
| |
Fixes: 2757209 ("vm/sys/net: create TAPs for testing in namespace")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
This should have been increased when the main memory size was
increased.
Fixes: d637382 ("Increase VM memory size")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
| |
Fixes: 715033d ("lib/nixpkgs.default.nix: update")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
| |
New major version version.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
crosvm renumbered VHOST_USER_PROTOCOL_F_SHARED_MEMORY_REGIONS to avoid
conflicts with actually standardised protocol features, so we need to
renumber the version in cloud hypervisor to match.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
| |
Sometimes the application running inside the crosvm VM can commit
between wc exiting and the VM being stopped. If this happens,
there'll be an extra byte in the fifo, which will interfere with the
second test. To fix this, recreate the fifo to ensure it's empty at
the start of the Cloud Hypervisor test.
Fixes: 5a5f892 ("release/checks/wayland: also test cloud-hypervisor")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
| |
cloud-hypervisor has changed back to the old CLI syntax again.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
128M was not enough to even get to init on aarch64. We can probably
optimise the kernel at some point, but I think that's something to do
once things are further along.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
This makes it possible to test basic start-vm functionality in a
simulated environment withouth having to start a whole Spectrum
system.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
| |
A VM that just powers itself off once it's successfully booted is very
useful for testing, especially automated testing.
I don't think there's any reason to actually install this on the
rootfs / user data partition at the moment.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This didn't originally go to a file, because I still had to use the
serial console interactively for debugging sometimes. Now that things
have settled a bit and the serial console is write-only, having serial
go to a pty is just needlessly inconvenient.
I've updated the crosvm target to put its logs in the same place, so
the path to serial logs only has to be learned once.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
| |
This allows for some more testing of VMs that require networking.
There still won't be internet access, but having the device at least
be present allows for testing that the applications start up once
waiting for the network times out.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
| |
This removes the need to do anything as root to make run with
VMM=cloud-hypervisor or VMM=crosvm.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5f556f806a70f3787fe725254ccf3d245bd5bebc.
This turns out to not really be workable on aarch64 at the moment,
without giving things up — both crosvm and Cloud Hypervisor inject
earlycon parameters onto the command line, which overrides the
built-in command line. We could use CONFIG_CMDLINE_FORCE, but then we
wouldn't know which serial console to use, because crosvm and Cloud
Hypervisor both use different ones.
There's discussion about making it possible to have the bootloader
command line append to the built-in command line, but it's moving
extremely slowly, so we can't count on it any time soon.
Link: https://lore.kernel.org/lkml/20231110013817.2378507-1-danielwa@cisco.com/
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
| |
Fixes: 2950ca4 ("scripts/update-nixpkgs.sh: use upstream Nixpkgs")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
| |
In static builds, all build inputs are moved to propagated build
inputs, so we need to inherit those as well.
Fixes: 323e2bb ("pkgs: move cloud-hypervisor patch into Spectrum")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
| |
Updating to nixos-unstable seems like the most sensible default, but
it can be overridden because sometimes we want to update to other
branches, for example if they contain a fix for a problem in
nixos-unstable.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
| |
This puts us on an upstream Nixpkgs commit!
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Previously, this lived in our custom Nixpkgs tree. Since it would be
nice to move away from having one of those, we need to bring this into
Spectrum directly.
This goes in an overlay because if some package in Nixpkgs uses
Cloud Hypervisor, there's no point ending up with two Cloud Hypervisor
builds in our build closure, one patched and one not.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|
| |
|
|
|
|
|
| |
By moving this call under our control, we can insert our own default
Nixpkgs arguments, for example overlays, or maybe crossSystem.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
|