From de98f237580cde5f825dafdb4a6b44de0cbe9fd9 Mon Sep 17 00:00:00 2001 From: Emery Hemingway Date: Thu, 4 Mar 2021 15:02:39 +0100 Subject: [PATCH] nixos: replace store_rom with rom_eris --- flake.nix | 18 +++ nixos-modules/base-hw-pc.nix | 2 +- nixos-modules/base-hw-virt_qemu.nix | 2 +- nixos-modules/default.nix | 1 + nixos-modules/eris/cached_fs_rom.dhall | 26 ++++ nixos-modules/eris/default.nix | 1 + nixos-modules/eris/rom-fs.nix | 65 +++++++++ nixos-modules/eris/rom-memory.nix | 36 +++++ nixos-modules/eris/rom-vfs.dhall | 24 ++++ nixos-modules/genode-core.nix | 181 +++++-------------------- nixos-modules/nova.nix | 2 +- nixos-modules/store-wrapper.dhall | 73 +--------- packages/genodelabs/depot-targets.nix | 1 + tests/lib/build-vms.nix | 1 + 14 files changed, 208 insertions(+), 225 deletions(-) create mode 100644 nixos-modules/eris/cached_fs_rom.dhall create mode 100644 nixos-modules/eris/default.nix create mode 100644 nixos-modules/eris/rom-fs.nix create mode 100644 nixos-modules/eris/rom-memory.nix create mode 100644 nixos-modules/eris/rom-vfs.dhall diff --git a/flake.nix b/flake.nix index a1f2421..55d383a 100644 --- a/flake.nix +++ b/flake.nix @@ -83,6 +83,24 @@ }) erisInfo); in assert length caps == 1; head caps; + getEris' = output: pkg: file: + # A variant of the getEris function with file selection. + with builtins; + let + pkg' = prev.getOutput output pkg; + path' = "${pkg'}/${output}/${file}"; + erisInfo = + fromJSON (readFile "${pkg'}/nix-support/eris-manifest.json"); + caps = filter ({ path, ... }: path == path') + (prev.attrsets.mapAttrsToList (path: + { cap, closure }: { + path = "${pkg'}${ + substring (stringLength pkg') (stringLength path') path' + }"; # hack to build a string with context + inherit cap closure; + }) erisInfo); + in assert length caps == 1; head caps; + nixosSystem = # A derivative of the function for generating Linux NixOS systems. # This one is not so well tested… diff --git a/nixos-modules/base-hw-pc.nix b/nixos-modules/base-hw-pc.nix index c66589c..b27f651 100644 --- a/nixos-modules/base-hw-pc.nix +++ b/nixos-modules/base-hw-pc.nix @@ -20,7 +20,7 @@ in { image = utils.hwImage "0xffffffc000000000" "0x00200000" pkgs.genodePackages.base-hw-pc config.system.name { } - config.genode.boot.configFile; + config.system.build.configFile; }; diff --git a/nixos-modules/base-hw-virt_qemu.nix b/nixos-modules/base-hw-virt_qemu.nix index c11b859..379df20 100644 --- a/nixos-modules/base-hw-virt_qemu.nix +++ b/nixos-modules/base-hw-virt_qemu.nix @@ -20,7 +20,7 @@ in { image = utils.hwImage "0xffffffc000000000" "0x40000000" pkgs.genodePackages.base-hw-virt_qemu config.system.name { } - config.genode.boot.configFile; + config.system.build.configFile; }; diff --git a/nixos-modules/default.nix b/nixos-modules/default.nix index f6062a5..5ec69fb 100644 --- a/nixos-modules/default.nix +++ b/nixos-modules/default.nix @@ -4,6 +4,7 @@ x86_64 = { imports = [ + ./eris ./file-systems.nix ./genode-core.nix ./genode-init.nix diff --git a/nixos-modules/eris/cached_fs_rom.dhall b/nixos-modules/eris/cached_fs_rom.dhall new file mode 100644 index 0000000..d2fe4b3 --- /dev/null +++ b/nixos-modules/eris/cached_fs_rom.dhall @@ -0,0 +1,26 @@ +let Genode = env:DHALL_GENODE + +let Init = Genode.Init + +let Child = Init.Child + +in λ(binary : Text) → + Child.flat + Child.Attributes::{ + , binary + , resources = Genode.Init.Resources::{ + , caps = 256 + , ram = Genode.units.MiB 32 + } + , config = Init.Config::{ + , policies = + [ Init.Config.Policy::{ + , service = "ROM" + , label = + Init.LabelSelector.Type.Partial + { prefix = Some "nixos -> ", suffix = None Text } + , attributes = toMap { directory = "/eris" } + } + ] + } + } diff --git a/nixos-modules/eris/default.nix b/nixos-modules/eris/default.nix new file mode 100644 index 0000000..d384fc4 --- /dev/null +++ b/nixos-modules/eris/default.nix @@ -0,0 +1 @@ +{ imports = [ ./rom-fs.nix ./rom-memory.nix ]; } diff --git a/nixos-modules/eris/rom-fs.nix b/nixos-modules/eris/rom-fs.nix new file mode 100644 index 0000000..9e0228e --- /dev/null +++ b/nixos-modules/eris/rom-fs.nix @@ -0,0 +1,65 @@ +{ config, pkgs, lib, ... }: + +{ + config = lib.mkIf (config.genode.boot.storeBackend == "fs") { + + genode.core.children.part_block = { + package = pkgs.genodePackages.part_block; + configFile = pkgs.writeText "part_block.dhall" '' + let Genode = env:DHALL_GENODE + + let Init = Genode.Init + + in λ(binary : Text) -> Init.Child.flat + Init.Child.Attributes::{ + , binary + , resources = Init.Resources::{ ram = Genode.units.MiB 8 } + , config = Init.Config::{ + , attributes = toMap { ignore_mbr = "yes" } + , policies = + [ Init.Config.Policy::{ + , service = "Block" + , label = Init.LabelSelector.prefix "eris_vfs" + , attributes = toMap + { partition = "${ + toString config.fileSystems."/".block.partition + }" + , writeable = "yes" + , TODO = "select by partition UUID" + } + } + ] + } + } + ''; + }; + + genode.core.children.eris_vfs = let + vfsRump = lib.getEris' "lib" pkgs.genodePackages.rump "vfs_rump.lib.so"; + in { + package = pkgs.genodePackages.vfs; + extraErisInputs = [ vfsRump ]; + configFile = pkgs.writeText "rom-vfs.dhall" '' + let Genode = env:DHALL_GENODE + + let VFS = Genode.VFS + + in ${./rom-vfs.dhall} + Genode.Init.Resources::{ caps = 256, ram = Genode.units.MiB 16 } + ( VFS.vfs + [ VFS.leafAttrs + "plugin" + (toMap { load = "${vfsRump.cap}", fs = "ext2fs", ram = "12M" }) + ] + ) + ''; + }; + + genode.core.children.eris_rom = { + package = pkgs.genodePackages.cached_fs_rom; + configFile = ./cached_fs_rom.dhall; + }; + + }; + +} diff --git a/nixos-modules/eris/rom-memory.nix b/nixos-modules/eris/rom-memory.nix new file mode 100644 index 0000000..6388869 --- /dev/null +++ b/nixos-modules/eris/rom-memory.nix @@ -0,0 +1,36 @@ +{ config, pkgs, lib, ... }: + +{ + + config = lib.mkIf (config.genode.boot.storeBackend == "memory") { + + genode.core.children.eris_vfs = { + package = pkgs.genodePackages.vfs; + configFile = pkgs.writeText "rom-vfs.dhall" '' + let Genode = env:DHALL_GENODE + + let VFS = Genode.VFS + + in ${./rom-vfs.dhall} + Genode.Init.Resources::{=} + ( VFS.vfs + [ VFS.leafAttrs + "tar" + ( toMap + { name = + "${config.system.build.tarball}/tarball/${config.system.build.tarball.fileName}.tar" + } + ) + ] + ) + ''; + }; + + genode.core.children.eris_rom = { + package = pkgs.genodePackages.cached_fs_rom; + configFile = ./cached_fs_rom.dhall; + }; + + }; + +} diff --git a/nixos-modules/eris/rom-vfs.dhall b/nixos-modules/eris/rom-vfs.dhall new file mode 100644 index 0000000..d11978b --- /dev/null +++ b/nixos-modules/eris/rom-vfs.dhall @@ -0,0 +1,24 @@ +let Genode = env:DHALL_GENODE + +let Init = Genode.Init + +let Child = Init.Child + +in λ(resources : Init.Resources.Type) → + λ(vfsConfig : Genode.Prelude.XML.Type) → + λ(binary : Text) → + Child.flat + Child.Attributes::{ + , binary + , resources + , config = Init.Config::{ + , content = [ vfsConfig ] + , policies = + [ Init.Config.Policy::{ + , service = "File_system" + , label = Init.LabelSelector.prefix "eris_rom" + , attributes = toMap { root = "/" } + } + ] + } + } diff --git a/nixos-modules/genode-core.nix b/nixos-modules/genode-core.nix index 869e2ca..11e6306 100644 --- a/nixos-modules/genode-core.nix +++ b/nixos-modules/genode-core.nix @@ -4,10 +4,10 @@ with lib; let localPackages = pkgs.buildPackages; - children' = config.lib.children.freeze config.genode.init.children; + children' = config.lib.children.freeze config.genode.core.children; coreErisCaps = with builtins; - let pkgNames = [ "cached_fs_rom" "jitter_sponge" "rtc_drv" ]; + let pkgNames = [ "rtc_drv" ]; in listToAttrs (map (name: let pkg = pkgs.genodePackages.${name}; in { @@ -18,21 +18,12 @@ let tarball = "${config.system.build.tarball}/tarball/${config.system.build.tarball.fileName}.tar"; - /* romDirectories = filterAttrs (_: value: value != null) (mapAttrs (name: value: - if value.extraInputs == [ ] then - null - else - pkgs.symlinkJoin { - name = "${name}-rom"; - paths = value.extraInputs; - }) config.genode.init.children); - */ - bootConfigFile = let storeBackendInputs = { - fs = [ pkgs.genodePackages.rump ]; + fs = [ ]; memory = [ config.system.build.tarball ]; + net = [ ]; }.${config.genode.boot.storeBackend}; coreInputs = with builtins; @@ -50,7 +41,8 @@ let }", mapValue = ${input.manifest} }'' else abort "${input.pname} does not have a manifest"; - in (foldl' f "[" inputs) + "]"; + in (foldl' f "([" inputs) + + "] : List { mapKey : Text, mapValue : List { mapKey : Text, mapValue : Text } }) "; addManifest = drv: drv // { @@ -113,11 +105,7 @@ let let XML = Genode.Prelude.XML in ${./store-wrapper.dhall} - { binaries = { - , cached_fs_rom = "${cached_fs_rom.cap}" - , jitter_sponge = "${jitter_sponge.cap}" - , rtc_drv = "${rtc_drv.cap}" - } + { binaries = { rtc_drv = "${rtc_drv.cap}" } , extraCoreChildren = ${extraCoreChildren} , subinit = ${config.genode.init.configFile} , storeSize = $(stat --format '%s' ${tarball}) @@ -202,7 +190,7 @@ in { type = types.enum [ "fs" "memory" ]; # "parent"? default = "memory"; description = '' - Backend for the initial /nix/store file-system. + Backend for the initial ROM store. @@ -257,138 +245,30 @@ in { "report_rom" = "${pkgs.genodePackages.report_rom}/bin/report_rom"; }; - genode.core.children = - # Component to steer the main fs to a specific partition - (if config.genode.boot.storeBackend != "memory" then { - part_block = { - package = pkgs.genodePackages.part_block; - configFile = pkgs.writeText "part_block.dhall" '' - let Genode = env:DHALL_GENODE + genode.core.children.jitter_sponge = { + package = pkgs.genodePackages.jitter_sponge; + configFile = pkgs.writeText "jitter_sponge.dhall" '' + let Genode = env:DHALL_GENODE - let Init = Genode.Init + let Init = Genode.Init - in λ(binary : Text) -> Init.Child.flat - Init.Child.Attributes::{ - , binary - , resources = Init.Resources::{ ram = Genode.units.MiB 8 } - , config = Init.Config::{ - , attributes = toMap { ignore_mbr = "yes" } - , policies = - [ Init.Config.Policy::{ - , service = "Block" - , label = Init.LabelSelector.prefix "fs" - , attributes = toMap - { partition = "${ - toString config.fileSystems."/".block.partition - }" - , writeable = "yes" - , TODO = "select by partition UUID" - } - } - ] - } - } - ''; - }; - } else - { }) // { - fs = { - package = pkgs.genodePackages.vfs; - extraErisInputs = - lib.optional (config.genode.boot.storeBackend == "memory") - pkg.genodePackages.rump; - configFile = let - vfsConfig = if config.genode.boot.storeBackend == "memory" then '' - VFS.vfs - [ VFS.leafAttrs - "tar" - (toMap { name = "${tarball}" }) - ] - '' else - let - rumpExt2 = '' - VFS.vfs - [ VFS.leafAttrs - "plugin" - ( toMap - { load = "${pkgs.genodePackages.rump}/lib/vfs_rump.lib.so" - , fs = "ext2fs" - , ram = "12M" - } - ) - ] - ''; - in { - ahci = rumpExt2; - usb = rumpExt2; - }.${config.fileSystems."/".block.driver}; - - storeResources = let - rumpExt2 = - "Init.Resources::{ caps = 256, ram = Genode.units.MiB 16 }"; - in { - fs = rumpExt2; - memory = "Init.Resources.default"; - }.${config.genode.boot.storeBackend}; - - persistencePolicies = lib.mapAttrsToList (name: _: '' - , Init.Config.Policy::{ - , service = "File_system" - , label = Genode.Init.LabelSelector.prefix - "nixos -> ${name}" - , attributes = toMap { root = "/services", writeable = "yes" } - } - '') (filterAttrs (_: child: child.fsPersistence) - config.genode.init.children); - - fsPolicies = map (name: '' - , Init.Config.Policy::{ - , service = "File_system" - , label = - Init.LabelSelector.Type.Partial - { prefix = Some "nixos -> ${name}", suffix = Some "nix-store" } - , attributes = toMap { root = "/nix/store", writeable = "no" } - } - '') (builtins.attrNames config.genode.init.children); - - in pkgs.writeText "fs.dhall" '' - let Genode = env:DHALL_GENODE - - let Init = Genode.Init - - let VFS = Genode.VFS - - let persistencePolicies = [ ${ - toString persistencePolicies - } ] : List Init.Config.Policy.Type - - let fsPolicies = [ ${ - toString fsPolicies - } ] : List Init.Config.Policy.Type - - in λ(binary : Text) -> Init.Child.flat - Init.Child.Attributes::{ - , binary - , resources = ${storeResources} - , provides = [ "File_system" ] - , config = Init.Config::{ - , content = [ ${vfsConfig} ] - , policies = - [ Init.Config.Policy::{ - , service = "File_system" - , label = Init.LabelSelector.prefix "store_rom" - , attributes = toMap { root = "/" } - } - ] # persistencePolicies # fsPolicies + in λ(binary : Text) → + Init.Child.flat + Init.Child.Attributes::{ + , binary + , config = Init.Config::{ + , policies = + [ Init.Config.Policy::{ + , service = "Terminal" + , label = Init.LabelSelector.suffix "entropy" } - } - ''; - }; - }; + ] + } + } + ''; + }; - # genode.boot.storePaths = builtins.attrValues romDirectories; - - genode.boot.configFile = bootConfigFile; + system.build.configFile = bootConfigFile; # Create the tarball of the store to live in core ROM system.build.tarball = @@ -421,15 +301,16 @@ in { bootDriveImage = import ./lib/make-bootable-image.nix { inherit config pkgs espImage storeFsImage; }; - in lib.mkIf (config.genode.boot.storeBackend != "memory") bootDriveImage; + in lib.mkIf (config.genode.boot.storeBackend == "fs") bootDriveImage; - virtualisation.useBootLoader = config.genode.boot.storeBackend != "memory"; + virtualisation.useBootLoader = config.genode.boot.storeBackend == "fs"; virtualisation.qemu.options = let blockCommon = [ "-bios ${pkgs.buildPackages.buildPackages.OVMF.fd}/FV/OVMF.fd" ]; in { fs = blockCommon; + net = [ ]; memory = [ ]; }.${config.genode.boot.storeBackend}; diff --git a/nixos-modules/nova.nix b/nixos-modules/nova.nix index f39ea22..c44d098 100644 --- a/nixos-modules/nova.nix +++ b/nixos-modules/nova.nix @@ -25,7 +25,7 @@ in { }; genode.boot.image = - utils.novaImage config.system.name { } config.genode.boot.configFile; + utils.novaImage config.system.name { } config.system.build.configFile; genode.boot.romModules = { "ld.lib.so" = "${pkgs.genodePackages.base-nova}/lib/ld.lib.so"; diff --git a/nixos-modules/store-wrapper.dhall b/nixos-modules/store-wrapper.dhall index a912a1e..884ed07 100644 --- a/nixos-modules/store-wrapper.dhall +++ b/nixos-modules/store-wrapper.dhall @@ -13,8 +13,7 @@ let ChildMapType = TextMapType Child.Type let Manifest/Type = TextMapType (TextMapType Text) in λ ( params - : { binaries : - { cached_fs_rom : Text, jitter_sponge : Text, rtc_drv : Text } + : { binaries : { rtc_drv : Text } , extraCoreChildren : ChildMapType , subinit : Init.Type , storeSize : Natural @@ -59,76 +58,6 @@ in λ ( params } } ) - , child - "jitter_sponge" - ( Child.flat - Child.Attributes::{ - , binary = params.binaries.jitter_sponge - , config = Init.Config::{ - , policies = - [ Init.Config.Policy::{ - , service = "Terminal" - , label = Init.LabelSelector.suffix "entropy" - } - ] - } - } - ) - , child - "store_rom" - ( Child.flat - Child.Attributes::{ - , binary = params.binaries.cached_fs_rom - , resources = Init.Resources::{ - , ram = params.storeSize + Genode.units.MiB 1 - } - , config = Init.Config::{ - , defaultPolicy = Some Init.Config.DefaultPolicy::{ - , attributes = toMap { directory = "/eris" } - } - , policies = - let directStoreROMs = - Prelude.List.map - Text - Init.Config.Policy.Type - ( λ(childName : Text) → - Init.Config.Policy::{ - , service = "ROM" - , label = - Init.LabelSelector.Type.Partial - { prefix = Some - "nixos -> ${childName} -> /nix/store/" - , suffix = None Text - } - , attributes = toMap - { directory = "/" } - } - ) - ( Prelude.Map.keys - Text - Init.Child.Type - params.subinit.children - ) - - in [ Init.Config.Policy::{ - , service = "ROM" - , label = - Init.LabelSelector.prefix - "nixos -> /nix/store" - } - , Init.Config.Policy::{ - , attributes = toMap - { directory = "/eris" } - , label = - Init.LabelSelector.prefix - "nixos -> " - , service = "ROM" - } - ] - # directStoreROMs - } - } - ) ] # params.extraCoreChildren # [ child diff --git a/packages/genodelabs/depot-targets.nix b/packages/genodelabs/depot-targets.nix index 8cdacbc..6a17e04 100644 --- a/packages/genodelabs/depot-targets.nix +++ b/packages/genodelabs/depot-targets.nix @@ -200,6 +200,7 @@ in { rump = { portInputs = with ports; [ dde_rump ]; buildInputs = with buildPackages; [ zlib ]; + patches = [ ./patches/rump-libs.patch ]; }; sandbox = { }; sanitizer = { }; diff --git a/tests/lib/build-vms.nix b/tests/lib/build-vms.nix index 92a2510..56d0bb6 100644 --- a/tests/lib/build-vms.nix +++ b/tests/lib/build-vms.nix @@ -27,6 +27,7 @@ rec { inherit lib system; modules = configurations ++ extraConfigurations; baseModules = (import "${modulesPath}/module-list.nix") ++ [ + ../../nixos-modules/eris ../../nixos-modules/file-systems.nix ../../nixos-modules/genode-core.nix ../../nixos-modules/genode-init.nix