Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update XDG handlers to use GIVC instead of SSH #941

Merged
merged 1 commit into from
Feb 14, 2025
Merged

Update XDG handlers to use GIVC instead of SSH #941

merged 1 commit into from
Feb 14, 2025

Conversation

nesteroff
Copy link
Contributor

@nesteroff nesteroff commented Dec 20, 2024
edited
Loading

Description of changes

This updates XDG handlers to use GIVC and virtiofs storage instead of SSH and SCP.

For file sharing, this approach uses a shared XDG folder with the following structure: /shared/xdg/mime/appvm. Within the XDG folder there is a separate folder for each MIME type. These folders are passed to the VMs that can handle those types as virtiofs devices. Currently, zathura-vm is used for handling both PDFs and images. Inside each MIME type folder there are subfolders for each appvm. These subfolders are passed to their respective appvms. This way appvms can share files with zathura-vm by simply copying them into they folder.

For example, chrome-vm has the /share/xdg/pdf/chrome-vm folder mounted as /run/xdg/pdf in the guest, but it can’t access the entire mime folder or other appvms files because only /share/xdg/pdf/chrome-vm is passed as virtiofs device. However, zathura-vm has access to the entire MIME folder, which includes subfolders for all appvms.

The advantage of this approach is that files are shared through simple copying with no network data transfers and appvms cannot access files from other appvms since they are isolated at the virtiofs device level.

Checklist for things done

  • Summary of the proposed changes in the PR description
  • More detailed description in the commit message(s)
  • Commits are squashed into relevant entities - avoid a lot of minimal dev time commits in the PR
  • Contribution guidelines followed
  • Ghaf documentation updated with the commit - https://tiiuae.github.io/ghaf/
  • PR linked to architecture documentation and requirement(s) (ticket id)
  • Test procedure described (or includes tests). Select one or more:
    • Tested on Lenovo X1 x86_64
    • Tested on Jetson Orin NX or AGX aarch64
    • Tested on Polarfire riscv64
  • Author has run make-checks and it passes
  • All automatic Github Action checks pass - see actions
  • Author has added reviewers and removed PR draft status
  • Change requires full re-installation
  • Change can be updated with nixos-rebuild ... switch

Instructions for Testing

  • List all targets that this applies to:
    Lenovo X1
  • Is this a new feature
    This doesn't introduce new functionality. It just changes the way XDG handlers work to remove SSH dependency.
  • List the test steps to verify:
    On the Lenovo X1, open PDF and image files (JPG, PNG) either from a USB drive or those downloaded from Chrome. It should still work as expected. Compared to the previous implementation files may open more quickly but this difference is unlikely to be noticeable.

@nesteroff nesteroff temporarily deployed to internal-build-workflow December 20, 2024 10:21 — with GitHub Actions Inactive
@nesteroff nesteroff temporarily deployed to internal-build-workflow December 20, 2024 12:53 — with GitHub Actions Inactive
@nesteroff nesteroff temporarily deployed to internal-build-workflow December 20, 2024 13:39 — with GitHub Actions Inactive
@nesteroff nesteroff temporarily deployed to internal-build-workflow January 16, 2025 15:13 — with GitHub Actions Inactive
@nesteroff nesteroff temporarily deployed to internal-build-workflow February 6, 2025 15:39 — with GitHub Actions Inactive
@nesteroff nesteroff temporarily deployed to internal-build-workflow February 6, 2025 15:41 — with GitHub Actions Inactive
@nesteroff nesteroff temporarily deployed to internal-build-workflow February 7, 2025 15:31 — with GitHub Actions Inactive
@milva-unikie
Copy link

The failure in the pre-merge-pipeline Lenovo-X1 tests was likely due to a loose robot finger. No further action is needed for this PR because of that.

@nesteroff nesteroff marked this pull request as ready for review February 10, 2025 11:54
@nesteroff nesteroff added the Needs Testing CI Team to pre-verify label Feb 10, 2025
@milva-unikie
Copy link

Tested on Lenovo-X1 (first nixos-rebuild switch, then confirmed same result with new build)

X1 does not boot properly, gets stuck at boot logs. Host, net-vm and a few other vm:s are responding normally.

[ghaf@ghaf-host:~]$ microvm -l
admin-vm: current(nixos-system-admin-vm-25.05pre-git)
audio-vm: current(nixos-system-audio-vm-25.05pre-git)
business-vm: current(nixos-system-business-vm-25.05pre-git), not booted: systemctl start [email protected]
chrome-vm: current(nixos-system-chrome-vm-25.05pre-git), not booted: systemctl start [email protected]
comms-vm: current(nixos-system-comms-vm-25.05pre-git), not booted: systemctl start [email protected]
gala-vm: current(nixos-system-gala-vm-25.05pre-git)
gui-vm: current(nixos-system-gui-vm-25.05pre-git), not booted: systemctl start [email protected]
net-vm: current(nixos-system-net-vm-25.05pre-git)
zathura-vm: current(nixos-system-zathura-vm-25.05pre-git), not booted: systemctl start [email protected]

@milva-unikie milva-unikie added bug on Lenovo X1 Carbon Issues found on Lenovo X1 Carbon while checking this PR and removed Needs Testing CI Team to pre-verify labels Feb 10, 2025
@mbssrc
Copy link
Collaborator

mbssrc commented Feb 11, 2025
edited
Loading

Tested on Lenovo-X1 (first nixos-rebuild switch, then confirmed same result with new build)

X1 does not boot properly, gets stuck at boot logs. Host, net-vm and a few other vm:s are responding normally.

This may be caused by host shared folders missing

@nesteroff
Copy link
Contributor Author

This may be caused by host shared folders missing

Exactly. In previous versions of microvm.nix, there was 'mkdir -p "$SOURCE"' in the microvm-virtiofsd service but after the latest bump, it no longer creates the source folder. I didn't notice this because I use nixos-rebuild switch all the time. I suppose I can just add all the folders to microvm-host.nix.

@nesteroff nesteroff temporarily deployed to internal-build-workflow February 13, 2025 14:00 — with GitHub Actions Inactive
@nesteroff
Copy link
Contributor Author

Tested on Lenovo-X1 (first nixos-rebuild switch, then confirmed same result with new build)

X1 does not boot properly, gets stuck at boot logs. Host, net-vm and a few other vm:s are responding normally.

Thanks for testing. I've made an update to create shared directories on the host with correct permissions which should fix the issue.

@nesteroff nesteroff added the Needs Testing CI Team to pre-verify label Feb 13, 2025
@nesteroff nesteroff temporarily deployed to internal-build-workflow February 13, 2025 15:28 — with GitHub Actions Inactive
@milva-unikie
Copy link

Tested on Lenovo-X1 (nixos-rebuild switch)

  • PDF, JPG and PNG files can be opened
  • Test-automation passes
  • Fails in pre-merge-pipeline are not related to this PR

@milva-unikie milva-unikie added Tested on Lenovo X1 Carbon This PR has been tested on Lenovo X1 Carbon and removed Needs Testing CI Team to pre-verify bug on Lenovo X1 Carbon Issues found on Lenovo X1 Carbon while checking this PR labels Feb 14, 2025
@brianmcgillion brianmcgillion merged commit 680ac48 into tiiuae:main Feb 14, 2025
22 of 23 checks passed
@nesteroff nesteroff deleted the xdgnossh branch February 14, 2025 12:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gngram gngram gngram requested changes

@brianmcgillion brianmcgillion brianmcgillion approved these changes

Assignees
No one assigned
Labels
Tested on Lenovo X1 Carbon This PR has been tested on Lenovo X1 Carbon
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@nesteroff @milva-unikie @mbssrc @brianmcgillion @gngram