On Sat, Mar 4, 2023 at 5:51 PM Neal Gompa <ngompa13@xxxxxxxxx> wrote: > On Sat, Mar 4, 2023 at 12:41 PM David Michael <fedora.dm0@xxxxxxxxx> wrote: > > Hi, > > > > Firecracker[0] is a minimal virtual machine manager (a la QEMU) > > written in Rust that uses KVM to start Linux VMs extremely quickly and > > securely. It is used by AWS Lambda and Fargate among other things to > > make VM startup time comparable to containers. I've built it for > > Fedora x86_64 and shared it in a Copr repository[1] which includes > > some example commands for starting VMs. > > > > Making it build for Fedora required changes across a few components, > > so I'm writing to ask if this is acceptable for inclusion in Fedora. > > The Copr specs are all dumped in a Git repository[2] for readability. > > Changes include: > > > > - The musl package adds /usr paths for compatibility with the > > compiler --sysroot option. > > As the musl package maintainer, I don't particularly want Fedora > packages depending on it unless they absolutely have to. I originally > maintained it in Copr, but brought it into Fedora for the Enarx folks. > I still maintain that generally you don't want to use this unless you > *really* know what you're doing and can deal with the consequences of > using an alternative libc. It sounds like there are enough issues with musl in Fedora that glibc will have to be used. > That said, the changes you make are not currently compatible with the > packaging guidelines. Can't you just use --prefix /usr/<target> > instead? It was for using --sysroot directly on gcc calls. > > - The rust compiler adds musl target subpackages. > > This will require discussion with the Fedora Rust SIG. > > > - The kernel must set CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y to be > > usable as a guest. > > This will require talking to the kernel maintainers to add the flag. Okay, I'll ask about getting this applied even if Firecracker is not included in Fedora. It still might be useful to use for a quick guest kernel, and the option is just to support a command-line parameter[0], so it shouldn't be disruptive. [0] https://github.com/torvalds/linux/blob/v6.2/Documentation/admin-guide/kernel-parameters.txt#L6697 > > - About two dozen Rust crates must be added to Fedora (but a handful > > are just new versions of existing packages). > > - Unrelated, but in the Copr repo anyway: The musl package is fixed > > to allow multilib installs, and Rust includes both 32- and 64-bit > > targets. > > > > I used upstream-preferred settings when adding things, but they may be > > in conflict with Fedora guidelines. Here are some concerns: > > > > - Firecracker can be built with Fedora's libc (glibc), but it is > > officially unsupported upstream[3]. Functionality would be harmed by > > not using musl, e.g. seccomp filters are not used. > > Why not drive this to be fixed upstream? Also, openSUSE builds > Firecracker against glibc and I see the seccomp stuff is also produced > and shipped[1]. I am not sure whether this means openSUSE's package is > broken or something else. > > [1]: https://code.opensuse.org/package/firecracker/blob/master/f/firecracker.spec I can look into what they're doing more thoroughly later, but I would assume they are just running with the empty seccomp filter. I am aware of two issues with glibc: The jailer program allegedly does not work with non-musl (although it builds) and is disabled upstream[1], and there is no non-musl seccomp filter[2][3]. [1] https://github.com/firecracker-microvm/firecracker/pull/2125 [2] https://github.com/firecracker-microvm/firecracker/blob/v1.3.0/src/vmm/build.rs#L25 [3] https://github.com/firecracker-microvm/firecracker/tree/v1.3.0/resources/seccomp > > - Upstream Rust wants musl targets to be statically linked by > > default[4]. It can be changed by patching (Gentoo does this) if > > dynamic linking is still a priority with Rust binaries, but I haven't > > tested that. > > As in musl is statically linked into the binaries? Or the Rust code is > statically linked. The former is not okay, the latter is what we do > already. The former, the musl targets produce static binaries by default. > > - Firecracker uses two crates forked from crates.io, but they are > > not vendored/bundled nor published to a registry. I'm currently > > manually bundling them as if they were vendored to avoid package name > > conflicts since nothing else uses them, but I don't know the preferred > > way to deal with those. > > > > That's probably the right way to deal with it. > > > So does any of that sound like a showstopper for being included in > > Fedora? Is there any other interest in the project from the > > community? > > > > It'd be interesting to have in Fedora, for sure, but this should be > done as an opportunity to bring our integration concerns upstream. Okay, thanks for all the feedback. I interpret this as essentially requiring the use of the glibc Rust target for inclusion in Fedora, so the changes on the Fedora side would be reduced to adding a couple dozen crates and ideally supporting the kernel as a guest. That shifts the bulk of the work to getting glibc fully supported upstream, and running a not-quite-as-secure build until then. I'll investigate this, and if there are no other blockers, maybe I can start sending review requests for the glibc build. Thanks. David _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue