~ehmry/sigil

5d4fee3bf2d51d0c0cf6aaff896ebbaa5aa69b32 — Emery Hemingway 3 years ago 8a8f67b dabus
nixos: move ExecStart to end of systemd children list
1 files changed, 127 insertions(+), 119 deletions(-)

M nixos-modules/systemd-runner.dhall
M nixos-modules/systemd-runner.dhall => nixos-modules/systemd-runner.dhall +127 -119
@@ 40,131 40,139 @@ in  λ ( params
            Init::{
            , routes =
                parentRoutes [ "File_system", "Rtc", "Terminal", "Timer" ]
            , children = toMap
                { vfs =
                    Child.flat
                      Child.Attributes::{
                      , binary = "vfs"
                      , exitPropagate = True
                      , resources = Genode.Init.Resources::{
                        , caps = 256
                        , ram = Genode.units.MiB 8
                        }
                      , config = Init.Config::{
                        , content =
                          [ VFS.vfs
                              (   [ VFS.dir
                                      "dev"
                                      (   [ VFS.dir "pipes" [ VFS.leaf "pipe" ]
                                          , VFS.leaf "log"
                                          , VFS.leaf "null"
                                          , VFS.leafAttrs
                                              "terminal"
                                              ( toMap
                                                  { name = "entropy"
                                                  , label = "entropy"
                                                  }
                                              )
                                          , VFS.leaf "rtc"
                                          , VFS.leaf "zero"
                                          ]
                                        # socketsVfs
                                      )
                                  , VFS.dir
                                      "usr"
                                      [ VFS.dir
                                          "bin"
                                          [ VFS.symlink
                                              "env"
                                              "${params.coreutils}/bin/env"
            , children =
                  toMap
                    { vfs =
                        Child.flat
                          Child.Attributes::{
                          , binary = "vfs"
                          , exitPropagate = True
                          , resources = Genode.Init.Resources::{
                            , caps = 256
                            , ram = Genode.units.MiB 8
                            }
                          , config = Init.Config::{
                            , content =
                              [ VFS.vfs
                                  (   [ VFS.dir
                                          "dev"
                                          (   [ VFS.dir
                                                  "pipes"
                                                  [ VFS.leaf "pipe" ]
                                              , VFS.leaf "log"
                                              , VFS.leaf "null"
                                              , VFS.leafAttrs
                                                  "terminal"
                                                  ( toMap
                                                      { name = "entropy"
                                                      , label = "entropy"
                                                      }
                                                  )
                                              , VFS.leaf "rtc"
                                              , VFS.leaf "zero"
                                              ]
                                            # socketsVfs
                                          )
                                      , VFS.dir
                                          "usr"
                                          [ VFS.dir
                                              "bin"
                                              [ VFS.symlink
                                                  "env"
                                                  "${params.coreutils}/bin/env"
                                              ]
                                          ]
                                      ]
                                  , VFS.dir "tmp" [ VFS.leaf "ram" ]
                                  , VFS.dir
                                      "nix"
                                      [ VFS.dir
                                          "store"
                                          [ VFS.fs
                                              VFS.FS::{ label = "nix-store" }
                                      , VFS.dir "tmp" [ VFS.leaf "ram" ]
                                      , VFS.dir
                                          "nix"
                                          [ VFS.dir
                                              "store"
                                              [ VFS.fs
                                                  VFS.FS::{
                                                  , label = "nix-store"
                                                  }
                                              ]
                                          ]
                                      ]
                                  ]
                                # params.extraVfs
                              )
                          ]
                        , policies =
                          [ Init.Config.Policy::{
                            , service = "File_system"
                            , label = Init.LabelSelector.prefix "ExecStart"
                            , attributes = toMap
                                { root = "/", writeable = "yes" }
                                    # params.extraVfs
                                  )
                              ]
                            , policies =
                              [ Init.Config.Policy::{
                                , service = "File_system"
                                , label = Init.LabelSelector.prefix "ExecStart"
                                , attributes = toMap
                                    { root = "/", writeable = "yes" }
                                }
                              , Init.Config.Policy::{
                                , service = "File_system"
                                , label = Init.LabelSelector.prefix "vfs_rom"
                                , attributes = toMap
                                    { root = "/", writeable = "no" }
                                }
                              ]
                            }
                          , Init.Config.Policy::{
                            , service = "File_system"
                            , label = Init.LabelSelector.prefix "vfs_rom"
                            , attributes = toMap
                                { root = "/", writeable = "no" }
                          }
                    , vfs_rom =
                        Child.flat
                          Child.Attributes::{
                          , binary = "cached_fs_rom"
                          , resources = Genode.Init.Resources::{
                            , ram = Genode.units.MiB 32
                            }
                          ]
                        }
                      }
                , vfs_rom =
                    Child.flat
                      Child.Attributes::{
                      , binary = "cached_fs_rom"
                      , resources = Genode.Init.Resources::{
                        , ram = Genode.units.MiB 32
                        }
                      , config = Init.Config::{
                        , policies =
                          [ Init.Config.Policy::{
                            , service = "ROM"
                            , label = Init.LabelSelector.prefix "ExecStart"
                          , config = Init.Config::{
                            , policies =
                              [ Init.Config.Policy::{
                                , service = "ROM"
                                , label = Init.LabelSelector.prefix "ExecStart"
                                }
                              ]
                            }
                          ]
                        }
                      }
                , ExecStart =
                    Child.flat
                      Child.Attributes::{
                      , binary = params.binary
                      , exitPropagate = True
                      , resources = Genode.Init.Resources::{
                        , caps = 256
                        , ram = Genode.units.MiB params.ramQuotaMiB
                        }
                      , config =
                          ( Libc.toConfig
                              Libc::{
                              , stdin = Some "/dev/null"
                              , stdout = Some "/dev/log"
                              , stderr = Some "/dev/log"
                              , pipe = Some "/dev/pipes"
                              , rng = Some "/dev/entropy"
                              , rtc = Some "/dev/rtc"
                              , socket = Some "/dev/sockets"
                              , vfs = [ VFS.leaf "fs" ]
                              , args = [ params.binary ] # params.args
                              }
                          )
                        with attributes = toMap { ld_verbose = "yes" }
                      , routes =
                          Prelude.List.map
                            Text
                            Init.ServiceRoute.Type
                            ( λ(label : Text) →
                                Init.ServiceRoute.parentLabel
                                  "ROM"
                                  (Some label)
                                  (Some label)
                            )
                            [ "libc.lib.so"
                            , "libm.lib.so"
                            , "posix.lib.so"
                            , "vfs.lib.so"
                            ]
                      }
                }
                          }
                    }
                # [ { mapKey = "ExecStart"
                    , mapValue =
                        Child.flat
                          Child.Attributes::{
                          , binary = params.binary
                          , exitPropagate = True
                          , resources = Genode.Init.Resources::{
                            , caps = 256
                            , ram = Genode.units.MiB params.ramQuotaMiB
                            }
                          , config =
                              ( Libc.toConfig
                                  Libc::{
                                  , stdin = Some "/dev/null"
                                  , stdout = Some "/dev/log"
                                  , stderr = Some "/dev/log"
                                  , pipe = Some "/dev/pipes"
                                  , rng = Some "/dev/entropy"
                                  , rtc = Some "/dev/rtc"
                                  , socket = Some "/dev/sockets"
                                  , vfs = [ VFS.leaf "fs" ]
                                  , args = [ params.binary ] # params.args
                                  }
                              )
                            with attributes = toMap { ld_verbose = "yes" }
                          , routes =
                              Prelude.List.map
                                Text
                                Init.ServiceRoute.Type
                                ( λ(label : Text) →
                                    Init.ServiceRoute.parentLabel
                                      "ROM"
                                      (Some label)
                                      (Some label)
                                )
                                [ "libc.lib.so"
                                , "libm.lib.so"
                                , "posix.lib.so"
                                , "vfs.lib.so"
                                ]
                          }
                    }
                  ]
            }

      in  Init.toChild init Init.Attributes::{=}