| 9 Feb 2025 |
|  @tired:fairydust.space left the room. | 22:50:18 |
| 11 Feb 2025 |
 Arian | hmm I wanna try to get systemd-vmspawn work | 11:57:38 |
| Arian | it looks for firmware config in /usr/share/qemu/firmware and /etc/qemu/firmware
which obviously doesn’t work. but I have two options here:
- Make it in NixOS config to re-expose ${qemu}/share/qemu to /etc/qemu
- Patch systemd and add a dependency on qemu
| 11:59:20 |
| Arian | option 1 seems better right? it’s calling qemu as a binary — it just needs to be able to discover the configs shipped with qemu | 11:59:45 |
 ElvishJerricco | Depends on if you want to use this within the nix build sandbox, I guess | 12:02:01 |
 K900 | Can you not give it a firmware at runtime? | 12:02:08 |
| K900 | Also IIRC libvirt does something like that already with /run/libvirt/firmware | 12:03:00 |
| K900 | So maybe there should be one standard place for that | 12:03:10 |
| Arian | yeh there’s a —firmware argumentb | 12:03:41 |
| Arian | but by default it points to /etc/qemu/firmware | 12:03:50 |
| Arian | it’s just annoying to have to pass that in explicitly | 12:03:57 |
| Arian | qemu needs to be installed in environment.systemPackages anyway. so might as well expose /etc/qemu/firmware I guess | 12:04:14 |
| Arian |
$ systemd-vmspawn --linux /run/current-system/kernel --tpm no --initrd /run/current-system/initrd
░ Spawning VM nixos-stuff on /mnt/Projects/nixos-stuff.
░ Press Ctrl-] three times within 1s to kill VM.
Couldn't find OVMF firmware blob with Secure Boot support, falling back to OVMF firmware blobs without Secure Boot support.
qemu-kvm: -device vmgenid,guid=cc36b80c-97fa-4233-ad99-c246a2f48443: 'vmgenid' is not a valid device model name
| 12:13:06 |
| Arian | urghh does qemu-kvm-aarch64 not support vmgenid? | 12:13:17 |
 Alyssa Ross | It's ACPI — do aarch64 VMs use ACPI? | 12:16:38 |
 raitobezarius | I think I saw ACPI support for aarch64 in the kernel recently | 13:51:45 |
| Alyssa Ross | Oh yeah I'm not saying you can't do ACPI on aarch64 | 13:58:52 |
 antifuchs | I have a nixos test that tries to assert that a socket unit startup doesn't finish until a certain condition is met. If I do a machine.start() in the test code, the test waits forever until the socket's execstart finishes; is there a way to get backdoor.service not to depend on that socket being fully up? | 15:28:28 |
| antifuchs | * I have a nixos test that tries to assert that a socket unit startup doesn't finish until a certain condition is met. If I do a machine.start() in the test code, the test waits forever until the socket's execstart finishes (which it won't, because the condition for it finishing happens later in the test); is there a way to get backdoor.service not to depend on that socket being fully up? | 15:29:35 |
| antifuchs | trying to do it with the initrdBackdoor, but that feels kinda wonky | 15:33:05 |
| antifuchs | hrm, nope: now switch_root() hangs indefinitely (: | 15:35:14 |
| antifuchs | * I have a nixos test that tries to assert that a socket unit startup doesn't finish until a certain condition is met. If I do a machine.start() in the test code, the test waits forever until the socket's ExecStartPre finishes (which it won't, because the condition for it finishing happens later in the test); is there a way to get backdoor.service not to depend on that socket being fully up? | 16:09:45 |
 aloisw | In reply to @k900:0upti.me
Also IIRC libvirt does something like that already with /run/libvirt/firmware /run/libvirt/nix-ovmf, also /var/lib/qemu/firmware lately (which causes issues). | 18:11:12 |
| aloisw | In reply to @qyliss:fairydust.space
It's ACPI — do aarch64 VMs use ACPI? Depends on who runs the VM I guess, the Hetzner Cloud ones do and they seem to be standard KVM with UEFI. | 18:14:17 |
| Alyssa Ross | You can do UEFI with devicetree though | 18:18:13 |
| Alyssa Ross | and I think that's what QEMU does | 18:18:16 |
 @rosscomputerguy:matrix.org | In reply to @aloisw:julia0815.de
Depends on who runs the VM I guess, the Hetzner Cloud ones do and they seem to be standard KVM with UEFI. Yeah, I think those are Ampere machines. I'm pretty sure mine has ACPI. | 18:29:31 |
| aloisw | I don't think the host hardware matters inside a VM. Unsure whether they use QEMU though. | 18:32:11 |
| Arian | Yeh seems qemu only does acpi for intel | 20:15:01 |
| ElvishJerricco | You could do systemd.services.backdoor.unitConfig.DefaultDependencies = false;. I tried to add that as a general thing one time but a bunch of tests broke so we undid that. But there's no reason the backdoor needs to wait for things like basic.target; those tests that broke just made assumptions about file systems already being mounted and stuff | 20:15:10 |
