When neither gpu.opengl nor gpu.vulkan is enabled (wayland-only cross-domain),
the gpu service no longer binds /dev/dri, /dev/udmabuf, /sys/dev/char,
/sys/devices, or /run/opengl-driver. GL-related environment variables
(LD_LIBRARY_PATH, LIBGL_DRIVERS_PATH, __EGL_VENDOR_LIBRARY_DIRS,
__GL_SHADER_DISK_CACHE_PATH) are omitted, MemoryDenyWriteExecute is
enforced regardless of allowWX, and DeviceAllow is empty. DevicePolicy
is now explicitly set to "closed" in all cases.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
vsock-connect --probe returns instantly on connection refused, so the
wait loop burned through all iterations in ~2s instead of 30s. Add a
0.2s sleep between attempts so the first VM launch has time to boot.
The device tray now shows Sound Output and Microphone Input menus for
running VMs. Each direction can be toggled per-VM at runtime via the
vhost-device-sound control socket. Initial state comes from the existing
sound.playback/sound.capture NixOS options.
NixOS module passes --initial-streams and --control-socket to
vhost-device-sound. The vhost-device flake input is updated to include
the new control socket support.
Document the new vmsilo-vsock library crate, vsock-connect CLI tool,
vm-stop --all flag, and CID file pattern. Update SSH ProxyCommand
description for cloud-hypervisor VMs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- vm-stop: complete --all alongside running VM names
- vm-shell: show --ssh (and --root when applicable) alongside VM names
- vsock-connect: new completion with mode-aware option handling
- vm-usb: new completion for attach/detach subcommands
- Shared helpers: _vmsilo_filter_used, _vmsilo_prev_takes_value
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Prep service writes /run/vmsilo/<vmname>/cid for runtime autodetection
- vm-stop gains --all flag to stop all running VMs
- Proxy/USB/SSH scripts unified to use vsock-connect for both hypervisors
- dbus-proxy service uses --vmname instead of --cid/--vsock-socket
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Uses fileset.toSource to widen src for vmsilo-tools and vmsilo-dbus-proxy
so both can resolve the shared vmsilo-vsock path dependency.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replaces host/vsock.rs with the shared vmsilo-vsock library crate.
Adds --vmname for autodetect mode alongside existing --cid/--vsock-socket.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replaces the sync-only fc-vsock proxy with an async CLI supporting
both kernel vsock (crosvm) and hybrid fc-vsock (cloud-hypervisor).
Adds --timeout, --probe, and autodetect-by-vmname modes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Standalone Rust library for connecting to VM vsock ports. Supports both
kernel vsock (crosvm) and hybrid Unix socket with CONNECT handshake
(cloud-hypervisor). Includes autodetection via /run/vmsilo/<vmname>/,
optional timeout, and full test suite.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Seeds are regenerable via fuzz-gen-corpus and AFL++ adds mutations
during runs — neither should be tracked.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Pre-build the target before testing artifacts; abort without deleting
anything if the build fails
- Add 30s timeout per artifact test to prevent hangs on slow-unit inputs
- Add progress counter during artifact testing
- Add coreutils to PATH for timeout command
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
tint_pixmap crashed on index-out-of-bounds when argb_data length didn't
match width*height*4. Add checked-arithmetic validation before the loop.
Add `nix run .#fuzz-clean-dbus-proxy -- <target>` to replay all crash
artifacts and delete the ones that no longer reproduce.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Translates --fork=N to libfuzzer's -fork=N flag, allowing the fuzzer
to continue after finding crashes instead of stopping.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add coverage-guided fuzzing for vmsilo-dbus-proxy with 5 targets:
- fuzz_deserialize: raw bytes → postcard deserialization
- fuzz_read_message: raw bytes → length-prefixed framing
- fuzz_sanitize_snapshot: structured input → sanitization invariants
- fuzz_sanitize_notification: structured input → sanitization invariants
- fuzz_tint_pixmap: structured input → pixel manipulation
Uses the arbitrary crate (behind a fuzz feature flag) for structured
input generation, with invariant assertion helpers that verify all
documented sanitization constraints.
Nix integration via rust-overlay nightly: `nix develop .#fuzz` for
interactive fuzzing, `nix run .#fuzz-dbus-proxy -- <target>` for
one-liners.
Also fixes a sanitization bug found by the fuzzer: sanitize_menu_tree
did not clamp negative IDs on the root menu node.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Also updates a few existing protocols to newer versions, and updates the
wayland-proxy dmabuf code to use the stable protocol. The dmabuf code is
still disabled as it does not work, but can be tested with the `--dmabuf`
wayland-proxy-virtwl argument.
Security: add nftables input chain to block VMs with netvm="host" from
connecting to host services (only established/related return traffic
allowed). Cap notification active_ids to 1000 entries to prevent
unbounded growth from leaked IDs.
Simplify: replace 4 writeShellScript cleanup wrappers with inline rm,
break up balloond ExecStart one-liner for readability.
Refactor dbus-proxy: extract ConnectionState struct to reduce
run_event_loop from 11 to 6 parameters, add shared pixel format module
(argb_to_rgba/rgba_to_argb) eliminating duplicate conversions in icon.rs
and notifications.rs. Run cargo fmt.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
virtiofsd has built-in sandboxing (--sandbox=namespace): it creates
mount/PID/network namespaces, does pivot_root, drops capabilities, and
applies its own seccomp filter. The systemd unit adds non-overlapping
hardening: IPC/UTS namespace isolation, seccomp-based protections, a
capability bounding set as defense-in-depth, and LimitNOFILE=1048576.
Per-instance runtime directories (/run/vmsilo/<vmname>/virtiofs-<tag>/)
replace the shared directory for better isolation.
New VM options: virtiofs.seccompPolicy and virtiofs.disableSandbox.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Guest notifications were missing from notification history because they
lacked the desktop-entry hint. Extract the hint from guest D-Bus, sanitize
it (whitelist [a-zA-Z0-9._-]), rewrite with vmsilo.<vm>. prefix, and only
include it if a matching .desktop file exists on the host.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Embed both light-on-dark and dark-on-light tray icon variants. At
startup, read the KDE icon theme from kdeglobals to determine panel
color and select the matching variant for icon_pixmap().
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
IconThemePath was not working reliably with KDE. Switch to embedding
the tray icon as ARGB32 pixel data via icon_pixmap(), which bypasses
theme lookup entirely. Also remove Breeze theme icon installation
since all icons are now embedded in the binary.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
