Successfully boot VM

2025-04-28 18:02:38 +02:00 · 2021-06-30 14:27:26 -07:00 · 2021-06-30 14:27:26 -07:00 · 9158d02669
commit 9158d02669
parent d9d352a680
5 changed files with 58 additions and 48 deletions
--- a/dangerzone/gui/init.py
+++ b/dangerzone/gui/init.py
@ -112,8 +112,8 @@ def gui_main(custom_container, filename):
    systray = SysTray(global_common, gui_common, app, vm)
    # Start the VM
-    # if vm:
+    if vm:
-    #     vm.start()
+        vm.start()
    closed_windows = {}
    windows = {}
--- a/dangerzone/gui/systray.py
+++ b/dangerzone/gui/systray.py
@ -40,9 +40,6 @@ class SysTray(QtWidgets.QSystemTrayIcon):
        elif state == self.vm.STATE_ON:
            self.status_action.setText("Dangerzone VM is running")
            self.restart_action.setEnabled(True)
        elif state == self.vm.STATE_STOPPING:
            self.status_action.setText("Dangerzone VM is stopping...")
            self.restart_action.setEnabled(False)
    def restart_clicked(self):
        self.vm.restart()
--- a/dangerzone/gui/vm.py
+++ b/dangerzone/gui/vm.py
@ -3,6 +3,7 @@ import sys
 import subprocess
 import uuid
 import pipes
 import tempfile
 from PySide2 import QtCore
@ -10,7 +11,6 @@ class Vm(QtCore.QObject):
    STATE_OFF = 0
    STATE_STARTING = 1
    STATE_ON = 2
    STATE_STOPPING = 3
    vm_state_change = QtCore.Signal(int)
@ -21,10 +21,12 @@ class Vm(QtCore.QObject):
        # VM starts off
        self.state = self.STATE_OFF
-        # Hyperkit subprocess
+        # Processes
        self.vpnkit_p = None
        self.hyperkit_p = None
        # Relevant paths
        self.vpnkit_path = self.global_common.get_resource_path("bin/vpnkit")
        self.hyperkit_path = self.global_common.get_resource_path("bin/hyperkit")
        self.vm_iso_path = self.global_common.get_resource_path("vm/dangerzone.iso")
        self.vm_kernel_path = self.global_common.get_resource_path("vm/kernel")
@ -33,27 +35,47 @@ class Vm(QtCore.QObject):
        )
        # Folder to hold files related to the VM
-        self.vm_state_dir = os.path.join(self.global_common.appdata_path, "vm-state")
+        self.state_dir = tempfile.TemporaryDirectory()
-        os.makedirs(self.vm_state_dir, exist_ok=True)
+        self.vpnkit_sock_path = os.path.join(self.state_dir.name, "vpnkit.eth.sock")
        self.hyperkit_pid_path = os.path.join(self.state_dir.name, "hyperkit.pid")
        # UDID for VM
        self.vm_uuid = str(uuid.uuid4())
-        self.vm_cmdline = "modules=virtio_net console=ttyS0"
+        self.vm_cmdline = (
            "earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod"
        )
    def start(self):
        self.state = self.STATE_STARTING
        self.vm_state_change.emit(self.state)
-        # Kill existing process
+        # Run VPNKit
-        if self.hyperkit_p is not None:
+        args = [
-            self.hyperkit_p.terminate()
+            self.vpnkit_path,
-            self.hyperkit_p = None
+            "--ethernet",
            self.vpnkit_sock_path,
            "--gateway-ip",
            "192.168.65.1",
            "--host-ip",
            "192.168.65.2",
            "--lowest-ip",
            "192.168.65.3",
            "--highest-ip",
            "192.168.65.254",
        ]
        args_str = " ".join(pipes.quote(s) for s in args)
        print("> " + args_str)
        self.vpnkit_p = subprocess.Popen(
            args,
            stdout=sys.stdout,
            stderr=subprocess.STDOUT,
        )
        # Run Hyperkit
        args = [
            self.hyperkit_path,
            "-F",
-            os.path.join(self.vm_state_dir, "hyperkit.pid"),
+            self.hyperkit_pid_path,
            "-A",
            "-u",
            "-m",
@ -69,7 +91,7 @@ class Vm(QtCore.QObject):
            "-s",
            f"1:0,ahci-cd,{self.vm_iso_path}",
            "-s",
-            "2:0,virtio-net",
+            f"2:0,virtio-vpnkit,path={self.vpnkit_sock_path}",
            "-U",
            self.vm_uuid,
            "-f",
@ -77,7 +99,6 @@ class Vm(QtCore.QObject):
        ]
        args_str = " ".join(pipes.quote(s) for s in args)
        print("> " + args_str)
        self.hyperkit_p = subprocess.Popen(
            args,
            stdout=sys.stdout,
@ -85,7 +106,14 @@ class Vm(QtCore.QObject):
        )
    def restart(self):
-        pass
+        self.stop()
        self.start()
    def stop(self):
-        pass
+        # Kill existing processes
        if self.vpnkit_p is not None:
            self.vpnkit_p.terminate()
            self.vpnkit_p = None
        if self.hyperkit_p is not None:
            self.hyperkit_p.terminate()
            self.hyperkit_p = None
--- a/install/macos/entitlements.plist
+++ b/install/macos/entitlements.plist
@ -2,8 +2,8 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
    <dict>
-        <key>com.apple.security.app-sandbox</key>
+        <!-- <key>com.apple.security.app-sandbox</key>
-        <true/>
+        <true/> -->
        <key>com.apple.security.inherit</key>
        <true/>
        <key>com.apple.security.files.user-selected.read-write</key>
@ -14,8 +14,6 @@
        <true/>
        <key>com.apple.security.hypervisor</key>
        <true/>
        <!-- <key>com.apple.vm.networking</key>
        <true/> -->
        <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
        <true/>
    </dict>
--- a/install/vm-builder/run-vm.sh
+++ b/install/vm-builder/run-vm.sh
@ -4,16 +4,16 @@ ROOT=$(pwd)/vm
 HYPERKIT=/Applications/Docker.app/Contents/Resources/bin/com.docker.hyperkit
 VPNKIT=/Applications/Docker.app/Contents/Resources/bin/com.docker.vpnkit
-# VPNKIT_SOCK=$ROOT/vpnkit.eth.sock
+VPNKIT_SOCK=$ROOT/vpnkit.eth.sock
-# PIDFILE=$ROOT/vpnkit.pid
+PIDFILE=$ROOT/vpnkit.pid
-# $VPNKIT \
+$VPNKIT \
-#     --ethernet=$VPNKIT_SOCK \
+    --ethernet=$VPNKIT_SOCK \
-#     --gateway-ip 192.168.65.1 \
+    --gateway-ip 192.168.65.1 \
-#     --host-ip 192.168.65.2 \
+    --host-ip 192.168.65.2 \
-#     --lowest-ip 192.168.65.3 \
+    --lowest-ip 192.168.65.3 \
-#     --highest-ip 192.168.65.254 &
+    --highest-ip 192.168.65.254 &
-# echo $! > $PIDFILE
+echo $! > $PIDFILE
-# trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT
+trap 'test -f $PIDFILE && kill `cat $PIDFILE` && rm $PIDFILE' EXIT
 $HYPERKIT \
    -F $ROOT/hyperkit.pid \
@ -23,19 +23,6 @@ $HYPERKIT \
    -s 0:0,hostbridge -s 31,lpc \
    -l com1,stdio \
    -s 1:0,ahci-cd,$ROOT/dangerzone.iso \
-    -s 2:0,virtio-net \
+    -s 2:0,virtio-vpnkit,path=$VPNKIT_SOCK \
    -U 9efa82d7-ebd5-4287-b1cc-ac4160a39fa7 \
-    -f kexec,$ROOT/kernel,$ROOT/initramfs.img,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod,usb-storage vpnkit.connect=connect://2/1999"
+    -f kexec,$ROOT/kernel,$ROOT/initramfs.img,"earlyprintk=serial console=ttyS0 modules=loop,squashfs,sd-mod"
 # hyperkit 
 #     -c 1 -m 1024M 
 #     -u -A -H 
 #     -U 386bba5a-5dc4-3ac2-95c9-cf0b9a29b352 
 #     -s 0:0,hostbridge 
 #     -s 2:0,virtio-net 
 #     -s 5,virtio-rnd 
 #     -s 31,lpc 
 #     -l com1,autopty=primary/pty,log=/Library/Logs/Multipass/primary-hyperkit.log 
 #     -s 1:0,virtio-blk,file://primary/ubuntu-20.04-server-cloudimg-amd64.img?sync=os&buffered=1,format=qcow,qcow-config=discard=true;compact_after_unmaps=262144;keep_erased=262144;runtime_asserts=false 
 #     -s 1:1,ahci-cd,primary/cloud-init-config.iso 
 #     -f kexec,primary/ubuntu-20.04-server-cloudimg-amd64-vmlinuz-generic,primary/ubuntu-20.04-server-cloudimg-amd64-initrd-generic,earlyprintk=serial console=ttyS0 root=/dev/vda1 rw panic=1 no_timer_check