Storage (VM) phase 0.1

[unbel13ver]

Description of changes

This is the initial implementation of the Storage solution. It uses impermanence framework along with virtiofs shares to make needed files/directories persistent.

Currently it allows to store WiFi configuration, user data from GUI-vm user home directory and common-purpose browser configuration and user sessions/data.

Each VM has an access to it's only data and does not know anything about other stored entities. The host system has an access to all the data stored.

Checklist for things done

• Summary of the proposed changes in the PR description
• More detailed description in the commit message(s)
• Commits are squashed into relevant entities - avoid a lot of minimal dev time commits in the PR
• Contribution guidelines followed
• Ghaf documentation updated with the commit - https://tiiuae.github.io/ghaf/
• PR linked to architecture documentation and requirement(s) (ticket id)
• Test procedure described (or includes tests). Select one or more:
  • Tested on Lenovo X1 x86_64
  • Tested on Jetson Orin NX or AGX aarch64
  • Tested on Polarfire riscv64
• Author has run nix flake check --accept-flake-config and it passes
• All automatic Github Action checks pass - see actions
• Author has added reviewers and removed PR draft status

Testing

1. Boot the system. Connect to Wi-Fi network through GUI-VM.
2. Open Chromium browser, go to any website and add it's address as a bookmark. Close browser window.
3. Open Business-VM browser (MS365), log in to the Outlook. Close the browser window.
4. Create any file in user's home directory in GUI-VM: touch ~/testfile
5. Reboot the computer.
6. Check that results of 1.-4. are survived the reboot. The Wi-Fi should connect automatically and all bookmarks/sessions/files are in place.

It is possible to restart a microvm without rebooting:
systemctl restart microvm@<vm name>.service

[vilvo]

Did a bit of testing with net-vm. Would be good to draft the Testing-section of the PR description to align the expectations/known issues.

Anyway, here goes my findings after nixos-rebuild ... switch + reboot from this PR branch - for TWIMC:

Good:

• inpermanence works with Wifi credentials - net-vm /etc/NetworkManager/system-connections/<connection-name> stores the credentials (in plain-text) and they persist over reboots
• wifi gets auto-connected after reboot, name queries from net-vm to DNS work

Regression:

• No connection applet - can't see from gui-vm desktop if the wifi is connected or not
  -chromium-vm does not start after restart but crashes: fixed with 091c91a

Notes:

• SSH signatures get regenerated on each reboot like before - to connect, one must either remove the ssh server fingerprints when connecting between ghaf-host <-> -vms OR ignore the server verification. This is not critical as it concerns only -debug-builds and debug-scenarios but would be nice to persist the fingerprints over reboots.

[unbel13ver]

The issues with network applet and log collecting are caused by the PCI device enumeration. When persistent storage is enabled, there is a new VirtIO device appear in, for instance, Net-VM:

Before:
00:04.0 Ethernet controller: Red Hat, Inc. Virtio network device
00:05.0 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi (rev 01)

After:
00:04.0 Mass storage controller: Red Hat, Inc. Virtio file system (rev 01)
00:05.0 Ethernet controller: Red Hat, Inc. Virtio network device
00:06.0 Network controller: Intel Corporation Raptor Lake PCH CNVi WiFi (rev 01)

which causes the Wi-Fi device name change:

Before:
wlp0s5f0

After:
wlp0s6f0

[milva-unikie]

Tested on Lenovo-X1 (lenovo-x1-carbon-gen11-debug on USB SSD)

Everything is working!

• Logs are updated to Grafana
• Wifi-signal status is shown in taskbar
• Storage works as described in Testing-section
• Test-automation passes