supermachine-kernel-x86-64 0.7.67

Pre-built x86_64 Linux microVM kernel (minimal config), busybox, and in-VM agent for supermachine's KVM backend, bundled as xz-compressed payloads inside the crate (no network at build time). Resolved automatically per target by the `supermachine-kernel` facade; pin in lockstep with `supermachine`.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111

//! Pre-built x86_64 runtime assets for supermachine's **KVM** backend,
//! packaged as a Rust crate so embedders never fetch binaries out of band.
//!
//! This is the x86_64 counterpart of `supermachine-kernel-aarch64`. You
//! normally don't depend on it directly — depend on the
//! [`supermachine-kernel`] facade, which re-exports the right arch's crate by
//! `target_arch`. Cargo only downloads the sub-crate matching the build
//! target, so an x86_64 build pulls only this crate (and never the aarch64
//! kernel), and vice-versa.
//!
//! Three assets are bundled:
//!
//! 1. **Linux kernel** ([`KERNEL_BYTES`]) — a minimal-config x86_64
//!    `bzImage` (Linux 6.12). Everything the microVM needs is built in
//!    (`MODULES=n`): virtio-MMIO (+`CMDLINE_DEVICES`), virtio-blk,
//!    virtio-vsock, squashfs, overlayfs, ext4, 8250 console. No module
//!    loading, no host-kernel coupling.
//! 2. **busybox** ([`BUSYBOX_BYTES`]) — a static x86_64 busybox. The KVM
//!    bake stages it into the agent initramfs as the PID-1 init's toolbox
//!    (mount, switch_root, overlay setup).
//! 3. **`supermachine-agent`** ([`SUPERMACHINE_AGENT_BYTES`]) — the in-VM
//!    control agent (static x86_64-musl). Runs as PID 1 inside the
//!    container after `switch_root`, serving `exec`/control RPCs over vsock.
//!
//! Unlike the aarch64/HVF crate, there is **no `init-oci` or `smpark.ko`**:
//! the KVM backend builds the container rootfs (overlayfs + `switch_root`)
//! directly in the agent initramfs's generated init, and does not park
//! secondary vCPUs via a kernel module.
//!
//! [`supermachine-kernel`]: https://crates.io/crates/supermachine-kernel

/// Raw bytes of the x86_64 kernel — a minimal-config Linux `bzImage`.
///
/// The supermachine KVM backend loads this as the guest kernel. The bytes are
/// staged into `OUT_DIR` by `build.rs` (env override or bundled `kernel.xz`).
pub const KERNEL_BYTES: &[u8] = include_bytes!(concat!(env!("OUT_DIR"), "/kernel"));

/// Length of the kernel image in bytes — `KERNEL_BYTES.len()`, const-evaluable.
pub const KERNEL_LEN: usize = KERNEL_BYTES.len();

/// Raw bytes of the static x86_64 busybox staged into the agent initramfs.
/// The generated PID-1 init uses it for the overlayfs + `switch_root` dance
/// that builds the writable container rootfs from the read-only OCI squashfs.
pub const BUSYBOX_BYTES: &[u8] = include_bytes!(concat!(env!("OUT_DIR"), "/busybox"));

/// Length of the busybox binary in bytes.
pub const BUSYBOX_LEN: usize = BUSYBOX_BYTES.len();

/// Raw bytes of the in-VM `supermachine-agent` (static x86_64-musl ELF). Runs
/// as PID 1 inside the container post-`switch_root`, serving docker-style
/// `exec` and other control RPCs over vsock.
pub const SUPERMACHINE_AGENT_BYTES: &[u8] =
    include_bytes!(concat!(env!("OUT_DIR"), "/supermachine-agent"));

/// Length of the supermachine-agent binary in bytes.
pub const SUPERMACHINE_AGENT_LEN: usize = SUPERMACHINE_AGENT_BYTES.len();

/// Write the bundled kernel image to `dest`. Overwrites any existing file;
/// the parent dir must exist (use [`extract_kernel_to_with_parents`] to mkdir).
pub fn extract_kernel_to(dest: &std::path::Path) -> std::io::Result<()> {
    std::fs::write(dest, KERNEL_BYTES)
}

/// Like [`extract_kernel_to`] but `mkdir -p`'s the parent dir first.
pub fn extract_kernel_to_with_parents(dest: &std::path::Path) -> std::io::Result<()> {
    if let Some(parent) = dest.parent() {
        std::fs::create_dir_all(parent)?;
    }
    extract_kernel_to(dest)
}

/// Write the bundled busybox to `dest`, executable (mode 0o755) on Unix.
pub fn extract_busybox_to(dest: &std::path::Path) -> std::io::Result<()> {
    std::fs::write(dest, BUSYBOX_BYTES)?;
    set_executable(dest)
}

/// Like [`extract_busybox_to`] but `mkdir -p`'s the parent dir first.
pub fn extract_busybox_to_with_parents(dest: &std::path::Path) -> std::io::Result<()> {
    if let Some(parent) = dest.parent() {
        std::fs::create_dir_all(parent)?;
    }
    extract_busybox_to(dest)
}

/// Write the bundled `supermachine-agent` to `dest`, executable on Unix.
pub fn extract_supermachine_agent_to(dest: &std::path::Path) -> std::io::Result<()> {
    std::fs::write(dest, SUPERMACHINE_AGENT_BYTES)?;
    set_executable(dest)
}

/// Like [`extract_supermachine_agent_to`] but `mkdir -p`'s the parent first.
pub fn extract_supermachine_agent_to_with_parents(dest: &std::path::Path) -> std::io::Result<()> {
    if let Some(parent) = dest.parent() {
        std::fs::create_dir_all(parent)?;
    }
    extract_supermachine_agent_to(dest)
}

#[cfg(unix)]
fn set_executable(dest: &std::path::Path) -> std::io::Result<()> {
    use std::os::unix::fs::PermissionsExt;
    let mut perms = std::fs::metadata(dest)?.permissions();
    perms.set_mode(0o755);
    std::fs::set_permissions(dest, perms)
}

#[cfg(not(unix))]
fn set_executable(_dest: &std::path::Path) -> std::io::Result<()> {
    Ok(())
}