else/clan-munix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Set up a monotonic clock boot time offset in the VM

Browse source
This commit is contained in:
Val Packett 2026-02-20 04:12:54 -03:00
parent 8c3878f117
commit 981393443b
2 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
micro-activate.rs
View file

@ -8,6 +8,8 @@ const MS_NODEV: c_ulong = 0x04;
const MS_RELATIME: c_ulong = 0x200000; const MS_RELATIME: c_ulong = 0x200000;
const MS_STRICTATIME: c_ulong = 0x1000000; const MS_STRICTATIME: c_ulong = 0x1000000;
const CLONE_NEWTIME: c_int = 0x80;
unsafe extern "C" { unsafe extern "C" {
fn mount( fn mount(
src: *const c_char, src: *const c_char,
@ -17,6 +19,7 @@ unsafe extern "C" {
data: *const c_void, data: *const c_void,
) -> c_int; ) -> c_int;
fn getrandom(buf: *mut u8, buflen: usize, flags: u32) -> c_int; fn getrandom(buf: *mut u8, buflen: usize, flags: u32) -> c_int;
fn unshare(flags: c_int) -> c_int;
} }
fn gen_machine_id() -> String { fn gen_machine_id() -> String {
@ -133,6 +136,17 @@ fn main() -> Result<(), std::io::Error> {
); );
} }
if let Ok(offset) = std::env::var("BOOT_TIME_OFFSET") {
if unsafe { unshare(CLONE_NEWTIME) } != 0 {
eprintln!("[micro-activate] Could not unshare time!");
} else {
std::fs::write(
"/proc/self/timens_offsets",
format!("monotonic {offset}\nboottime {offset}\n"),
)?;
}
}
let mut args = std::env::args_os().skip(1); let mut args = std::env::args_os().skip(1);
let cmd = args.next().unwrap(); let cmd = args.next().unwrap();
Err(std::process::Command::new(cmd).args(args).exec()) Err(std::process::Command::new(cmd).args(args).exec())

5
munix
View file

@ -204,6 +204,10 @@ if [ "$USING_PUBLISH" -eq 1 ]; then
printf "\n\n\n\e[1mNote: due to a \e[31mBUG\e[39m with port publishing (-p) you have to send the first outgoing packet (e.g. ping -c1 8.8.8.8) before your ports start receiving traffic. Sorry for the inconvenience!\e[39;0m\n\n\n\n" >&2 printf "\n\n\n\e[1mNote: due to a \e[31mBUG\e[39m with port publishing (-p) you have to send the first outgoing packet (e.g. ping -c1 8.8.8.8) before your ports start receiving traffic. Sorry for the inconvenience!\e[39;0m\n\n\n\n" >&2
fi fi
# xxx: some time is lost to the starting process..
[[ "$(</proc/uptime)" =~ ([0-9]+)\.([0-9]+) ]]
BOOT_TIME_OFFSET="${BASH_REMATCH[1]} $(( ${BASH_REMATCH[2]} * 1000000 ))"
# do not 'exec' because of cleanup :) # do not 'exec' because of cleanup :)
bwrap --unshare-all --share-net \ bwrap --unshare-all --share-net \
--uid $MICROVM_UID --gid $MICROVM_GID \ --uid $MICROVM_UID --gid $MICROVM_GID \
@ -233,6 +237,7 @@ bwrap --unshare-all --share-net \
-e container=munix \ -e container=munix \
-e MICROVM_CLOSURE="$MICROVM_CLOSURE" \ -e MICROVM_CLOSURE="$MICROVM_CLOSURE" \
-e MICROVM_UID="$MICROVM_UID" -e MICROVM_GID="$MICROVM_GID" \ -e MICROVM_UID="$MICROVM_UID" -e MICROVM_GID="$MICROVM_GID" \
-e BOOT_TIME_OFFSET="$BOOT_TIME_OFFSET" \
-i -t -- "${MICROVM_COMMAND[@]}" \ -i -t -- "${MICROVM_COMMAND[@]}" \
13< /etc/resolv.conf \ 13< /etc/resolv.conf \
14< /etc/localtime 14< /etc/localtime