taps: MVE

- TUNSETIFF works, the interface is indeed created.
- An fd is indeed passed over the unix socket,
- and is a valid (enough) fd because it can fed into `dup2`.
- `nix run -f . --offline pkgs.taps -- pass sleep 5` works, the
  interface exists for 5 seconds and disappears
- `nix run -f . --offline pkgs.taps -- pass ch-remote --api-socket=$HOME/uvms/nixos/vmm.sock add-net fd=3`
  obscurely fails, killing the VMM with:

  ```console
  [root@nixos:~]# cloud-hypervisor:  12.388270s: <_net1_qp0> ERROR:/build/source/net_util/src/queue_pair.rs:112 -- net: tx: failed writing to tap: Input/output error (os er
  ror 5)
  cloud-hypervisor:  12.388459s: <_net1_qp0> ERROR:virtio-devices/src/thread_helper.rs:54 -- Error running worker: HandleEvent(Error processing TX queue: NetQueuePair(Write
  Tap(Os { code: 5, kind: Uncategorized, message: "Input/output error" })))
  ```

README.md

@@ -1,20 +1,32 @@
 μVMs
 ===
 
-Slowly comprehending [spectrum-os](https://spectrum-os.org) and [microvm.nix](https://github.com/microvm-nix/microvm.nix), by reproducing bits and pieces using [NixOS](https://nixos.org), [systemd](https://nixos.org/manual/nixos/stable/options#opt-systemd.services), and [cloud-hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor).
+Slowly comprehending [spectrum-os](https://spectrum-os.org) and [microvm.nix](https://github.com/microvm-nix/microvm.nix), by reproducing bits and pieces using [NixOS](https://nixos.org) and [cloud-hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor).
 
 Prior Art
 ---
 
+### Projects
+
+- Obvious: Qubes, Spectrum, Genode, ...
+- Google ChromeOS and [AWS Firecracker](https://firecracker-microvm.github.io):
+    - rust-vmm, [crosvm](https://crosvm.dev/book), and [sommelier](https://chromium.googlesource.com/chromiumos/platform2/+/master/vm_tools/sommelier);
+- [Asahi muvm](https://github.com/AsahiLinux/muvm): microvms using [libkrun](https://github.com/containers/libkrun) and virtio-gpu "native context".
+- [AppVM](https://github.com/jollheef/appvm): apparently available in Nixpkgs under `nixos/modules/virtualisation/appvm.nix`. Based on (NixOS,) qemu and libvirt.
+- [valpackett/munix](https://git.clan.lol/clan/munix)
+- ...
+
 ### People
 
-Following the right people is one of the most effective ways to maintain bibliography, a form of "importance sampling".
+Following the right people might one of the most effective ways to maintain bibliography, a form of "importance sampling".
 The following are the people whose work, at the time of writing, I already know to watch out for. Whom am I missing?
 
 - [Alyssa Ross](https://github.com/alyssais)
     - Via [spectrum.org]https://spectrum-os.org/bibliography.html) and [Nixpkgs](https://github.com/NixOS/Nixpkgs).
 - [Demi Marie](https://demimarie.github.io):
     - Via [spectrum-devel](https://spectrum-os.org/lists/archives/spectrum-devel/2ff17d00-6603-46ae-9eb0-d4fa179db86c@gmail.com/) and Qubes.
+- [valpackett](https://val.packett.cool)
+- yureka
 - [Thomas Leonard](https://roscidus.com/blog/blog/2021/03/07/qubes-lite-with-kvm-and-wayland)
     - Via [spectrum-discuss](https://spectrum-os.org/lists/archives/spectrum-discuss/CAG4opy8BZn2pXDRBHOjcENFBHJON1LoG7A8GPdP0Wt_3KLaHyw@mail.gmail.com/), [qubes-lite, and `wayland-proxy-virtwl`](https://roscidus.com/blog/blog/2021/03/07/qubes-lite-with-kvm-and-wayland).
 - [Astro](https://spaceboyz.net/~astro/):
@@ -25,16 +37,6 @@ The following are the people whose work, at the time of writing, I already know
     - Via [Qubes](https://doc.qubes-os.org/en/latest/developer/general/devel-books.html) [OS](https://theinvisiblethings.blogspot.com/2012/09/how-is-qubes-os-different-from.html).
 - ...
 
-### Projects
-
-- Obvious: Qubes, Spectrum, Genode, ...
-- Google ChromeOS and [AWS Firecracker](https://firecracker-microvm.github.io):
-    - rust-vmm, [crosvm](https://crosvm.dev/book), and [sommelier](https://chromium.googlesource.com/chromiumos/platform2/+/master/vm_tools/sommelier);
-- [Asahi muvm](https://github.com/AsahiLinux/muvm): microvms using [libkrun](https://github.com/containers/libkrun) and virtio-gpu "native context".
-- [AppVM](https://github.com/jollheef/appvm): apparently available in Nixpkgs under `nixos/modules/virtualisation/appvm.nix`. Based on (NixOS,) qemu and libvirt.
-- ...
-
-
 ### Timeline
 
 The following are the questions I'd like to eventually answer about how virtualization happened:
@@ -76,7 +78,10 @@ The following are some of the current "am I holding this right?" questions:
 - [ ] Filesystems: 
 
   Virtio-blk appears to be the way to allocate persistent storage for VMs that require it.
-  In practice this means allocating a zvol or a contiguous file on the hypervisor,
+  The alternative is virtiofsd, which is potentially more RAM-hungry, and which significantly
+  limits bandwidth at least when used with explicitly enabling DAX (`microvm.nix`).
+
+  In practice the virtio-blk way means allocating a zvol or a contiguous file on the hypervisor,
   to be exposed to the guest as a block device. One suspicion I have is that allocating
   a CoW filesystem (e.g. xfs, btrfs) on top of another CoW filesystem (e.g. zfs, as in xfs-on-zvol) may have non-trivial
   implications for fragmentation, depending on parameters like the chunksizes.
@@ -88,14 +93,13 @@ The following are some of the current "am I holding this right?" questions:
 
 #### `spectrum-os`
 
-...is in active development and not advertised as user-ready yet.
+Yes. Soon.
-Spectrum OS appears to be a balance-shifting project, building up towards a principled solution, which must require patience...
-It does not, for example, reuse NixOS systemd modules, but uses s6 instead.
 
 #### `microvm.nix`
 
 Is inherently static.
-A cynical spin on `microvm.nix` would be, and I mean it with utmost respect, that it's a glorified qemu flags generator, written in Nix.
+A cynical spin on `microvm.nix` would be, and I mean it with utmost respect, that it's a glorified qemu flags generator, written in Nix,
+and Nix is slow.
 When using `microvm.nix` you write, for example, each TAP's `hwaddr` by hand, and then rebuild the "runner script".
 When using the "fully-declarative mode" you also engangle the guest's and the hypervisor's life cycles, and double the NixOS evaluation time.
 Microvm-nix ships support for a wide selection of different hypervisors, but you may only care about e.g. `cloud-hypervisor`.
@@ -105,3 +109,5 @@ An instructive reference implementation and a convenient entry point, `microvm.n
 
 I only noticed the option in `man configuration.nix` a few days ago,
 so I just never tried. Long-term I'd definitely prefer not to use qemu.
+
+The golang tool relies on obscure Nix CLI options and "channels" (as in tarballs).