Fuchsia Fundamentals

根据官方文档等挖掘Fuchsia特性以及和传统linux的区别

Introduction to Fuchsia

1. Fuchsia architecture

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-uIoTgo3I-1652189413474)(https://fuchsia.dev/docs/get-started/images/intro/fuchsia-architecture.png)][外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-VtBnBopk-1652189460917)(https://fuchsia.dev/docs/get-started/images/intro/fuchsia-architecture.png#pic_center)]

Fuchsia是一个模块化系统，可以使component，kernal，driver分离的更新；

Zircon是core部分，主要负责system start up & bootstrap等等

其余部分都在user space 并且是独立的，保证principle of least privilege

2. Zircon fundamentals

1. architecture

   Zircon uses the microkernal architecture to reduce the amount of trusted code running in the system to a few core functions:

• Memory management

• Scheduling

• Inter-process communication

2. System_call

• User space processes access system calls through libzircon.so vDSO，it is in ELF Format

​ ELF:https://blog.csdn.net/navyhu/article/details/46004059

• system call 直接链接一个或者多个handle

3. Jobs, processes and threads

• Jobs allow “applications” that are composed of more than one process to be controlled as a single entity.

4. Inter-process communication
   • Event: Signaling interface between two processes.
   • Socket: Streaming data transport, similar to a pipe.
   • Stream: Streaming data transport that is seekable, like a file.
   • Channel: Message-based transport capable of passing both data and a set of handles.
   • FIFO: Control plane for shared memory access, optimized for small data payloads.

channels 适合创建新的进程

3. Software isolation model

• 一个进程刚开始被创建的时候是没有任何权限的，只能使用父进程传递过来的handle。但是Fuchsia会给initial handles—namespace

• namespace：

  • Files: Objects which contain binary data.

  • Directories: Objects which contain other objects.

  • Sockets: Objects which establish connections when opened, like named pipes.

  • Protocols and services: Objects which provide structured services when opened.

  • Devices: Objects which provide access to hardware resources.

    进程创建者可以决定namesapce，但是不可以给自己添加namespace

4. component

• component manager：设定权限、通信等等
• component manifest file ：declare components to the system; e.g.

program: {
    runner: "elf",   #telling component manager that this component requires the ELF runner
    binary: "bin/hello",
    args: [ "Hello", "World!" ],
},

• Component capabilities: component obtain privileges to access various parts of the wider system through capabilities，Each component can declare new capabilities that they offer to the system and capabilities provided by other components (or the framework) that they require to function.

• component organization：

  Realms：父component和所有的子component

  父component控制capability 如何流动

  子component控制capability是否提供给reaml共享

• capability routing

  [外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-iuI7v6C3-1652189413475)(https://fuchsia.dev/docs/get-started/images/intro/capability-routing.png)]

Exercise

fuchsia % ffx component list
/
/bootstrap
/bootstrap/archivist
/bootstrap/base_resolver
/bootstrap/console
/bootstrap/console-launcher
/bootstrap/cr50_agent
/bootstrap/device_name_provider
/bootstrap/driver_index
/bootstrap/driver_manager
/bootstrap/flashmap
/bootstrap/fshost
/bootstrap/fshost/blobfs
/bootstrap/fshost/blobfs/decompressor
/bootstrap/fshost/fxfs-crypt
/bootstrap/full_resolver
/bootstrap/live_usb
/bootstrap/miscsvc
/bootstrap/netsvc
/bootstrap/power_manager
/bootstrap/ptysvc

5. software delivery

软件通过package结构，按需传入core

package：树结构存储[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-kg0Nne5L-1652189413476)(https://fuchsia.dev/docs/get-started/images/intro/meta-far.png)]

• TUF：保证delivery of software updates安全，例如放在云端，传输package metadata

• pkg-cache：记录每一个blob的位置以及调用情况，这些package不一定在系统上，可能在云端；not active的文件被放在回收站，最后被清除

Fuchsia components

1. declare components

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-iVrflNbl-1652189413476)(https://fuchsia.dev/docs/get-started/images/components/component-manifest.png)]

Component manifests（cml）：

    // Information about the program to run.
    program: {
        // Use the built-in ELF runner.
        runner: "elf",
        // The binary to run for this component.
        binary: "bin/hello",
        // Program arguments
        args: [
            "Hello",
            "World!",
        ],
    },

    // Capabilities used by this component.
//这里可以用Manifest shards代替               
    use: [
        { protocol: "fuchsia.logger.LogSink" },
    ],
}

Building components ： Bazel rules ->build and package software into Fuchsia components

# Build rules provided by the Fuchsia SDK
load(
    "fuchsia_cc_binary",
    "fuchsia_component",
    "fuchsia_component_manifest",
    "fuchsia_package",
)

fuchsia_cc_binary(
    name = "hello_world",
    srcs = [
        "hello_world.cc",
    ],
)

fuchsia_component_manifest(
    name = "manifest",
    src = "meta/hello_world.cml",
)

fuchsia_component(
    name = "component",
    manifest = ":manifest",
    deps = [":hello_world"],
)

fuchsia_package(
    name = "pkg",
    package_name = "hello_world",
    visibility = ["//visibility:public"],
    deps = [
        ":component",
    ],
)

随后是一个test，按照官方文档上的走，这里遇到了一些问题

运行

bazel build --config=fuchsia_x64 //fuchsia-codelab/echo:pkg \
    --publish_to=$HOME/.package_repos/sdk-samples

1. zsh: command not found: bazel
   

   bazel不能直接用，好像是一个外部的库，macos上用brew可以下载

   https://fuchsia.dev/fuchsia-src/get-started/sdk?hl=en这个里面也有写，如果start with Fuchsia sdk是需要安装dependence，但是按照这个链接里的命令就能运行成功bazel bulid，跟着本文中的test走就不行

   报错：

   WARNING: Invoking Bazel in batch mode since it is not invoked from within a workspace (below a directory having a WORKSPACE file).
   ERROR: The 'build' command is only supported from within a workspace (below a directory having a WORKSPACE file).
   See documentation at https://docs.bazel.build/versions/main/build-ref.html#workspace
   

2. 上面的报错以及warning好解决，在同一级目录下面运行

   touch WORKSPACE
   

3. 但是依旧报错

   Starting local Bazel server and connecting to it...
   ERROR: --publish_to=/Users/username/.package_repos/sdk-samples :: Unrecognized option: --publish_to=/Users/username/.package_repos/sdk-samples
   

   明明命令都一样，所以应该还是环境的问题,https://fuchsia.dev/fuchsia-src/get-started/sdk?hl=en 的get-starting里面也有fssh，也是之前没有解决的问题之一，应该还是需要配置一下环境

####暂时还没有解决，解决之后会回来弄一下, 暂时使用getting-started里面的代替一下

2. orgnazing components

这里和之前capability routing中说的一样

1. Components are identified by a URL solved by component resolver

2. Component lifecycle：在运行过程中/update changes the component topology时，会产生/销毁component

3. Session/driver：用于和user交互/用于和USB、终端等交互

[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-qIUZDK6Y-1652189413477)(https://fuchsia.dev/docs/get-started/images/components/product.png)]剩下的部分，由于梯子不够强，连不上 “fuchsiapkg://fuchsiasamples.com/hello_world#meta/hello_world.cm”

总是报错：Timeout attempting to reach target “unspecified”

emm就没有看。直接进入下一部分interface了。

Fuchsia Interface

1. Fuchsia Interface Definition Language

   决定component之间如何交流，用binding来decode和encode

2. Component connection

   主要是要声明出来，声明的语法在官方文档里有写到

3. 后面就讲的多一些test以及debug的方法，由于这一次主要是为了总结Fuchsia和传统Linux的区别，也就没有细看