diff --git a/nixos/modules/virtualisation/anbox.nix b/nixos/modules/virtualisation/anbox.nix index 7b096bd1a9fbb..653f1960b5e51 100644 --- a/nixos/modules/virtualisation/anbox.nix +++ b/nixos/modules/virtualisation/anbox.nix @@ -6,6 +6,7 @@ let cfg = config.virtualisation.anbox; kernelPackages = config.boot.kernelPackages; + useAnboxModules = kernelPackages.kernelOlder "5.0"; addrOpts = v: addr: pref: name: { address = mkOption { default = addr; @@ -73,13 +74,17 @@ in environment.systemPackages = with pkgs; [ anbox ]; - boot.kernelModules = [ "ashmem_linux" "binder_linux" ]; - boot.extraModulePackages = [ kernelPackages.anbox ]; + # Mainline ashmem/binder drivers not available as modules + boot.kernelModules = optionals useAnboxModules [ "ashmem_linux" "binder_linux" ]; + boot.extraModulePackages = optional useAnboxModules kernelPackages.anbox; - services.udev.extraRules = '' - KERNEL=="ashmem", NAME="%k", MODE="0666" - KERNEL=="binder*", NAME="%k", MODE="0666" - ''; + systemd.mounts = optional (!useAnboxModules) { + requiredBy = [ "anbox-container-manager.service" ]; + description = "Anbox Binder File System"; + what = "binder"; + where = "/dev/binderfs"; + type = "binder"; + }; virtualisation.lxc.enable = true; networking.bridges.anbox0.interfaces = []; @@ -129,7 +134,8 @@ in --container-network-gateway=${cfg.ipv4.gateway.address} \ --container-network-dns-servers=${cfg.ipv4.dns} \ --use-rootfs-overlay \ - --privileged + --privileged \ + --daemon ''; }; }; diff --git a/nixos/tests/anbox.nix b/nixos/tests/anbox.nix new file mode 100644 index 0000000000000..62a9272bb585b --- /dev/null +++ b/nixos/tests/anbox.nix @@ -0,0 +1,37 @@ +import ./make-test-python.nix ({ pkgs, ... }: + +{ + name = "anbox"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ mvnetbiz ]; + }; + + machine = { pkgs, config, ... }: { + imports = [ + ./common/user-account.nix + ./common/x11.nix + ]; + + environment.systemPackages = with pkgs; [ android-tools ]; + + test-support.displayManager.auto.user = "alice"; + + virtualisation.anbox.enable = true; + virtualisation.memorySize = 2500; + }; + + testScript = { nodes, ... }: let + user = nodes.machine.config.users.users.alice; + bus = "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/${toString user.uid}/bus"; + in '' + machine.wait_for_x() + + machine.wait_until_succeeds( + "sudo -iu alice ${bus} anbox wait-ready" + ) + + machine.wait_until_succeeds("adb shell true") + + print(machine.succeed("adb devices")) + ''; +}) diff --git a/pkgs/os-specific/linux/anbox/default.nix b/pkgs/os-specific/linux/anbox/default.nix index d684e24db9148..dab3c6ff9e8c8 100644 --- a/pkgs/os-specific/linux/anbox/default.nix +++ b/pkgs/os-specific/linux/anbox/default.nix @@ -76,7 +76,15 @@ stdenv.mkDerivation rec { libcap libdwarf libGL - lxc + # Broken with lxc 4.0.7 or later + # https://github.com/anbox/anbox/issues/1801 + (lxc.overrideAttrs (old: rec { + version = "4.0.6"; + src = fetchurl { + url = "https://linuxcontainers.org/downloads/lxc/lxc-${version}.tar.gz"; + sha256 = "0qz4l7mlhq7hx53q606qgvkyzyr01glsw290v8ppzvxn1fydlrci"; + }; + })) mesa properties-cpp protobuf protobufc diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 776a422df735b..c887134108258 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -845,6 +845,12 @@ let X86_AMD_PLATFORM_DEVICE = yes; + ASHMEM = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID_BINDER_IPC = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID_BINDERFS = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID_BINDER_DEVICES = { optional = true; freeform = whenAtLeast "5.0" "binder,hwbinder,vndbinder";}; + } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { # Enable CPU/memory hotplug support # Allows you to dynamically add & remove CPUs/memory to a VM client running NixOS without requiring a reboot