Arm Support

[dismal002]

Preliminary checklist

• I have read the README
• I have read the FAQs.
• I have searched existing issues for my feature request. This is a new issue (NOT a duplicate) and is not related to another issue.
• This is a feature request for the Cromite browser; not the website nor F-Droid nor anything else.

Is your feature request related to privacy?

Yes

Is there a patch available for this feature somewhere?

N/A

Describe the solution you would like

Arm support for the browser as arm devices are left without a suitable alternative. If you are unwilling to build and arm build but can provide instructions that would also work.

Describe alternatives you have considered

None as only arm builds would run on arm devices.

[basilgello]

@uazo I built Cromite with minimal changes (generating GN args for arm architecture within uazo/cromite-build container and actually building it and running it on my physical arm tablet) and surprisingly it works even with CFI. I did not test the yamls yet so please have a look and tell what you think!

And thanks for resurrection of Bromite!!!

[uazo]

sysbox does not support 32-bit applications in 64-bit containers.
the build without it works (as I think you did), but my server runs with sysbox.

[basilgello]

@uazo Are you talking about this bug nestybox/sysbox#350 ? I fixed the same issue with nsjail back in 2019 and I can probably fix it here as well. If this problem is gone, will you consider adding arm or you're politically against it?

[uazo]

Are you talking about this bug

yes

I fixed the same issue with nsjail back in 2019 and I can probably fix it here as well.

How?

If this problem is gone, will you consider adding arm or you're politically against it?

no, no problem with mr. arm :)

[basilgello]

How?

google/kafel#26 This wasnt merged at the time but it should be definitely possible to port the core idea to nestybox

[basilgello]

Hi @uazo ! I can not find you on Mastodon or Keybase, so how can I reach you privately and send the sysbox patch? Looks like Nestybox people are not interested in fixing the bug in their commercially available software. But I really want to have official arm and x86 builds of Cromite and corresponding WebView.

[PF4Public]

I reach you privately and send the sysbox patch?

Cannot you just attach it here?

[basilgello]

Here is the minimal fix:

diff --git a/libsysbox/syscont/spec.go b/libsysbox/syscont/spec.go
index 97f3cab5..177979f0 100644
--- a/libsysbox/syscont/spec.go
+++ b/libsysbox/syscont/spec.go
@@ -976,7 +976,7 @@ func cfgSeccomp(seccomp *specs.LinuxSeccomp) error {
 
 	supportedArch := false
 	for _, arch := range seccomp.Architectures {
-		if arch == specs.ArchX86_64 || arch == specs.ArchAARCH64 || arch == specs.ArchARM {
+		if arch == specs.ArchX86_64 || arch == specs.ArchAARCH64 || arch == specs.ArchARM || arch == specs.ArchX86 || arch == specs.ArchX32 {
 			supportedArch = true
 		}
 	}
diff --git a/libsysbox/syscont/syscalls.go b/libsysbox/syscont/syscalls.go
index 95ed2fa5..f04b1237 100644
--- a/libsysbox/syscont/syscalls.go
+++ b/libsysbox/syscont/syscalls.go
@@ -402,7 +402,7 @@ func AddSyscallTraps(config *configs.Config) error {
 
 		config.SeccompNotif = &configs.Seccomp{
 			DefaultAction: configs.Allow,
-			Architectures: []string{"amd64", "arm64", "arm"},
+			Architectures: []string{"amd64", "arm64", "arm", "x86", "x32"},
 			Syscalls:      list,
 		}
 	}

I wanted to do aproper PR to sybox but looks no one needs it.

[uazo]

Here is the minimal fix:

is that all? possible? two years of waiting? :(

I wanted to do aproper PR to sybox but looks no one needs it.

I do not, however, see it.
why don't you do it?

[basilgello]

two years of waiting

Yep... At least the sysbox reproducer works :)

Why dont you do it

I have to add tests et al after you confirm it works in real world :)

[basilgello]

Building guide here: https://github.com/nestybox/sysbox/blob/master/docs/developers-guide/build.md
make sysbox-runc-static is enough

[basilgello]

I will also rebase #148 when I get back to PC

[basilgello]

bark bark :D

[uazo]

bark bark :D

what does that mean?

@basilgello I tried as you wrote, it actually doesn't crash anymore.
the next test is to try compiling for arm.
thanks for your help.

[basilgello]

what does that mean?

A friendly reminder that you had to test stuff :))) "Barking like a dog" and all that :)

EDIT: In the meantime I have to use Mull but it fails to play videos and has assorted issues here & there so I am waiting for Cromite arm to finally settle on.

[basilgello]

Rebased #148 on top of current master so you can try building after you complete v118 run

[severtheskyline]

So does this mean armv7 version soon? :>

[basilgello]

It's being built now: https://github.com/uazo/cromite/actions/runs/6471348837/job/17569599984

[severtheskyline]

It's being built now: https://github.com/uazo/cromite/actions/runs/6471348837/job/17569599984

Watched it build and now it's done, nice

[basilgello]

@uazo The https://github.com/uazo/cromite/actions/runs/6476913457 failed because no space left on your runner VM. Otherwise, where is the build artifact APK? :)

[uazo]

because no space left on your runner VM.

no, it is not my machine but github's

where is the build artifact APK? :)

will be present in the next release

[basilgello]

@uazo please check the containers used to build v118 right now use the patched sysbox. The error message in failed workflow run shows the sysbox is not patched

[uazo]

I know, for now I only patched the production server, for the development one I don't need it

[MagicAndre1981]

where is the build artifact APK? :)

will be present in the next release

ARM version of v118.0.5993.71-002dc9166f20c34dc2ea87004712725e9e4bc3b0 work fine on my Chromecast with Google TV 4K. 😍👍

[Universalizer]

Thank You @uazo and @basilgello for all these great efforts and wonderful works.
Atleast supporting architecture 32-bit armeabi-v7a, will be functioning.

[SCPF-Bot]

Finally, this is what I've been waiting for.