Mir future ? [a valid goto production strategy ?]

Hi,

I’m looking for a valid Wayland foundation for an ultralight embedded compositor for industrial devices, targeting boat, train, … i.e. https://docs.redpesk.bzh/docs/en/master/redpesk-marine/blueprint.html#architecture

While it is obvious than none of existing Wayland project as Mir or WLROOT are close to be finished. I still hope to find something that could save me from libweston. I tried to run Mirral and egmde with very little success. Recompiling everything from scratch on Fedora32 is simple, but unfortunately outside Miral with a terminal nothing really work as expected. As documentation is almost unexisting and usually point on running SNAP pre-built images, it is very hard to understand what work and what does not.

Question: is MIR a valid option for a real project ? What the roadmap ? How about the security model ? Does a starting guide documentation from code and API exist ?

Thank you
Fulup

Hi @fulup-bzh,

Mir in the form of mir-kiosk is in use as a ultralight embedded compositor, so that seems like a good fit.

Why do you think “it is obvious than none of existing Wayland project as Mir or WLROOT are close to be finished”? What does “finished” mean to you? Mir is and has been useful for years.

It is hard to know how to help you with “unfortunately outside Miral with a terminal nothing really work as expected” as you don’t say what your expectations are. I’ve been using egmde and Mir Shell on Fedora rawhide without difficulty.

Apart from this forum category, there’s documentation in the Mir code (which you’ve found) and on the Mir website and the Ubuntu Blog.

There will always be bugs to fix and features to add, but I wouldn’t consider Mir any less finished than libweston. I’m sorry you didn’t have luck doing whatever it was you were trying to do. If you explain in more detail what you tried and what went wrong we might be able to help. More info about how people are trying to use Mir and what troubles they’re facing would also help us make our docs more useful. We can keep talking here, or you can join #mir-server on Freenode if that works better for you.

Alan thank for you quick respond,

Finish for me translate in documentation, testing suite, … Even if WLROOT has a better documentation and more comments in code, it also remains wait painting. Which is OK for me until I can find my path to run it.

This being said I tried mir-kiosk without any success. I did compile it, but I was not able to get anything useful out of it.

  • When starting ./miral-kiosk --keyboard=fr on vt4
  • I get a background inviting to enter atl-ctl-t for a terminal,
  • no proposed hot key for a terminal works (no debug trace of error)
  • alt-ctl-backspace does not exit (when it exit with miral).
  • I have to pkill miral-kiosk to exit.

As they is not error message, it hard to say more. I tried to use --startup-apps but it said that I cannot start weston-terminal before miral is active.

Question: what would be the right command to start a kiosk with one or two sample apps.

@wmww let be clear, I do not want to use libweston. Libweston is too basic. On the other hand samples works. My team (IoT.bzh) contribute more than 50% of Automotive Grade Linux code. We try to escape from libweston because we known it, even if Collabora is working hard to make it more high level, as today they are still far from a “production ready” version. This is why I’m looking for alternative as MIR or WLROOT.

  • I was under the impression miral-kiosk didn’t have a keyboard shortcut to launch a terminal. Are you sure it’s miral-kiosk and not miral-shell that has a background describing such a shortcut? Does Ctrl+Alt+T open a terminal in miral-shell?
  • The issue you had with --startup-apps appears to be a miral-kiosk bug I noticed yesterday. Not sure why it ended up broken, but I’ve just approved @alan_g’s fix and it should be in master within an hour assuming it passes CI: https://github.com/MirServer/mir/pull/1772
  • As long as you don’t pass in the option --kiosk-startup-apps-only, you can always launch an app in a different VT and it will appear in the kiosk. If the app complains about not finding a display, you might need to set the WAYLAND_DISPLAY environment variable to the same value when launching the kiosk and the app. Both should default to wayland-0 if not set.

EDIT: --startup-apps fix has landed in master

1 Like

As mentioned before there are sources of documentation, is there something specific you find missing. Apart from the internal tests that can be run (with the usual make test) we use the Wayland Conformance Test Suite.

Why are you compiling it? Mir is in the Fedora archives and can be installed with dnf.

The only example server that gives that background is miral-shell (not miral-kiosk).

By default (--shell-terminal-emulator arg (=miral-terminal) miral-shell runs the miral-terminal script which tries to detect and run a terminal emulator installed on your system.

I’m guessing it is detecting gnome-terminal and, depending on the system you’re on that behaves differently. I suspect in your case gnome-terminal is detecting a desktop session on another VT and “successfully” creating a terminal window there. If gnome-terminal reports success, miral-shell doesn’t report an error.

If you look at the miral-terminal script you’ll see that we try to detect gnome-terminal and control that behavior, but apparently on your system this isn’t working correctly. If you can figure out why that would be helpful.

That’s intentional, miral-kiosk is intended for systems which run continually a single fullscreen application (like a web kiosk or entertainment center), these do not provide a way for users to shut down the display server.

$ miral-app -h
miral-app - Handy launch script for a hosted miral "desktop session"
Usage: miral-app [options] [shell options]
Options are:
    -kiosk                      use miral-kiosk instead of miral-shell
    -terminal <terminal>        use <terminal> instead of '/usr/bin/miral-terminal'
    -bindir <bindir>            path to the miral executable [/usr/bin]

Using weston-terminal as an example…

miral-app -kiosk -terminal weston-terminal --keyboard=fr

…will start miral-kiosk and then weston-terminal, from weston-terminal you can then launch other applications. When weston-terminal exits then miral-kiosk is stopped.

@www, thank you for the information. After pulling yesterday master, kiok started to display my weston terminal. I now need to play a little more with the code.
@alan, to address your reponses:

  • we recompile from scratch because or goal is select a foundation for a custom compositor targeting embedded displays (automotive, boats, …) Recompilation as well as code complexity, flexibility, test-suite are obviously part of our selection process. As well as community capability to respond to questions (point of which you’ve been excellent)
  • for background image you’re surely right. I made many test and probably mess up in all my test. I expect that having a background and no terminal was with miral-shell in tilling mode. I need to retest this part.
  • terminal detection, I hacked the script to make sure that it always selection weston-terminal.

Thank you both, pooling the last commit fixed my yesterday issues. I have now more homework to do before coming with new questions.

2 Likes

About API documentation ? Outside of samples in mir/egmde core or https://mir-server.io/doc/annotated.html is there a mirAL API documentation available ?

No. What do you feel is missing?

@alan, If I take a simple call like “add_window_manager_policy” and search for documentation “google” proposes https://mir-server.io/doc/introducing_the_miral_api.html which is bit of dry, don’t you agree ?

In fact as I said my goal is to choose a technology and as much as possible, I try to understand if MIR is a good fit for our specific usages. I do not expect to find all my answers without digging the code, but the less I have to dig the better is will be (for me).

The description you give on https://mir-server.io/ title is “fast, open and secure display server for any device” which is exactly what we are looking for. . But where do I find information on MIR security model. In our case each client application has a security label (Smack or SeLinux). From this security label we extract privileges and finaly we need to map those privileges on graphic capabilities (allow full screen, allow popup, stop on events, …).

Example: the phone app is authorized to display a popup on top of every running applications to prompt (answer yes/no) except when reverse gear is engage. Question I need to answer: how MIR is helping me to implement this type of use cases ?

Yes, some of the documentation is lightweight, but the specific example you chose is a trivial helper function that would rarely be used “for real”.

There should be a link to this from the main website. I’ll see about getting that fixed.

You’d need to supply a window management policy that “knows” about “the phone app” and “when reverse gear is engage”. Mir doesn’t (and shouldn’t) know about those things, but provides a customization point that makes it simple to implement that behavior.

For documentation sample I took the 1st API I had in my VIM, but the remark remain true for MiralAPI at large.
I agree on your remark on the fact Mir should not do provide a specific security model, but should make the implementation of security feature as simple as possible.
I’m going to check the whitepaper.
Thank you for your support.

1 Like

I went through the whitepaper you pointed at. It is well written, but this remains a technical-marketing and not a technical-developer document. Most of the security aspect describe are related to Wayland versus X11 and not to Mit itself, and nothing about existing api/features to help implementing a serious application security model. I do not blame anyone in fact WLROOT documentation is not much better than MIR. Which make my selection work harder than I would like.

Conclusion: I have to continue my homework to choose a high level Wayland lib.

The Mir libraries have no explicit support for application security. We package mir-kiosk using Snap’s containerization (which is based on AppArmor). To date we’ve not done any work with SELinux or SMack.

HTH

SNAP is about isolation. Isolation is an important part of security model when running untrusted application. Nevertheless it is not the only one and at least for automotive privileges and context policies are at least as important as isolation.
I’m happy to ear that MIR has nice security support. Nevertheless those feature are not documented (at least if the white paper). If they are documented somewhere else, please let us know.

they are rather generic snap features, Mir just utilizes them. there is sadly no separate whitepaper just about snap security, but there is an “Application Security” section in the Ubuntu Core whitepaper that outlines snap security:

1 Like