FreeBSD Aarch64 and QEMU
For the past couple months, I have been trying to switch my development rig to a simple NanoPi M4. My goal has been to not having to carry a laptop around, knowing that it will just sit on a desk.
The experiment has been going great so far: the device fits in my coat pocket and packs an impressive amount of power with its 6 cores. Enough to run Xorg, vim with all the plugins that I need, and of course some heavy compilers. The limited amount of RAM also forces me not to have too many windows open while I’m developing, and that turned out to be the source of a pleasant productivity boost.
It has now replaced my laptop altogether. The biggest issue I still face is when no HDMI screen is available. I looked into the onyx boox max3 to serve as a low-power display, but the price tag is too much for something I need only twice a year. So I bought a cheapo LCD display that I don’t really like, which is fine since I only have to look at it maybe 2 weeks per year.
A lot of the Linux tools that I use have been ported to ARM64/Aarch64. And if they haven’t been, there is always the app I can install on my phone to complement the missing features. While it’s not the most secure approach, it’s enough for this experiment.
Now, the only thing I’m really missing is FreeBSD, and some improved security. One of the issues is that the OS available at Friendlyelec’s website is a customized version of Armbian whose kernel is never updated. The other issue is that it’s not FreeBSD. So in the past couple weeks I started experimenting with QEMU and KVM in order to run different FreeBSD VMs. The end goal is to have something similar to Qubes OS, with one VM dedicated to a specific task. And because I have control over the OS, I can keep it up to date even if the host OS isn’t.
The VM image
So I started with downloading a VM image from the FreeBSD website and decompressed it. The first problem is that the image is limited to 3GB, which doesn’t leave room for much.
Increasing the “disk size” is very easy, one can do that with qemu-img :
host $ qemu-img resize FreeBSD-<version>-RELEASE-aarch4.qcow2 +10GThen, I booted the image:
host $ qemu-system-aarch64 -m 1024M -cpu host,pmu=off -M virt,gic-version=3 -bios QEMU_EFI.fd -nographic --enable-kvm --drive if=none,file=browsing.qcow2,id=hd0 -device virtio-blk-device,drive=hd0 -net nic -net user,hostfwd=tcp::5555-:22,hostfwd=tcp::5901-:5901The next step was to resize the partition and the disk label inside the disk. This is done with gpart:
root@vm # gpart resize -i 2 -s 12G vtbd0
root@vm # gpart resize -i 1 -s 12G vtbd0s2
root@vm # growfs /dev/vtbd0s2aWhat the code above does is resize the third partition vtbd0 to 12 GB, then resize the label inside that partition vtbd0s2. Finally, the filesystem sitting inside this label needs to be grown to take up all the newly available space.
Setting the image up
Because this VM only has 1GB of RAM, one should not load it with too many bloated components. I have elicited to use i3 as a window manager, and I use TigerVNC to connect to it. Chromium is available as a browser for Aarch64.
root@vm # pkg install xorg i3 chrome tigervnc-serverI added a user called user with adduser and configured SSH to be able to connect to it. Connection to the X server is done through port forwarding. I chose VNC and forwared the VNC port (number 5901) through QEMU, although I could have done it with SSH. I changed the configuration in .vnc/xstartup to start Chromium and i3 :
chrome --incognito &
i3 &Using the VM
Access to the system happens through SSH:
host $ ssh -p 5555 user@localhostOnce on the machine, the VNC server must be started with:
user@vm $ vncserverThen on the host side, start the VNC client and enjoy browsing!
host $ xtigervncviewer
Conclusion
That’s roughly it. There are many things to iron out, starting with not having to manually launchvncserver each time I start a VM. I hope that this will help someone and I’m happy to discuss improvements.
