Alex Zenla 🏳️‍⚧️
@alex.zenla.io
550 followers 630 following 620 posts
Founder & CTO @ Edera; she/her; building simple hypervisor technology for modern workloads; 26 years old Kindness and empathy matters ❤️ LinkedIn: https://linkedin.com/in/azenla/ GitHub: https://github.com/azenla Follow Edera! @edera.dev
Posts Media Videos Starter Packs
Pinned
alex.zenla.io
I am so thankful to have amazing friends where we mutually trust, communicate, and support each other.

Kindness, empathy, and communication are so important ya'll, and we need more of it than ever right now.
alex.zenla.io
the sprout logo is so cute :3
the sprout logo, it's ivy, the edera mascot, but with a little sprout out of her head
Reposted by Alex Zenla 🏳️‍⚧️
kelseyhightower.com
Maybe I'm not dreaming big enough, but everything I've convinced myself was possible, I've found a way to make it happen.
alex.zenla.io
Thank you to the folks who implemented LINUX_EFI_INITRD_MEDIA_GUID, I stand on the shoulders of giants as I make it possible for the hypervisor to use this method of passing a kernel to boot.
alex.zenla.io
Yesterday I implemented support for LINUX_EFI_INITRD_MEDIA_GUID and if you are cursed with the knowledge to know what that is, I am so sorry...
alex.zenla.io
Just think, you could put a JavaScript runtime in your bootloader! Should you do that, no... but could you do that with sprout, probably :P
alex.zenla.io
Exploring the amount of crimes you can do when your bootloader dynamically adds object sections to bootable artifacts (this was just a thought experiment)
Reposted by Alex Zenla 🏳️‍⚧️
edera.dev
Edera @edera.dev · 21h
Meet your hosts for the first RUNTIME RUMBLE webinar, just 2 days away.
Marina Moore runs containers so secure that malware refuses to run in her presence, out of respect...and fear.
@denhamparry.co.uk once mitigated a CVE while blindfolded, with his hands tied behind his back.
Register now:
Runtime Rumble Tag Team Champions: Confidential Computing meets Edera
Join us on Oct 16 at 12 PM ET for Edera's Research Scientist Marina Moore deep dive into how to combine workload isolation with confidential computing for stronger cloud security. Hosted by Staff Solu...
edera.link
alex.zenla.io
Part of the reason why it's not already Open Source is to give more of a story to it, to explain why we've built it internally as well as what to expect from it.

If there is anything I want people to take away from Sprout is that nearly every layer of a system is just code. You can modify it!
alex.zenla.io
Some future goals:

Rust-built filesystem drivers for at least ext4.
Better UKI support.
Secure Boot support (no guarantees at the moment)
Optional OCI module for loading kernels, initramfs, and other stuff as OCI images.
GRUB onramp.
Installation tool.
alex.zenla.io
Also, Sprout will be Open Source in the coming weeks :)

Just need to get around to some docs and making a pretty README and all of that.

And it will officially launch as a proper effort next month.
alex.zenla.io
The config format is subject to change early on, but that's why the version system exists :)
alex.zenla.io
Something I haven't really explained is why sprout is built off of maps/tables rather than arrays.

so it's:

[entries.abc]
title = "XYZ"

not

[[entries]]
title = "XYZ"

That's because I am aiming to make a drop-in system so you can modify things by adding files and they will merge or mask values.
alex.zenla.io
added new splash image loading during the early phase and way to search for filesystems by partition uuid :D
version = 1

[drivers.ext4]
path = "\\sprout\\ext4.efi"

[extractors.boot.filesystem-device-match]
has-partition-uuid = "70d69239-5e8d-4ca4-80c5-a3b7aadde988"

[actions.splash]
splash.image = "\\sprout\\splash.png"

[[phases.early]]
actions = ["splash"]

[generators.glass.bls]
path = "$boot\\loader\\entries"
entry.title = "$title"
entry.actions = ["chainload"]

[actions.chainload]
chainload.path = "$boot\\$chainload"
chainload.options = ["$options"]
chainload.linux-initrd = "$boot\\$initrd"
alex.zenla.io
Sprout Success! Posting from this Sprout config now :)

With this simple configuration file, you can have sprout load BLS entries (what systemd and Fedora derivatives use) automatically and present them as boot options!

I plan to make this a single line, but for now this was the easy way.
Sprout Config in TOML

version = 1

[drivers.ext4]
path = "\\sprout\\ext4.efi"

[extractors.boot.filesystem-device-match]
has-item = "\\loader\\entries"

[actions.chainload]
chainload.path = "$boot\\$chainload"
chainload.options = ["$options"]
chainload.linux-initrd = "$boot\\$initrd"

[generators.glass.bls]
path = "$boot\\loader\\entries"
entry.title = "$title"
entry.actions = ["chainload"]
alex.zenla.io
After a whole bunch of fighting with UEFI DevicePath, I managed to get sprout to boot my Fedora 43 vmlinuz and initramfs from an ext4 filesystem

Here is the configuration I used, still very much WIP: gist.github.com/azenla/c104f...
sprout-fedora.toml
GitHub Gist: instantly share code, notes, and snippets.
gist.github.com
alex.zenla.io
Most likely I'm going to add some sort of way to set values based on search criteria, somethiong like

[extractors.boot-disk.disk-uuid]
uuid = "MY_EXT4_BOOT_UUID"

then you will be able to specify a BLS path to generator like

$boot-disk\\loader\\entries

which will be scanned and generate entries
alex.zenla.io
We have ext4 working via efifs!

Now I need to design how to handle multiple filesystems, but once that works, I can move on to BLS support, and then my hope is that I can boot my Fedora install with no options but an ext4 driver, root specification, and BLS generator declaration.
alex.zenla.io
Fedora upgraded from 42 => 43
alex.zenla.io
It is more than possible to do this :D

In fact, at Edera everything, including our hypervisor, is an OCI image. We even have a format for shipping kernels and initramfs.

Give it a few weeks and we will make it happen :D
alex.zenla.io
Next on sprout: filesystem driver loading and auto detection (plus BLS support)

I'm so ready :D
alex.zenla.io
Hello from the first physical system booted via sprout :)
alex.zenla.io
Anyways, I've managed to make Linux load an initramfs that sprout preloads, which means we can start to have fun!
alex.zenla.io
UEFI programming is something I wouldn't wish upon my worst enemy