vmm: add QEMU kernel config and build script

[KairusZhang]

Add qemu kernel vmlinux.bin created build.sh file.

[gemini-code-assist]

Summary of Changes

Hello @KairusZhang, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces foundational changes to support QEMU-based virtual machine management by providing a dedicated script to build a custom Linux kernel image (vmlinux.bin). Concurrently, an existing example container script is updated to run with an unconfined AppArmor profile, which is crucial for integrating and testing the new kernel within a containerized environment. These updates aim to streamline the setup and execution of virtualized environments.

Highlights

• New QEMU Kernel Build Script: A new shell script, build.sh, has been added to automate the process of cloning, configuring, and building a Linux kernel (vmlinux.bin) specifically tailored for QEMU. This script fetches a specified kernel version (defaulting to 6.12) and enables essential modules for virtualization.
• Container Security Context Update: The run_example_container.sh script has been modified to include "apparmor_profile": "unconfined" within the security context of the container configuration. This change likely facilitates testing or operation with the newly built QEMU kernel by relaxing AppArmor restrictions.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a build script for a QEMU kernel and updates an example script. The new build script, vmm/scripts/kernel/qemu/build.sh, contains a critical issue with an invalid git URL and also misses the installation of necessary build dependencies, which will cause it to fail. I've provided suggestions to fix these issues and to improve the script's robustness and style. Additionally, a change in examples/run_example_container.sh disables AppArmor, and I've noted the security implications of this change.

[kevin-wangzefeng]

@KairusZhang the DCO check is failing, could you fix it?
Ref: https://github.com/kuasar-io/kuasar/pull/219/checks?check_run_id=53728684151

[KairusZhang]

@KairusZhang the DCO check is failing, could you fix it? Ref: https://github.com/kuasar-io/kuasar/pull/219/checks?check_run_id=53728684151

Yes, I had resubmmit the commit with the signature for sha:5235ef3.

[HITweihailiuxu]

This is the resubmission by #214

[HITweihailiuxu]

/lgtm

[KairusZhang]

yes

[KairusZhang]

@gemini-code-assist thanks, addressed with custom profile.

[gemini-code-assist]

You're welcome, @KairusZhang! I'm glad to hear that the custom profile (referring to the apparmor_profile: unconfined change) has been addressed. Keep up the great work!

[KairusZhang]

@kevin-wangzefeng @HITweihailiuxu

All Gemini feedback addressed and Outdated comments resolved.
AppArmor unconfined removed for security.
Build script now robust with dependencies and error handling.

Ready to merge! PTAL

[KairusZhang]

ok,finished it

[kevin-wangzefeng]

LGTM, thanks