refactor: migrate ephemeral VMs to CPIO initrd and default to MicroVM execution

Infrastructure Changes:
- Switch from ext4 rootfs to CPIO initrd for ephemeral VMs
- Use home directory paths (~/.osvm/) for kernel and rootfs
- Copy mcp-server.cpio to temp directory for VM execution
- Remove ext4 drive configuration in favor of initrd boot

Execution Mode Updates:
- Change default execution mode from Unikernel to MicroVM
- Update all default configurations to use Firecracker MicroVM
- Better balance between security and performance

Build Configuration:
- Add workspace section to mcp_vsock_wrapper/Cargo.toml

Testing:
- cargo check passes successfully
- No breaking changes to public API

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

Author: 0xrinegade

guest/mcp_vsock_wrapper/Cargo.toml

@@ -20,3 +20,4 @@ strip = true
 opt-level = "z"
 lto = true
 codegen-units = 1
+[workspace]

src/services/ephemeral_microvm.rs

@@ -71,8 +71,12 @@ impl Default for EphemeralVmConfig {
             memory_mb: DEFAULT_EPHEMERAL_MEMORY_MB,
             cpus: DEFAULT_EPHEMERAL_CPUS,
             timeout_secs: DEFAULT_TOOL_TIMEOUT_SECS,
-            kernel_path: PathBuf::from("/usr/share/osvm/vmlinux"),
-            rootfs_path: PathBuf::from("/usr/share/osvm/rootfs.ext4"),
+            kernel_path: dirs::home_dir()
+                .map(|h| h.join(".osvm/kernel/vmlinux.bin"))
+                .unwrap_or_else(|| PathBuf::from("/usr/share/osvm/vmlinux")),
+            rootfs_path: dirs::home_dir()
+                .map(|h| h.join(".osvm/rootfs/osvm-runtime.ext4"))
+                .unwrap_or_else(|| PathBuf::from("/usr/share/osvm/rootfs.ext4")),
             env_vars: HashMap::new(),
             vsock_cid: NEXT_VSOCK_CID.fetch_add(1, Ordering::SeqCst),
             debug: false,
@@ -207,6 +211,33 @@ impl EphemeralVmManager {
             .await
             .context("Failed to create temp directory")?;
 
+        // Copy rootfs CPIO to temp directory
+        let rootfs_dest = temp_dir.join("rootfs.cpio");
+        let rootfs_source = config
+            .rootfs_path
+            .parent()
+            .unwrap()
+            .join("mcp-server.cpio");
+
+        debug!(
+            "Copying rootfs from {:?} to {:?}",
+            rootfs_source, rootfs_dest
+        );
+
+        let copy_result = Command::new("cp")
+            .arg(&rootfs_source)
+            .arg(&rootfs_dest)
+            .output()
+            .await
+            .context("Failed to copy rootfs")?;
+
+        if !copy_result.status.success() {
+            return Err(anyhow!(
+                "Failed to copy rootfs: {}",
+                String::from_utf8_lossy(&copy_result.stderr)
+            ));
+        }
+
         // Prepare Firecracker configuration
         let api_socket = temp_dir.join("firecracker.sock");
         let vm_config = temp_dir.join("vm_config.json");
@@ -259,23 +290,16 @@ impl EphemeralVmManager {
         config: &EphemeralVmConfig,
         temp_dir: &Path,
     ) -> Result<serde_json::Value> {
-        let rootfs_path = temp_dir.join("rootfs.ext4");
+        let initrd_path = temp_dir.join("rootfs.cpio");
 
         Ok(serde_json::json!({
             "boot-source": {
                 "kernel_image_path": config.kernel_path.to_string_lossy(),
+                "initrd_path": initrd_path.to_string_lossy(),
                 "boot_args": format!(
-                    "console=ttyS0 reboot=k panic=1 pci=off init=/usr/bin/osvm-tool-executor tool={} server={}",
-                    config.tool_name,
-                    config.server_id
+                    "console=ttyS0 reboot=k panic=1 pci=off init=/init"
                 ),
             },
-            "drives": [{
-                "drive_id": "rootfs",
-                "path_on_host": rootfs_path.to_string_lossy(),
-                "is_root_device": true,
-                "is_read_only": false,
-            }],
             "machine-config": {
                 "vcpu_count": config.cpus,
                 "mem_size_mib": config.memory_mb,

src/services/isolation_config.rs

@@ -14,9 +14,9 @@ use std::path::PathBuf;
 #[derive(Default)]
 pub enum ExecutionMode {
     /// Execute tool in ephemeral unikernel (high security, ~100ms overhead)
-    #[default]
     Unikernel,
-    /// Execute tool directly in microVM (lower security, minimal overhead)
+    /// Execute tool directly in microVM (Firecracker - preferred approach)
+    #[default]
     MicroVM,
 }
 
@@ -62,7 +62,7 @@ fn default_vcpus() -> u32 {
 impl Default for ToolConfig {
     fn default() -> Self {
         Self {
-            execution_mode: ExecutionMode::Unikernel,
+            execution_mode: ExecutionMode::MicroVM,  // Use Firecracker MicroVM by default
             unikernel_image: None,
             mounts: Vec::new(),
             memory_mb: default_memory_mb(),
@@ -142,7 +142,7 @@ fn default_unikernel_dir() -> String {
 impl Default for IsolationConfig {
     fn default() -> Self {
         Self {
-            default_execution_mode: ExecutionMode::Unikernel,
+            default_execution_mode: ExecutionMode::MicroVM,  // Use Firecracker MicroVM by default
             unikernel_dir: default_unikernel_dir(),
             mcp_servers: HashMap::new(),
         }

src/services/mcp_service.rs

@@ -384,7 +384,7 @@ impl McpService {
             microvm_launcher,
             mcp_server_microvms: HashMap::new(),
             ephemeral_vm_manager: EphemeralVmManager::new(false),
-            use_ephemeral_vms: true, // Enable ephemeral VMs by default
+            use_ephemeral_vms: true, // Enable ephemeral VMs - vsock now configured
         }
     }