tstest/natlab/vmtest: add macOS VM support using Tart base images

Add macOS VM support to the vmtest framework using Tart's pre-built
macOS images (ghcr.io/cirruslabs/macos-tahoe-base) instead of building
from IPSW. The Tart image has SIP disabled and SSH enabled.

At test time, the Tart base image's disk, NVRAM, and hardware identity
are APFS-cloned into a tailmac-compatible directory layout, and the VM
is booted headlessly via tailmac's Host.app (Virtualization.framework)
with its NIC connected to vnet's dgram socket.

New features:
- tailmac.go: ensureTartImage (auto-pull), cloneTartToTailmac (format
  conversion), startTailMacVM (launch + cleanup)
- NoAgent() node option for VMs without TTA installed
- LANPing() for ICMP reachability testing via TTA's /ping endpoint
- IsMacOS field on OSImage, with GOOS/GOARCH support
- Dgram socket listener in Start() for macOS VMs
- Fix ReadFromUnix error spam on dgram socket close in vnet

TestMacOSAndLinuxCanPing verifies a macOS Tart VM and a gokrazy Linux
VM can ping each other on the same vnet LAN.

Updates #13038

Change-Id: I5e73a27878abf009f780fdf11a346fc857711cff
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick
2026-04-28 12:10:45 -07:00
committed by Brad Fitzpatrick
parent ec7b11d986
commit b2d4ba04b6
5 changed files with 408 additions and 17 deletions
+16
View File
@@ -26,10 +26,14 @@ type OSImage struct {
SHA256 string // expected SHA256 hash of the image (of the final qcow2, after any decompression)
MemoryMB int // RAM for the VM
IsGokrazy bool // true for gokrazy images (different QEMU setup)
IsMacOS bool // true for macOS images (launched via tailmac, not QEMU)
}
// GOOS returns the Go OS name for this image.
func (img OSImage) GOOS() string {
if img.IsMacOS {
return "darwin"
}
if img.IsGokrazy {
return "linux"
}
@@ -41,6 +45,9 @@ func (img OSImage) GOOS() string {
// GOARCH returns the Go architecture name for this image.
func (img OSImage) GOARCH() string {
if img.IsMacOS {
return "arm64"
}
return "amd64"
}
@@ -73,6 +80,15 @@ var (
URL: "https://download.freebsd.org/releases/VM-IMAGES/15.0-RELEASE/amd64/Latest/FreeBSD-15.0-RELEASE-amd64-BASIC-CLOUDINIT-ufs.qcow2.xz",
MemoryMB: 1024,
}
// MacOS is a macOS VM launched via tailmac (Apple Virtualization.framework).
// Uses a Tart pre-built base image (ghcr.io/cirruslabs/macos-tahoe-base)
// which is automatically pulled on first use. Only runs on macOS arm64 hosts.
MacOS = OSImage{
Name: "macos",
IsMacOS: true,
MemoryMB: 4096,
}
)
// imageCacheDir returns the directory for cached VM images.