neoagent 2.3.1-beta.84 → 2.3.1-beta.86

package/server/services/runtime/qemu.js

@@ -1,4 +1,5 @@
 const fs = require('fs');
+const crypto = require('crypto');
 const http = require('http');
 const https = require('https');
 const net = require('net');
@@ -8,23 +9,15 @@ const { spawn, spawnSync } = require('child_process');
 const { DATA_DIR } = require('../../../runtime/paths');
 const { ensureGuestBootstrapSeed } = require('./guest_bootstrap');
 
+const REPO_ROOT = path.resolve(__dirname, '../../..');
 const VM_ROOT = path.join(DATA_DIR, 'runtime-vms');
-const BASE_IMAGE_CACHE_ROOT = path.join(VM_ROOT, 'base-images');
-const REPO_ROOT = path.resolve(__dirname, '../../../');
-const HOST_SHARE_ROOT = path.join(VM_ROOT, 'host-share');
 fs.mkdirSync(VM_ROOT, { recursive: true });
-fs.mkdirSync(BASE_IMAGE_CACHE_ROOT, { recursive: true });
 
 const DEFAULT_UBUNTU_BASE_IMAGE_URLS = Object.freeze({
   x64: 'https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.img',
   arm64: 'https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-arm64.img',
 });
 
-const HOST_SHARE_LINKS = [
-  { name: 'server', source: path.join(REPO_ROOT, 'server') },
-  { name: 'runtime', source: path.join(REPO_ROOT, 'runtime') },
-];
-
 const QEMU_SHARE_ROOT_CANDIDATES = [
   path.resolve(process.execPath, '..', '..', 'share', 'qemu'),
   path.resolve(process.execPath, '..', '..', '..', 'share', 'qemu'),
@@ -34,10 +27,7 @@ const QEMU_SHARE_ROOT_CANDIDATES = [
 ];
 
 function guestArchForHost() {
-  if (process.arch === 'arm64' || process.arch === 'x64') {
-    return process.arch;
-  }
-  return 'x64';
+  return process.arch === 'arm64' ? 'arm64' : 'x64';
 }
 
 function resolveQemuBinary({ arch = guestArchForHost(), platform = process.platform } = {}) {
@@ -70,6 +60,67 @@ function isHttpUrl(value) {
   return /^https?:\/\//i.test(candidate);
 }
 
+function generateGuestToken() {
+  return crypto.randomBytes(32).toString('hex');
+}
+
+function computeRuntimeTemplateSignature(guestArch, runtimeProfile = 'browser_cli') {
+  const hash = crypto.createHash('sha256');
+  const normalizedProfile = runtimeProfile === 'android' ? 'android' : 'browser_cli';
+  const trackedFiles = normalizedProfile === 'android'
+    ? [
+      'server/guest-agent.android.package.json',
+      'server/guest_agent.js',
+      'server/services/android/controller.js',
+      'server/services/cli/executor.js',
+      'server/services/runtime/guest_bootstrap.js',
+      'runtime/env.js',
+      'runtime/paths.js',
+    ]
+    : [
+      'server/guest-agent.browser.package.json',
+      'server/guest_agent.js',
+      'server/services/browser/controller.js',
+      'server/services/cli/executor.js',
+      'server/services/runtime/guest_bootstrap.js',
+      'runtime/env.js',
+      'runtime/paths.js',
+    ];
+
+  hash.update(String(guestArch || 'x64'));
+  hash.update('\0');
+  hash.update(normalizedProfile);
+  for (const relativePath of trackedFiles) {
+    const filePath = path.join(REPO_ROOT, relativePath);
+    hash.update('\0');
+    hash.update(relativePath);
+    hash.update('\0');
+    try {
+      hash.update(fs.readFileSync(filePath));
+    } catch (error) {
+      hash.update(`missing:${error?.code || 'unknown'}`);
+    }
+  }
+
+  return hash.digest('hex');
+}
+
+function resolveGuestToken(userRoot) {
+  const tokenPath = path.join(userRoot, 'guest-token.txt');
+  try {
+    const existing = String(fs.readFileSync(tokenPath, 'utf8') || '').trim();
+    if (existing.length >= 32) {
+      return existing;
+    }
+  } catch {}
+
+  const candidate = String(process.env.NEOAGENT_VM_GUEST_TOKEN || '').trim();
+  const token = candidate.length >= 32 ? candidate : generateGuestToken();
+  fs.mkdirSync(path.dirname(tokenPath), { recursive: true });
+  fs.writeFileSync(tokenPath, `${token}\n`, { mode: 0o600 });
+  return token;
+}
+
 function downloadFile(sourceUrl, destinationPath, redirectCount = 0) {
   return new Promise((resolve, reject) => {
     if (redirectCount > 5) {
@@ -167,37 +218,6 @@ function resolveQemuShareRoot() {
   return null;
 }
 
-function ensureHostShareRoot() {
-  fs.mkdirSync(HOST_SHARE_ROOT, { recursive: true });
-
-  for (const entry of HOST_SHARE_LINKS) {
-    const sourcePath = path.resolve(entry.source);
-    if (!fs.existsSync(sourcePath)) {
-      throw new Error(`Host share source is missing: ${sourcePath}`);
-    }
-
-    const linkPath = path.join(HOST_SHARE_ROOT, entry.name);
-    let needsLink = true;
-    if (fs.existsSync(linkPath)) {
-      try {
-        const resolved = fs.realpathSync.native ? fs.realpathSync.native(linkPath) : fs.realpathSync(linkPath);
-        needsLink = resolved !== sourcePath;
-      } catch {
-        needsLink = true;
-      }
-      if (needsLink) {
-        fs.rmSync(linkPath, { recursive: true, force: true });
-      }
-    }
-
-    if (needsLink) {
-      fs.symlinkSync(sourcePath, linkPath, process.platform === 'win32' ? 'junction' : 'dir');
-    }
-  }
-
-  return HOST_SHARE_ROOT;
-}
-
 function resolveAarch64FirmwarePaths() {
   const shareRoot = resolveQemuShareRoot();
   if (!shareRoot) {
@@ -261,8 +281,6 @@ function buildQemuArgs({
   cpus = 2,
   arch = guestArchForHost(),
   platform = process.platform,
-  hostShareRoot = null,
-  hostDataRoot = null,
   seedPath = null,
   seedIsRaw = false,
   consoleLogPath = null,
@@ -281,42 +299,29 @@ function buildQemuArgs({
   } else {
     args.push('-machine', `q35,accel=${accel}`);
     if (platform !== 'win32') {
-      args.push('-cpu', process.arch === arch ? 'host' : 'max');
+      args.push('-cpu', process.arch === arch ? 'host' : 'qemu64');
     }
   }
 
+  const isMmio = arch === 'arm64';
+  const blkDev = isMmio ? 'virtio-blk-device' : 'virtio-blk-pci';
+  const netDev = isMmio ? 'virtio-net-device' : 'virtio-net-pci';
+  const p9Dev = isMmio ? 'virtio-9p-device' : 'virtio-9p-pci';
+
   // OS disk — always first boot candidate
   args.push(
     '-drive', `if=none,id=os,file=${imagePath},format=qcow2`,
-    '-device', 'virtio-blk-pci,drive=os,bootindex=1',
+    '-device', `${blkDev},drive=os,bootindex=1`,
     '-netdev', `user,id=net0,hostfwd=tcp:127.0.0.1:${sshPort}-:22,hostfwd=tcp:127.0.0.1:${agentPort}-:8421`,
-    '-device', 'virtio-net-pci,netdev=net0',
+    '-device', `${netDev},netdev=net0`,
   );
 
-  if (hostShareRoot) {
-    const id = 'fsdev-host';
-    const deviceType = arch === 'arm64' ? 'virtio-9p-pci,disable-legacy=on,disable-modern=off,romfile=' : 'virtio-9p-pci';
-    args.push(
-      '-fsdev', `local,path=${hostShareRoot},id=${id},security_model=none,readonly=on`,
-      '-device', `${deviceType},fsdev=${id},mount_tag=neoagent-host`,
-    );
-  }
-
-  if (hostDataRoot) {
-    const id = 'fsdev-data';
-    const deviceType = arch === 'arm64' ? 'virtio-9p-pci,disable-legacy=on,disable-modern=off,romfile=' : 'virtio-9p-pci';
-    args.push(
-      '-fsdev', `local,path=${hostDataRoot},id=${id},security_model=none`,
-      '-device', `${deviceType},fsdev=${id},mount_tag=neoagent-data`,
-    );
-  }
-
   if (seedPath) {
     if (seedIsRaw) {
       // Raw FAT image — attach as a plain virtio block device
       args.push(
         '-drive', `if=none,id=cidata,file=${seedPath},format=raw,readonly=on`,
-        '-device', 'virtio-blk-pci,drive=cidata',
+        '-device', `${blkDev},drive=cidata`,
       );
     } else if (arch === 'arm64') {
       // ARM virt machine has no IDE controller; use virtio-scsi for the seed ISO
@@ -388,6 +393,135 @@ function allocatePort() {
   });
 }
 
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+async function waitForPath(targetPath, timeoutMs, intervalMs = 1000) {
+  const startedAt = Date.now();
+  while (Date.now() - startedAt < timeoutMs) {
+    if (fs.existsSync(targetPath)) {
+      return true;
+    }
+    await sleep(intervalMs);
+  }
+  return fs.existsSync(targetPath);
+}
+
+function writeLockMetadata(lockDir) {
+  try {
+    fs.writeFileSync(
+      path.join(lockDir, 'owner.json'),
+      JSON.stringify({ pid: process.pid, createdAt: new Date().toISOString() }, null, 2),
+      'utf8',
+    );
+  } catch {}
+}
+
+function readLockMetadata(lockDir) {
+  try {
+    return JSON.parse(fs.readFileSync(path.join(lockDir, 'owner.json'), 'utf8'));
+  } catch {
+    return null;
+  }
+}
+
+function isPidAlive(pid) {
+  if (!Number.isInteger(pid) || pid <= 0) {
+    return false;
+  }
+  try {
+    process.kill(pid, 0);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+async function requestGuestAgent(baseUrl, token, pathname, body, options = {}) {
+  const controller = new AbortController();
+  const timeoutMs = Math.max(1000, Number(options.timeoutMs || 5000));
+  const timer = setTimeout(() => {
+    controller.abort(new Error(`Request timed out after ${timeoutMs} ms.`));
+  }, timeoutMs);
+  try {
+    const response = await fetch(`${String(baseUrl || '').replace(/\/+$/, '')}${pathname}`, {
+      method: body === undefined ? 'GET' : 'POST',
+      headers: {
+        'content-type': 'application/json',
+        ...(token ? { authorization: `Bearer ${token}` } : {}),
+      },
+      body: body === undefined ? undefined : JSON.stringify(body),
+      signal: controller.signal,
+    });
+    const contentType = response.headers.get('content-type') || '';
+    const payload = contentType.includes('application/json')
+      ? await response.json().catch(() => ({}))
+      : { text: await response.text().catch(() => '') };
+    if (!response.ok) {
+      const detail = payload?.error || payload?.text || `Runtime request failed: ${response.status}`;
+      throw new Error(detail);
+    }
+    return payload;
+  } finally {
+    clearTimeout(timer);
+  }
+}
+
+async function waitForGuestAgentHealth(baseUrl, token, options = {}) {
+  const timeoutMs = Math.max(1000, Number(options.timeoutMs || 5 * 60 * 1000));
+  const intervalMs = Math.max(250, Number(options.intervalMs || 1000));
+  const checkLiveness = options.checkLiveness || (() => true);
+  const startedAt = Date.now();
+  let lastError = null;
+
+  while (Date.now() - startedAt < timeoutMs) {
+    if (!checkLiveness()) {
+      throw new Error('Guest runtime process exited unexpectedly during bootstrap.');
+    }
+    try {
+      const health = await requestGuestAgent(baseUrl, token, '/health', undefined, { timeoutMs: 2000 });
+      if (health?.status === 'ok') {
+        return health;
+      }
+      lastError = new Error('Guest agent health check returned a non-ok status.');
+    } catch (error) {
+      lastError = error;
+    }
+    await sleep(intervalMs);
+  }
+
+  throw new Error(`Timed out waiting for guest agent health: ${lastError?.message || 'unknown error'}`);
+}
+
+async function waitForGuestMarker(baseUrl, token, markerPath, options = {}) {
+  const timeoutMs = Math.max(1000, Number(options.timeoutMs || 15 * 60 * 1000));
+  const intervalMs = Math.max(250, Number(options.intervalMs || 2000));
+  const checkLiveness = options.checkLiveness || (() => true);
+  const startedAt = Date.now();
+  let lastError = null;
+
+  while (Date.now() - startedAt < timeoutMs) {
+    if (!checkLiveness()) {
+      throw new Error('Guest runtime process exited unexpectedly while waiting for guest marker.');
+    }
+    try {
+      const result = await requestGuestAgent(baseUrl, token, '/exec', {
+        command: `test -f ${JSON.stringify(String(markerPath || ''))} && printf ready || printf pending`,
+        timeout: 15000,
+      }, { timeoutMs: 20000 });
+      if (String(result?.stdout || '').trim() === 'ready') {
+        return true;
+      }
+    } catch (error) {
+      lastError = error;
+    }
+    await sleep(intervalMs);
+  }
+
+  throw new Error(`Timed out waiting for guest marker ${markerPath}: ${lastError?.message || 'unknown error'}`);
+}
+
 function ensureUserVmDisk(userRoot, baseImagePath) {
   fs.mkdirSync(userRoot, { recursive: true });
   const diskPath = path.join(userRoot, 'disk.qcow2');
@@ -455,9 +589,22 @@ function formatReadinessIssues(readiness) {
   return issues.length > 0 ? issues : ['VM runtime is unavailable on this host.'];
 }
 
+function readTemplateReadyMetadata(readySentinelPath) {
+  try {
+    const parsed = JSON.parse(fs.readFileSync(readySentinelPath, 'utf8'));
+    if (parsed && typeof parsed === 'object') {
+      return parsed;
+    }
+  } catch {}
+  return null;
+}
+
 class QemuVmManager {
   constructor(options = {}) {
-    this.rootDir = path.resolve(options.rootDir || VM_ROOT);
+    this.runtimeProfile = options.runtimeProfile === 'android' ? 'android' : 'browser_cli';
+    this.rootDir = path.resolve(options.rootDir || path.join(VM_ROOT, this.runtimeProfile));
+    this.baseImageCacheRoot = path.resolve(options.baseImageCacheRoot || path.join(this.rootDir, 'base-images'));
+    this.templateRootDir = path.resolve(options.templateRootDir || path.join(this.rootDir, 'templates'));
     this.baseImagePath = options.baseImagePath || process.env.NEOAGENT_VM_BASE_IMAGE || '';
     this.guestArch = options.guestArch || guestArchForHost();
     this.baseImageUrl = normalizeBaseImageUrlForArch(
@@ -468,7 +615,18 @@ class QemuVmManager {
     this.cpus = Number(options.cpus || process.env.NEOAGENT_VM_CPUS || 2);
     this.instances = new Map();
     this.baseImagePromise = null;
+    this.runtimeTemplatePromise = null;
+    this.warmupEnabled = options.warmup === true;
     fs.mkdirSync(this.rootDir, { recursive: true });
+    fs.mkdirSync(this.baseImageCacheRoot, { recursive: true });
+    fs.mkdirSync(this.templateRootDir, { recursive: true });
+    if (this.warmupEnabled) {
+      setTimeout(() => {
+        this.ensureRuntimeTemplateAvailable().catch((error) => {
+          console.warn(`[VM:${this.runtimeProfile}] Background runtime template warmup failed: ${error.message}`);
+        });
+      }, 0);
+    }
   }
 
   getBaseImageCachePath() {
@@ -477,7 +635,7 @@ class QemuVmManager {
     }
     const parsed = new URL(this.baseImageUrl);
     const filename = path.basename(parsed.pathname || '') || `${this.guestArch}-base.img`;
-    return path.join(BASE_IMAGE_CACHE_ROOT, filename);
+    return path.join(this.baseImageCacheRoot, filename);
   }
 
   resolveBaseImagePath() {
@@ -516,6 +674,217 @@ class QemuVmManager {
     return this.baseImagePromise;
   }
 
+  getRuntimeTemplateRoot() {
+    return path.join(this.templateRootDir, this.guestArch);
+  }
+
+  getRuntimeTemplateDiskPath() {
+    return path.join(this.getRuntimeTemplateRoot(), 'disk.qcow2');
+  }
+
+  getRuntimeTemplateLockDir() {
+    return `${this.getRuntimeTemplateRoot()}.lock`;
+  }
+
+  getRuntimeTemplateReadyMarker() {
+    return this.runtimeProfile === 'android'
+      ? '/var/lib/neoagent/bootstrap-complete'
+      : '/var/lib/neoagent/browser-runtime-ready';
+  }
+
+  getRuntimeTemplateSignature() {
+    return computeRuntimeTemplateSignature(this.guestArch, this.runtimeProfile);
+  }
+
+  async ensureRuntimeTemplateAvailable() {
+    const readyDiskPath = this.getRuntimeTemplateDiskPath();
+    const readySentinelPath = path.join(this.getRuntimeTemplateRoot(), '.runtime-template-ready');
+    const readyMetadata = readTemplateReadyMetadata(readySentinelPath);
+    if (
+      fs.existsSync(readyDiskPath)
+      && readyMetadata
+      && readyMetadata.signature === this.getRuntimeTemplateSignature()
+    ) {
+      return readyDiskPath;
+    }
+    if (!this.runtimeTemplatePromise) {
+      this.runtimeTemplatePromise = this.#ensureRuntimeTemplateAvailableWithLock().finally(() => {
+        this.runtimeTemplatePromise = null;
+      });
+    }
+    return this.runtimeTemplatePromise;
+  }
+
+  async #ensureRuntimeTemplateAvailableWithLock() {
+    const readyDiskPath = this.getRuntimeTemplateDiskPath();
+    const readySentinelPath = path.join(this.getRuntimeTemplateRoot(), '.runtime-template-ready');
+    const lockDir = this.getRuntimeTemplateLockDir();
+    const acquireStartedAt = Date.now();
+    const expectedSignature = this.getRuntimeTemplateSignature();
+
+    while (true) {
+      const readyMetadata = readTemplateReadyMetadata(readySentinelPath);
+      if (
+        fs.existsSync(readyDiskPath)
+        && readyMetadata
+        && readyMetadata.signature === expectedSignature
+      ) {
+        return readyDiskPath;
+      }
+
+      try {
+        fs.mkdirSync(lockDir, { recursive: false });
+        writeLockMetadata(lockDir);
+        try {
+          if (fs.existsSync(readyDiskPath) && fs.existsSync(readySentinelPath)) {
+            return readyDiskPath;
+          }
+          return await this.#buildRuntimeTemplate();
+        } finally {
+          fs.rmSync(lockDir, { recursive: true, force: true });
+        }
+      } catch (error) {
+        if (error?.code !== 'EEXIST') {
+          throw error;
+        }
+      }
+
+      const lockStats = fs.existsSync(lockDir) ? fs.statSync(lockDir) : null;
+      const lockMetadata = readLockMetadata(lockDir);
+      const lockAgeMs = lockStats ? Date.now() - lockStats.mtimeMs : 0;
+      const staleLock = lockAgeMs > 45 * 60 * 1000 || (lockMetadata?.pid && !isPidAlive(lockMetadata.pid));
+      if (staleLock) {
+        fs.rmSync(lockDir, { recursive: true, force: true });
+        continue;
+      }
+
+      if (Date.now() - acquireStartedAt > 30 * 60 * 1000) {
+        throw new Error('Timed out waiting for the shared runtime template build lock.');
+      }
+
+      await sleep(2000);
+    }
+  }
+
+  async #buildRuntimeTemplate() {
+    const templateRoot = this.getRuntimeTemplateRoot();
+    const templateDiskPath = this.getRuntimeTemplateDiskPath();
+    const readyMarkerPath = this.getRuntimeTemplateReadyMarker();
+    const readySentinelPath = path.join(templateRoot, '.runtime-template-ready');
+    const templateSignature = this.getRuntimeTemplateSignature();
+
+    fs.mkdirSync(templateRoot, { recursive: true });
+
+    const baseImagePath = await this.ensureBaseImageAvailable();
+    const diskPath = ensureUserVmDisk(templateRoot, baseImagePath);
+    const guestToken = resolveGuestToken(templateRoot);
+    const bootstrap = ensureGuestBootstrapSeed({
+      userRoot: templateRoot,
+      guestToken,
+      guestArch: this.guestArch,
+      runtimeMode: 'template',
+      runtimeProfile: this.runtimeProfile,
+    });
+    const consoleLogPath = path.join(templateRoot, 'console.log');
+    const firmware = this.guestArch === 'arm64'
+      ? resolveAarch64FirmwarePaths()
+      : resolveX86_64FirmwarePaths();
+    const firmwareVarsPath = firmware ? path.join(templateRoot, 'uefi-vars.fd') : null;
+    if (firmware && !fs.existsSync(firmwareVarsPath)) {
+      fs.copyFileSync(firmware.varsTemplatePath, firmwareVarsPath);
+    }
+    const agentPort = await allocatePort();
+    const sshPort = await allocatePort();
+    const qemuBinary = resolveQemuBinary({ arch: this.guestArch });
+    const qemuBinaryPath = resolveCommandPath(qemuBinary) || qemuBinary;
+    const args = buildQemuArgs({
+      imagePath: diskPath,
+      sshPort,
+      agentPort,
+      memoryMb: this.memoryMb,
+      cpus: this.cpus,
+      arch: this.guestArch,
+      seedPath: bootstrap.seedImagePath || bootstrap.isoPath,
+      seedIsRaw: Boolean(bootstrap.seedImagePath && bootstrap.seedImagePath.endsWith('.img')),
+      consoleLogPath,
+      firmwareCodePath: firmware?.codePath || null,
+      firmwareVarsPath,
+    });
+
+    console.log(`[VM:${this.runtimeProfile}] Building runtime template for ${this.guestArch}: ${qemuBinaryPath} ${args.join(' ')}`);
+    const child = spawn(qemuBinaryPath, args, {
+      cwd: templateRoot,
+      detached: process.platform !== 'win32',
+      stdio: ['ignore', 'ignore', 'pipe'],
+    });
+
+    let stderrText = '';
+    child.stderr.on('data', (chunk) => {
+      stderrText += chunk.toString('utf8');
+    });
+
+    const baseUrl = `http://127.0.0.1:${agentPort}`;
+    const checkLiveness = () => isPidAlive(child.pid);
+    try {
+      await waitForGuestAgentHealth(baseUrl, guestToken, {
+        timeoutMs: 30 * 60 * 1000,
+        intervalMs: 1000,
+        checkLiveness,
+      });
+      await waitForGuestMarker(baseUrl, guestToken, readyMarkerPath, {
+        timeoutMs: 45 * 60 * 1000,
+        intervalMs: 2000,
+        checkLiveness,
+      });
+      try {
+        await requestGuestAgent(baseUrl, guestToken, '/exec', {
+          command: [
+            'cloud-init clean --logs --seed --machine-id || true',
+            'rm -rf /var/lib/cloud/instances/* /var/lib/cloud/seed/* || true',
+            'rm -f /var/lib/neoagent/bootstrap-complete /var/lib/neoagent/browser-runtime-ready || true',
+            'rm -f /var/lib/systemd/random-seed || true',
+            'truncate -s 0 /etc/machine-id || true',
+            'sync',
+          ].join('; '),
+          timeout: 120000,
+        }, { timeoutMs: 120000 });
+      } catch (cleanupError) {
+        console.warn(`[VM:${this.runtimeProfile}] Template cleanup after bootstrap failed: ${cleanupError.message}`);
+      }
+      fs.writeFileSync(
+        readySentinelPath,
+        JSON.stringify({
+          signature: templateSignature,
+          runtimeProfile: this.runtimeProfile,
+          guestArch: this.guestArch,
+          builtAt: new Date().toISOString(),
+        }, null, 2),
+        'utf8',
+      );
+    } finally {
+      try {
+        if (process.platform === 'win32') {
+          spawnSync('taskkill', ['/F', '/T', '/PID', child.pid]);
+        } else {
+          process.kill(-child.pid, 'SIGKILL');
+        }
+      } catch {
+        try {
+          child.kill('SIGKILL');
+        } catch {}
+      }
+    }
+
+    if (!fs.existsSync(templateDiskPath)) {
+      throw new Error('Runtime template disk was not created.');
+    }
+    return templateDiskPath;
+  }
+
+  async ensureRuntimeImageAvailable() {
+    return this.ensureRuntimeTemplateAvailable();
+  }
+
   isConfigured() {
     return this.getReadiness().ready;
   }
@@ -564,18 +933,16 @@ class QemuVmManager {
     }
 
     const userRoot = path.join(this.rootDir, key, this.guestArch);
-    const baseImagePath = await this.ensureBaseImageAvailable();
+    const baseImagePath = await this.ensureRuntimeImageAvailable();
     const diskPath = ensureUserVmDisk(userRoot, baseImagePath);
-    const guestToken = String(process.env.NEOAGENT_VM_GUEST_TOKEN || '').trim();
-    if (!guestToken) {
-      throw new Error('NEOAGENT_VM_GUEST_TOKEN is required to bootstrap the guest runtime.');
-    }
+    const guestToken = resolveGuestToken(userRoot);
     const bootstrap = ensureGuestBootstrapSeed({
       userRoot,
       guestToken,
       guestArch: this.guestArch,
+      runtimeMode: 'user',
+      runtimeProfile: this.runtimeProfile,
     });
-    const guestDataRoot = path.join(userRoot, 'guest-data');
     const consoleLogPath = path.join(userRoot, 'console.log');
     const firmware = this.guestArch === 'arm64'
       ? resolveAarch64FirmwarePaths()
@@ -597,12 +964,10 @@ class QemuVmManager {
         throw new Error(`Failed to copy firmware vars template: ${detail}`);
       }
     }
-    fs.mkdirSync(guestDataRoot, { recursive: true });
     const agentPort = await allocatePort();
     const sshPort = await allocatePort();
     const qemuBinary = resolveQemuBinary({ arch: this.guestArch });
     const qemuBinaryPath = resolveCommandPath(qemuBinary) || qemuBinary;
-    const hostShareRoot = ensureHostShareRoot();
     const args = buildQemuArgs({
       imagePath: diskPath,
       sshPort,
@@ -610,8 +975,6 @@ class QemuVmManager {
       memoryMb: this.memoryMb,
       cpus: this.cpus,
       arch: this.guestArch,
-      hostShareRoot,
-      hostDataRoot: guestDataRoot,
       seedPath: bootstrap.seedImagePath || bootstrap.isoPath,
       seedIsRaw: Boolean(bootstrap.seedImagePath && bootstrap.seedImagePath.endsWith('.img')),
       consoleLogPath,
@@ -619,7 +982,7 @@ class QemuVmManager {
       firmwareVarsPath,
     });
 
-    console.log(`[VM] Starting QEMU for user ${key} (${this.guestArch}): ${qemuBinaryPath} ${args.join(' ')}`);
+    console.log(`[VM:${this.runtimeProfile}] Starting QEMU for user ${key} (${this.guestArch}): ${qemuBinaryPath} ${args.join(' ')}`);
     const child = spawn(qemuBinaryPath, args, {
       cwd: userRoot,
       detached: process.platform !== 'win32',
@@ -656,17 +1019,22 @@ class QemuVmManager {
       }
     });
     child.on('exit', () => {
-      this.instances.delete(key);
+      const current = this.instances.get(key);
+      if (current?.process === child) {
+        this.instances.delete(key);
+      }
     });
 
     const session = {
       userId: key,
+      runtimeProfile: this.runtimeProfile,
       process: child,
       qemuBinary,
       qemuArgs: args,
       guestArch: this.guestArch,
       userRoot,
       diskPath,
+      guestToken,
       agentPort,
       sshPort,
       baseUrl: `http://127.0.0.1:${agentPort}`,
@@ -687,12 +1055,36 @@ class QemuVmManager {
     if (!session) return;
 
     try {
+      try {
+        await requestGuestAgent(session.baseUrl, session.guestToken, '/browser/close', {}, { timeoutMs: 10000 });
+      } catch {}
+      try {
+        await requestGuestAgent(session.baseUrl, session.guestToken, '/android/stop', {}, { timeoutMs: 10000 });
+      } catch {}
+      try {
+        await requestGuestAgent(session.baseUrl, session.guestToken, '/exec', {
+          command: 'sync || true',
+          timeout: 15000,
+        }, { timeoutMs: 20000 });
+      } catch {}
+
       if (process.platform === 'win32') {
-        spawnSync('taskkill', ['/F', '/T', '/PID', session.process.pid]);
+        spawnSync('taskkill', ['/T', '/PID', session.process.pid]);
       } else {
-        process.kill(-session.process.pid, 'SIGKILL');
+        process.kill(-session.process.pid, 'SIGTERM');
+      }
+      const shutdownStartedAt = Date.now();
+      while (isPidAlive(session.process.pid) && Date.now() - shutdownStartedAt < 10000) {
+        await sleep(250);
+      }
+      if (isPidAlive(session.process.pid)) {
+        if (process.platform === 'win32') {
+          spawnSync('taskkill', ['/F', '/T', '/PID', session.process.pid]);
+        } else {
+          process.kill(-session.process.pid, 'SIGKILL');
+        }
       }
-    } catch (err) {
+    } catch {
       try {
         session.process.kill('SIGKILL');
       } catch {}
@@ -712,7 +1104,6 @@ class QemuVmManager {
 }
 
 module.exports = {
-  BASE_IMAGE_CACHE_ROOT,
   DEFAULT_UBUNTU_BASE_IMAGE_URLS,
   QemuVmManager,
   VM_ROOT,