diff options
Diffstat (limited to 'nixpkgs/pkgs/applications/virtualization')
7 files changed, 43 insertions, 17 deletions
diff --git a/nixpkgs/pkgs/applications/virtualization/OVMF/default.nix b/nixpkgs/pkgs/applications/virtualization/OVMF/default.nix index 2e8c5bd1f603..4798e324141d 100644 --- a/nixpkgs/pkgs/applications/virtualization/OVMF/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/OVMF/default.nix @@ -74,7 +74,6 @@ let in assert platformSpecific ? ${cpuName}; -assert systemManagementModeRequired -> stdenv.hostPlatform.isx86; assert msVarsTemplate -> fdSize4MB; assert msVarsTemplate -> platformSpecific.${cpuName} ? msVarsArgs; diff --git a/nixpkgs/pkgs/applications/virtualization/crun/default.nix b/nixpkgs/pkgs/applications/virtualization/crun/default.nix index 72e9f18c8167..a17a115c2c59 100644 --- a/nixpkgs/pkgs/applications/virtualization/crun/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/crun/default.nix @@ -39,13 +39,13 @@ let in stdenv.mkDerivation rec { pname = "crun"; - version = "1.14.3"; + version = "1.14.4"; src = fetchFromGitHub { owner = "containers"; repo = pname; rev = version; - hash = "sha256-BsDkPwHi8nUcxw6KSrsMvVCdD6/BxVDuiBkAdv8H2xc="; + hash = "sha256-f+cG9800QKZH4+9ie97TmTbQlpLXe+z+47ptP+HgIgs="; fetchSubmodules = true; }; diff --git a/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix b/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix index 24e2d5113cfa..000bb6ee4bcd 100644 --- a/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix +++ b/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "docker-buildx"; - version = "0.12.1"; + version = "0.13.0"; src = fetchFromGitHub { owner = "docker"; repo = "buildx"; rev = "v${version}"; - hash = "sha256-QC2mlJWjOtqYAB+YrL+s2FsJ79LuLFZGOgSVGL6WmX8="; + hash = "sha256-R4+MVC8G4wNwjZtBnLFq+TBiesUYACg9c5y2CUcqHHQ="; }; doCheck = false; diff --git a/nixpkgs/pkgs/applications/virtualization/ecs-agent/default.nix b/nixpkgs/pkgs/applications/virtualization/ecs-agent/default.nix index 9838ab37c1e2..0edf112d72bc 100644 --- a/nixpkgs/pkgs/applications/virtualization/ecs-agent/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/ecs-agent/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "amazon-ecs-agent"; - version = "1.81.0"; + version = "1.82.0"; src = fetchFromGitHub { rev = "v${version}"; owner = "aws"; repo = pname; - hash = "sha256-k2YFxKHXNCKMMyBZ4HSo6bvtEAAp4rnzobDYK3Q5aCY="; + hash = "sha256-joI2jNfH4++mpReVGO9V3Yc7cRpykc3F166WEGZ09HA="; }; vendorHash = null; diff --git a/nixpkgs/pkgs/applications/virtualization/kraft/default.nix b/nixpkgs/pkgs/applications/virtualization/kraft/default.nix index 15ddfe4f5307..ca7384cdd19b 100644 --- a/nixpkgs/pkgs/applications/virtualization/kraft/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/kraft/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "kraftkit"; - version = "0.7.3"; + version = "0.7.5"; src = fetchFromGitHub { owner = "unikraft"; repo = "kraftkit"; rev = "v${version}"; - hash = "sha256-61eH2aFue/qJ7Xmu8ueQvsQ5moVpDkHe9p9bywqRwQY="; + hash = "sha256-kuI1RSipPj7e8tsnThAEkL3bpmgAEKSQthubfjtklp0="; }; - vendorHash = "sha256-4e7g79C6BofnPXPCuquIPfGL7C9TMSdmlIq2HSrz3eY="; + vendorHash = "sha256-BPpUBGWzW4jkUgy/2oqvqXBNLmglUVTFA9XuGhUE1zo="; ldflags = [ "-s" diff --git a/nixpkgs/pkgs/applications/virtualization/qemu/default.nix b/nixpkgs/pkgs/applications/virtualization/qemu/default.nix index f241a553f864..e7da99d561f6 100644 --- a/nixpkgs/pkgs/applications/virtualization/qemu/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/qemu/default.nix @@ -55,11 +55,11 @@ stdenv.mkDerivation (finalAttrs: { + lib.optionalString hostCpuOnly "-host-cpu-only" + lib.optionalString nixosTestRunner "-for-vm-tests" + lib.optionalString toolsOnly "-utils"; - version = "8.2.1"; + version = "8.2.2"; src = fetchurl { url = "https://download.qemu.org/qemu-${finalAttrs.version}.tar.xz"; - hash = "sha256-hWJ1EVgXX50YfF8itXVVq+PIcPAyXIztEsNMbZh3Kb4="; + hash = "sha256-hHNGwbgsGlSyw49u29hVSe3rF0MLfU09oSYg4pYrxPM="; }; depsBuildBuild = [ buildPackages.stdenv.cc ] diff --git a/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix b/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix index 948a8da2da7b..f226a32596d3 100644 --- a/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix @@ -1,4 +1,4 @@ -{ config, stdenv, fetchurl, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook +{ config, stdenv, fetchurl, fetchpatch, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook , libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL2, libcap, libGL, libGLU , libpng, glib, lvm2, libXrandr, libXinerama, libopus, libtpms, qtbase, qtx11extras , qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43 @@ -17,9 +17,13 @@ , headless ? false , enable32bitGuests ? true , enableWebService ? false +, enableKvm ? false , extraConfigureFlags ? "" }: +# See https://github.com/cyberus-technology/virtualbox-kvm/issues/12 +assert enableKvm -> !enableHardening; + with lib; let @@ -27,6 +31,10 @@ let # Use maintainers/scripts/update.nix to update the version and all related hashes or # change the hashes in extpack.nix and guest-additions/default.nix as well manually. version = "7.0.14"; + + # The KVM build is not compatible to VirtualBox's kernel modules. So don't export + # modsrc at all. + withModsrc = !enableKvm; in stdenv.mkDerivation { pname = "virtualbox"; inherit version; @@ -36,7 +44,7 @@ in stdenv.mkDerivation { sha256 = "45860d834804a24a163c1bb264a6b1cb802a5bc7ce7e01128072f8d6a4617ca9"; }; - outputs = [ "out" "modsrc" ]; + outputs = [ "out" ] ++ optional withModsrc "modsrc"; nativeBuildInputs = [ pkg-config which docbook_xsl docbook_xml_dtd_43 yasm glslang ] ++ optional (!headless) wrapQtAppsHook; @@ -85,7 +93,13 @@ in stdenv.mkDerivation { patches = optional enableHardening ./hardened.patch # Since VirtualBox 7.0.8, VBoxSDL requires SDL2, but the build framework uses SDL1 - ++ optional (!headless) ./fix-sdl.patch + ++ optionals (!headless) [ ./fix-sdl.patch + # No update patch disables check for update function + # https://bugs.launchpad.net/ubuntu/+source/virtualbox-ose/+bug/272212 + (fetchpatch { + url = "https://salsa.debian.org/pkg-virtualbox-team/virtualbox/-/raw/debian/${version}-dfsg-1/debian/patches/16-no-update.patch"; + hash = "sha256-UJHpuB6QB/BbxJorlqZXUF12lgq8gbLMRHRMsbyqRpY="; + })] ++ [ ./extra_symbols.patch ] # When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees # the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH. @@ -97,7 +111,17 @@ in stdenv.mkDerivation { ++ optional (!headless && enableHardening) (substituteAll { src = ./qt-env-vars.patch; qtPluginPath = "${qtbase.bin}/${qtbase.qtPluginPrefix}:${qtsvg.bin}/${qtbase.qtPluginPrefix}:${qtwayland.bin}/${qtbase.qtPluginPrefix}"; - }) + }) + # While the KVM patch should not break any other behavior if --with-kvm is not specified, + # we don't take any chances and only apply it if people actually want to use KVM support. + ++ optional enableKvm (fetchpatch + (let + patchVersion = "20240226"; + in { + name = "virtualbox-${version}-kvm-dev-${patchVersion}.patch"; + url = "https://github.com/cyberus-technology/virtualbox-kvm/releases/download/dev-${patchVersion}/virtualbox-${version}-kvm-dev-${patchVersion}.patch"; + hash = "sha256-3YT1ZN/TwoNWNb2eqOcPF8GTrVGfOPaPb8vpGoPNISY="; + })) ++ [ ./qt-dependency-paths.patch # https://github.com/NixOS/nixpkgs/issues/123851 @@ -159,6 +183,7 @@ in stdenv.mkDerivation { ${optionalString (!enable32bitGuests) "--disable-vmmraw"} \ ${optionalString enableWebService "--enable-webservice"} \ ${optionalString (open-watcom-bin != null) "--with-ow-dir=${open-watcom-bin}"} \ + ${optionalString (enableKvm) "--with-kvm"} \ ${extraConfigureFlags} \ --disable-kmods sed -e 's@PKG_CONFIG_PATH=.*@PKG_CONFIG_PATH=${libIDL}/lib/pkgconfig:${glib.dev}/lib/pkgconfig ${libIDL}/bin/libIDL-config-2@' \ @@ -218,7 +243,9 @@ in stdenv.mkDerivation { ln -sv $libexec/nls "$out/share/virtualbox" ''} - cp -rv out/linux.*/${buildType}/bin/src "$modsrc" + ${optionalString withModsrc '' + cp -rv out/linux.*/${buildType}/bin/src "$modsrc" + ''} mkdir -p "$out/share/virtualbox" cp -rv src/VBox/Main/UnattendedTemplates "$out/share/virtualbox" |