diff options
Diffstat (limited to 'nixpkgs/pkgs/applications/virtualization')
22 files changed, 351 insertions, 136 deletions
diff --git a/nixpkgs/pkgs/applications/virtualization/crosvm/default.nix b/nixpkgs/pkgs/applications/virtualization/crosvm/default.nix index a0f1f6eca652..95cada54296a 100644 --- a/nixpkgs/pkgs/applications/virtualization/crosvm/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/crosvm/default.nix @@ -5,12 +5,12 @@ rustPlatform.buildRustPackage rec { pname = "crosvm"; - version = "119.0"; + version = "120.0"; src = fetchgit { url = "https://chromium.googlesource.com/chromiumos/platform/crosvm"; - rev = "b9977397be2ffc8154bf55983eb21495016d48b5"; - sha256 = "oaCWiyYWQQGERaUPSekUHsO8vaHzIA5ZdSebm/qRR7I="; + rev = "0a9d1cb8be29e49c355ea8b18cd58506dbbaf6e5"; + sha256 = "BbCcsxJU25VgWVday4rGPXaJSuAWebNGo3MiYPIBBto="; fetchSubmodules = true; }; @@ -26,7 +26,7 @@ rustPlatform.buildRustPackage rec { separateDebugInfo = true; - cargoHash = "sha256-U/sF/0OWxA41iZsOTao8eeb98lluqOwcPwwA4emcSFc="; + cargoHash = "sha256-YXfKZeRL3gfWztf36lVNbCCwUqW+0w3q7X7v0arCrvk="; nativeBuildInputs = [ pkg-config protobuf python3 rustPlatform.bindgenHook wayland-scanner diff --git a/nixpkgs/pkgs/applications/virtualization/crun/default.nix b/nixpkgs/pkgs/applications/virtualization/crun/default.nix index a2824004a153..81d25a84d2c8 100644 --- a/nixpkgs/pkgs/applications/virtualization/crun/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/crun/default.nix @@ -39,13 +39,13 @@ let in stdenv.mkDerivation rec { pname = "crun"; - version = "1.12"; + version = "1.13"; src = fetchFromGitHub { owner = "containers"; repo = pname; rev = version; - hash = "sha256-61E/71axlN5H1KpAkWFm7jOETlmmy2qh7R+JrVZlMIQ="; + hash = "sha256-doGZ1rHHXDRClrTEXYJcU6AqlBTanpNpV6EIbxQgcXY="; fetchSubmodules = true; }; diff --git a/nixpkgs/pkgs/applications/virtualization/docker-slim/default.nix b/nixpkgs/pkgs/applications/virtualization/docker-slim/default.nix index 226e29ebd3ff..06eba06ab2c7 100644 --- a/nixpkgs/pkgs/applications/virtualization/docker-slim/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/docker-slim/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "docker-slim"; - version = "1.40.7"; + version = "1.40.9"; src = fetchFromGitHub { owner = "slimtoolkit"; repo = "slim"; rev = version; - hash = "sha256-X+7FMdIotnafUEKQUrvxYgN4qGqbtVJaZD+V4/whylM="; + hash = "sha256-tVGD5DbrnAiifCYEjI8l8Zsij2qAUkW5yxllr//6510="; }; vendorHash = null; diff --git a/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix b/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix index d42319f1915f..24e2d5113cfa 100644 --- a/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix +++ b/nixpkgs/pkgs/applications/virtualization/docker/buildx.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "docker-buildx"; - version = "0.12.0"; + version = "0.12.1"; src = fetchFromGitHub { owner = "docker"; repo = "buildx"; rev = "v${version}"; - hash = "sha256-O2oXswExH6OQLDZcgCGF62oZ7v6svZuOziw0SZgOVHI="; + hash = "sha256-QC2mlJWjOtqYAB+YrL+s2FsJ79LuLFZGOgSVGL6WmX8="; }; doCheck = false; diff --git a/nixpkgs/pkgs/applications/virtualization/docker/compose.nix b/nixpkgs/pkgs/applications/virtualization/docker/compose.nix index 24809f9450b4..aadc42643577 100644 --- a/nixpkgs/pkgs/applications/virtualization/docker/compose.nix +++ b/nixpkgs/pkgs/applications/virtualization/docker/compose.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "docker-compose"; - version = "2.23.3"; + version = "2.24.0"; src = fetchFromGitHub { owner = "docker"; repo = "compose"; rev = "v${version}"; - hash = "sha256-Rp13xK7pRyjHaDclAfL+yzNf4ppOy9S+XFbydj4TDL4="; + hash = "sha256-6wa4kIl65z3kk+wzDX+WhS50J+e0AZ+W8A++bdnRc2M="; }; postPatch = '' @@ -16,7 +16,7 @@ buildGoModule rec { rm -rf e2e/ ''; - vendorHash = "sha256-iKBMd4e1oVNdKuk08tYPexQqs9JLofhdf4yEP1s97EQ="; + vendorHash = "sha256-03jlomVb3jS+SkmIxRtPsaMx2VKLYX/Lp9JH/mlJvK4="; ldflags = [ "-X github.com/docker/compose/v2/internal.Version=${version}" "-s" "-w" ]; diff --git a/nixpkgs/pkgs/applications/virtualization/ignite/default.nix b/nixpkgs/pkgs/applications/virtualization/ignite/default.nix deleted file mode 100644 index 89387e822d86..000000000000 --- a/nixpkgs/pkgs/applications/virtualization/ignite/default.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ lib -, cni-plugins -, buildGoModule -, firecracker -, containerd -, runc -, makeWrapper -, fetchFromGitHub -, git -}: - -buildGoModule rec{ - pname = "ignite"; - version = "0.10.0"; - - src = fetchFromGitHub { - owner = "weaveworks"; - repo = "ignite"; - rev = "v${version}"; - sha256 = "sha256-WCgNh+iLtxLslzcHuIwVLZpUEhvBJFe1Y84PaPtbtcY="; - leaveDotGit = true; - }; - - vendorHash = null; - - doCheck = false; - - postPatch = '' - # ignite tries to run cni-plugins programs from /opt/cni/bin - substituteInPlace pkg/constants/dependencies.go \ - --replace "/opt/cni/bin/loopback" ${cni-plugins}/bin/loopback \ - --replace "/opt/cni/bin/bridge" ${cni-plugins}/bin/bridge - - # ignite tries to run cni-plugins programs from /opt/cni/bin - substituteInPlace pkg/network/cni/cni.go \ - --replace "/opt/cni/bin" ${cni-plugins}/bin - - # fetchgit doesn't fetch tags from git repository so it's necessary to force IGNITE_GIT_VERSION to be ${version} - # also forcing git state to be clean because if it's dirty ignite will try to fetch the image weaveworks/ignite:dev - # which is not in docker.io, we want it to fetch the image weaveworks/ignite:v${version} - substituteInPlace hack/ldflags.sh \ - --replace '$(git describe --tags --abbrev=14 "''${IGNITE_GIT_COMMIT}^{commit}" 2>/dev/null)' "v${version}" \ - --replace 'IGNITE_GIT_TREE_STATE="dirty"' 'IGNITE_GIT_TREE_STATE="clean"' - ''; - - nativeBuildInputs = [ - git - makeWrapper - ]; - - buildInputs = [ - firecracker - ]; - - preBuild = '' - patchShebangs ./hack/ldflags.sh - export buildFlagsArray+=("-ldflags=$(./hack/ldflags.sh)") - ''; - - postInstall = '' - for prog in hack ignite ignited ignite-spawn; do - wrapProgram "$out/bin/$prog" --prefix PATH : ${lib.makeBinPath [ cni-plugins firecracker containerd runc ]} - done - ''; - - meta = with lib; { - description = "Ignite a Firecracker microVM"; - homepage = "https://github.com/weaveworks/ignite"; - license = licenses.asl20; - maintainers = with maintainers; [ tfmoraes ]; - }; -} diff --git a/nixpkgs/pkgs/applications/virtualization/kvmtool/default.nix b/nixpkgs/pkgs/applications/virtualization/kvmtool/default.nix index 9aeb21e3f06a..f546c32042e3 100644 --- a/nixpkgs/pkgs/applications/virtualization/kvmtool/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/kvmtool/default.nix @@ -1,13 +1,12 @@ -{ stdenv, fetchgit, lib, dtc }: +{ stdenv, fetchzip, lib, dtc }: stdenv.mkDerivation { pname = "kvmtool"; version = "unstable-2023-07-12"; - src = fetchgit { - url = "https://git.kernel.org/pub/scm/linux/kernel/git/will/kvmtool.git"; - rev = "106e2ea7756d980454d68631b87d5e25ba4e4881"; - sha256 = "sha256-wpc5DfHnui0lBVH4uOq6a7pXVUZStjNLRvauu6QpRvE="; + src = fetchzip { + url = "https://git.kernel.org/pub/scm/linux/kernel/git/will/kvmtool.git/snapshot/kvmtool-106e2ea7756d980454d68631b87d5e25ba4e4881.tar.gz"; + hash = "sha256-wpc5DfHnui0lBVH4uOq6a7pXVUZStjNLRvauu6QpRvE="; }; patches = [ ./strlcpy-glibc-2.38-fix.patch ]; diff --git a/nixpkgs/pkgs/applications/virtualization/libnvidia-container/default.nix b/nixpkgs/pkgs/applications/virtualization/libnvidia-container/default.nix index 622ba090e0ee..b462b24711de 100644 --- a/nixpkgs/pkgs/applications/virtualization/libnvidia-container/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/libnvidia-container/default.nix @@ -116,6 +116,7 @@ stdenv.mkDerivation rec { description = "NVIDIA container runtime library"; license = licenses.asl20; platforms = platforms.linux; + mainProgram = "nvidia-container-cli"; maintainers = with maintainers; [ cpcloud ]; }; } diff --git a/nixpkgs/pkgs/applications/virtualization/lima/bin.nix b/nixpkgs/pkgs/applications/virtualization/lima/bin.nix index ab863b63f9af..2080ac1e7876 100644 --- a/nixpkgs/pkgs/applications/virtualization/lima/bin.nix +++ b/nixpkgs/pkgs/applications/virtualization/lima/bin.nix @@ -9,31 +9,31 @@ }: let - version = "0.19.0"; + version = "0.19.1"; dist = { aarch64-darwin = rec { archSuffix = "Darwin-arm64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "d7b62ee446607c989610b1cd5f9ad5eaa3d1b9aa2b47210f198713b8f8bf9889"; + sha256 = "0dfcf3a39782baf1c2ea43cf026f8df0321c671d914c105fbb78de507aa8bda4"; }; x86_64-darwin = rec { archSuffix = "Darwin-x86_64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "e68b034023b52f3c61b6804e5f921d72981768925d6c2937e69904ecef46c6bd"; + sha256 = "ac8827479f66ef1b288b31f164b22f6433faa14c44ce5bbebe09e6e913582479"; }; aarch64-linux = rec { archSuffix = "Linux-aarch64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "8709ed5c483dc227d65adf215a9cb7127c71e25da3a78dfa7f82b7dcfbbb8afb"; + sha256 = "c55e57ddbefd9988d0f3676bb873bcc6e0f7b3c3d47a1f07599ee151c5198d96"; }; x86_64-linux = rec { archSuffix = "Linux-x86_64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "fca174037ecc69810947b7cb444dfab2661407e8e5e7409321fa590a84250996"; + sha256 = "7d18b1716aae14bf98d6ea93a703e8877b0c3142f7ba2e87401d47d5d0fe3ff1"; }; }; in diff --git a/nixpkgs/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix b/nixpkgs/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix index a174c3031227..7d0ecfab53e7 100644 --- a/nixpkgs/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix @@ -5,10 +5,16 @@ , buildGoModule , linkFarm , writeShellScript +, formats , containerRuntimePath , configTemplate +, configTemplatePath ? null , libnvidia-container }: + +assert configTemplate != null -> (lib.isAttrs configTemplate && configTemplatePath == null); +assert configTemplatePath != null -> (lib.isStringLike configTemplatePath && configTemplate == null); + let isolatedContainerRuntimePath = linkFarm "isolated_container_runtime_path" [ { @@ -23,6 +29,8 @@ let echo >&2 "$(tput setaf 3)warning: \$XDG_CONFIG_HOME=$XDG_CONFIG_HOME$(tput sgr 0)" fi ''; + + configToml = if configTemplatePath != null then configTemplatePath else (formats.toml { }).generate "config.toml" configTemplate; in buildGoModule rec { pname = "container-toolkit/container-toolkit"; @@ -47,6 +55,14 @@ buildGoModule rec { nativeBuildInputs = [ makeWrapper ]; + preConfigure = '' + # Ensure the runc symlink isn't broken: + if ! readlink --quiet --canonicalize-existing "${isolatedContainerRuntimePath}/runc" ; then + echo "${isolatedContainerRuntimePath}/runc: broken symlink" >&2 + exit 1 + fi + ''; + checkFlags = let skippedTests = [ @@ -74,7 +90,7 @@ buildGoModule rec { --prefix PATH : ${isolatedContainerRuntimePath}:${libnvidia-container}/bin \ --set-default XDG_CONFIG_HOME $out/etc - cp ${configTemplate} $out/etc/nvidia-container-runtime/config.toml + cp ${configToml} $out/etc/nvidia-container-runtime/config.toml substituteInPlace $out/etc/nvidia-container-runtime/config.toml \ --subst-var-by glibcbin ${lib.getBin glibc} diff --git a/nixpkgs/pkgs/applications/virtualization/nvidia-container-toolkit/packages.nix b/nixpkgs/pkgs/applications/virtualization/nvidia-container-toolkit/packages.nix new file mode 100644 index 000000000000..0ce76d5aed31 --- /dev/null +++ b/nixpkgs/pkgs/applications/virtualization/nvidia-container-toolkit/packages.nix @@ -0,0 +1,79 @@ +{ + lib, + newScope, + docker, + libnvidia-container, + runc, + symlinkJoin, +}: + +# Note this scope isn't recursed into, at the time of writing. +lib.makeScope newScope ( + self: { + + # The config is only exposed as an attrset so that the user may reach the + # deafult values, for inspectability purposes. + dockerConfig = { + disable-require = false; + #swarm-resource = "DOCKER_RESOURCE_GPU" + + nvidia-container-cli = { + #root = "/run/nvidia/driver"; + #path = "/usr/bin/nvidia-container-cli"; + environment = [ ]; + #debug = "/var/log/nvidia-container-runtime-hook.log"; + ldcache = "/tmp/ld.so.cache"; + load-kmods = true; + #no-cgroups = false; + #user = "root:video"; + ldconfig = "@@glibcbin@/bin/ldconfig"; + }; + }; + nvidia-container-toolkit-docker = self.callPackage ./. { + containerRuntimePath = "${docker}/libexec/docker/docker"; + configTemplate = self.dockerConfig; + }; + + podmanConfig = { + disable-require = true; + #swarm-resource = "DOCKER_RESOURCE_GPU"; + + nvidia-container-cli = { + #root = "/run/nvidia/driver"; + #path = "/usr/bin/nvidia-container-cli"; + environment = [ ]; + #debug = "/var/log/nvidia-container-runtime-hook.log"; + ldcache = "/tmp/ld.so.cache"; + load-kmods = true; + no-cgroups = true; + #user = "root:video"; + ldconfig = "@@glibcbin@/bin/ldconfig"; + }; + }; + nvidia-container-toolkit-podman = self.nvidia-container-toolkit-docker.override { + containerRuntimePath = lib.getExe runc; + + configTemplate = self.podmanConfig; + }; + + nvidia-docker = symlinkJoin { + name = "nvidia-docker"; + paths = [ + libnvidia-container + self.nvidia-docker-unwrapped + self.nvidia-container-toolkit-docker + ]; + inherit (self.nvidia-docker-unwrapped) meta; + }; + nvidia-docker-unwrapped = self.callPackage ../nvidia-docker { }; + + nvidia-podman = symlinkJoin { + name = "nvidia-podman"; + paths = [ + libnvidia-container + self.nvidia-container-toolkit-podman + ]; + inherit (self.nvidia-container-toolkit-podman) meta; + }; + } +) diff --git a/nixpkgs/pkgs/applications/virtualization/nvidia-docker/config.toml b/nixpkgs/pkgs/applications/virtualization/nvidia-docker/config.toml deleted file mode 100644 index bbd166995f36..000000000000 --- a/nixpkgs/pkgs/applications/virtualization/nvidia-docker/config.toml +++ /dev/null @@ -1,13 +0,0 @@ -disable-require = false -#swarm-resource = "DOCKER_RESOURCE_GPU" - -[nvidia-container-cli] -#root = "/run/nvidia/driver" -#path = "/usr/bin/nvidia-container-cli" -environment = [] -#debug = "/var/log/nvidia-container-runtime-hook.log" -ldcache = "/tmp/ld.so.cache" -load-kmods = true -#no-cgroups = false -#user = "root:video" -ldconfig = "@@glibcbin@/bin/ldconfig" diff --git a/nixpkgs/pkgs/applications/virtualization/nvidia-podman/config.toml b/nixpkgs/pkgs/applications/virtualization/nvidia-podman/config.toml deleted file mode 100644 index eb39699b96b3..000000000000 --- a/nixpkgs/pkgs/applications/virtualization/nvidia-podman/config.toml +++ /dev/null @@ -1,13 +0,0 @@ -disable-require = true -#swarm-resource = "DOCKER_RESOURCE_GPU" - -[nvidia-container-cli] -#root = "/run/nvidia/driver" -#path = "/usr/bin/nvidia-container-cli" -environment = [] -#debug = "/var/log/nvidia-container-runtime-hook.log" -ldcache = "/tmp/ld.so.cache" -load-kmods = true -no-cgroups = true -#user = "root:video" -ldconfig = "@@glibcbin@/bin/ldconfig" diff --git a/nixpkgs/pkgs/applications/virtualization/podman/default.nix b/nixpkgs/pkgs/applications/virtualization/podman/default.nix index 93ef717d5297..4c912e1c1980 100644 --- a/nixpkgs/pkgs/applications/virtualization/podman/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/podman/default.nix @@ -62,13 +62,13 @@ let in buildGoModule rec { pname = "podman"; - version = "4.8.2"; + version = "4.8.3"; src = fetchFromGitHub { owner = "containers"; repo = "podman"; rev = "v${version}"; - hash = "sha256-pRmSaquovfMG3+Aa13W+AW2s7MjK2V/mSje4CQZyURs="; + hash = "sha256-Q4LdBRJed1Vm5Qo3wyEsU3Pj2t9FfyB9rjiM4Vi0ZEw="; }; patches = [ diff --git a/nixpkgs/pkgs/applications/virtualization/qemu/default.nix b/nixpkgs/pkgs/applications/virtualization/qemu/default.nix index 1cdd9f07337a..3debac4c6fb4 100644 --- a/nixpkgs/pkgs/applications/virtualization/qemu/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/qemu/default.nix @@ -23,6 +23,7 @@ , cephSupport ? false, ceph , glusterfsSupport ? false, glusterfs, libuuid , openGLSupport ? sdlSupport, mesa, libepoxy, libdrm +, rutabagaSupport ? openGLSupport && !toolsOnly && lib.meta.availableOn stdenv.hostPlatform rutabaga_gfx, rutabaga_gfx , virglSupport ? openGLSupport, virglrenderer , libiscsiSupport ? !toolsOnly, libiscsi , smbdSupport ? false, samba @@ -98,6 +99,7 @@ stdenv.mkDerivation (finalAttrs: { ++ lib.optionals cephSupport [ ceph ] ++ lib.optionals glusterfsSupport [ glusterfs libuuid ] ++ lib.optionals openGLSupport [ mesa libepoxy libdrm ] + ++ lib.optionals rutabagaSupport [ rutabaga_gfx ] ++ lib.optionals virglSupport [ virglrenderer ] ++ lib.optionals libiscsiSupport [ libiscsi ] ++ lib.optionals smbdSupport [ samba ] @@ -133,6 +135,11 @@ stdenv.mkDerivation (finalAttrs: { sha256 = "sha256-oC+bRjEHixv1QEFO9XAm4HHOwoiT+NkhknKGPydnZ5E="; revert = true; }) + # Fix display issues when using virtio-gpu on 8.2.0 https://gitlab.com/qemu-project/qemu/-/issues/2051 + (fetchpatch { + url = "https://gitlab.com/qemu-project/qemu/-/commit/9d5b42beb6978dc6219d5dc029c9d453c6b8d503.diff"; + sha256 = "sha256-NknkH/gFTsMcdq8/ArwM4+qrpU+ZHd+xVMFUuMJTtf0="; + }) ] ++ lib.optional nixosTestRunner ./force-uid0-on-9p.patch; diff --git a/nixpkgs/pkgs/applications/virtualization/rust-hypervisor-firmware/default.nix b/nixpkgs/pkgs/applications/virtualization/rust-hypervisor-firmware/default.nix index 286a521be054..1a36aa8fd6c0 100644 --- a/nixpkgs/pkgs/applications/virtualization/rust-hypervisor-firmware/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/rust-hypervisor-firmware/default.nix @@ -1,8 +1,6 @@ { lib , fetchFromGitHub , hostPlatform -, cargo -, rustc , lld }: @@ -24,12 +22,7 @@ let }; }; - # inherit (cross) rustPlatform; - # ^ breaks because we are doing a no_std embedded build with a custom sysroot, - # but the fast_cross rustc wrapper already passes a sysroot argument - rustPlatform = cross.makeRustPlatform { - inherit rustc cargo; - }; + inherit (cross) rustPlatform; in diff --git a/nixpkgs/pkgs/applications/virtualization/singularity/apptainer/0001-ldCache-patch-for-driverLink.patch b/nixpkgs/pkgs/applications/virtualization/singularity/apptainer/0001-ldCache-patch-for-driverLink.patch new file mode 100644 index 000000000000..c931894bc21f --- /dev/null +++ b/nixpkgs/pkgs/applications/virtualization/singularity/apptainer/0001-ldCache-patch-for-driverLink.patch @@ -0,0 +1,84 @@ +From 783ec26c0d83013baf04579a6a415d7f8776ac93 Mon Sep 17 00:00:00 2001 +From: Someone Serge <sergei.kozlukov@aalto.fi> +Date: Sun, 7 Jan 2024 11:48:24 +0000 +Subject: [PATCH] ldCache(): patch for @driverLink@ + +--- + internal/pkg/util/paths/resolve.go | 41 +++++++++++++++++++++++++++--- + 1 file changed, 38 insertions(+), 3 deletions(-) + +diff --git a/internal/pkg/util/paths/resolve.go b/internal/pkg/util/paths/resolve.go +index db45d9db1..9d0110b6b 100644 +--- a/internal/pkg/util/paths/resolve.go ++++ b/internal/pkg/util/paths/resolve.go +@@ -14,6 +14,7 @@ import ( + "fmt" + "os" + "os/exec" ++ "path" + "path/filepath" + "regexp" + "strings" +@@ -154,14 +155,49 @@ func Resolve(fileList []string) ([]string, []string, error) { + // lists three variants of libEGL.so.1 that are in different locations, we only + // report the first, highest priority, variant. + func ldCache() (map[string]string, error) { ++ driverDirs := strings.Split("@driverLink@/lib", ":") ++ if machine, err := elfMachine(); err == nil && machine == elf.EM_386 { ++ driverDirs = strings.Split("@driverLink@-32/lib", ":") ++ } ++ ++ soPattern, err := regexp.Compile(`[^\s]+\.so(\.\d+(\.\d+(\.\d+)?)?)?$`) ++ if err != nil { ++ return nil, fmt.Errorf("could not compile ldconfig regexp: %v", err) ++ } ++ ++ ldCache := make(map[string]string) ++ for _, dirPath := range driverDirs { ++ dir, err := os.Open(dirPath) ++ if err != nil { ++ /* Maybe we're not running under NixOS */ ++ continue ++ } ++ files, err := dir.ReadDir(-1) ++ if err != nil { ++ continue ++ } ++ for _, f := range files { ++ if !soPattern.MatchString(f.Name()) { ++ continue ++ } ++ libName := f.Name() ++ libPath := path.Join(dirPath, f.Name()) ++ if _, ok := ldCache[libName]; !ok { ++ ldCache[libName] = libPath ++ } ++ } ++ } ++ + // walk through the ldconfig output and add entries which contain the filenames + // returned by nvidia-container-cli OR the nvliblist.conf file contents + ldconfig, err := bin.FindBin("ldconfig") +- if err != nil { ++ if err != nil && len(ldCache) == 0 { ++ // Note that missing ldconfig is only an "error" as long ++ // as there's no driverLink + return nil, err + } + out, err := exec.Command(ldconfig, "-p").Output() +- if err != nil { ++ if err != nil && len(ldCache) == 0 { + return nil, fmt.Errorf("could not execute ldconfig: %v", err) + } + +@@ -173,7 +209,6 @@ func ldCache() (map[string]string, error) { + } + + // store library name with associated path +- ldCache := make(map[string]string) + for _, match := range r.FindAllSubmatch(out, -1) { + if match != nil { + // libName is the "libnvidia-ml.so.1" (from the above example) +-- +2.42.0 + diff --git a/nixpkgs/pkgs/applications/virtualization/singularity/generic.nix b/nixpkgs/pkgs/applications/virtualization/singularity/generic.nix index 9f17dc8eb03d..85992e2abce9 100644 --- a/nixpkgs/pkgs/applications/virtualization/singularity/generic.nix +++ b/nixpkgs/pkgs/applications/virtualization/singularity/generic.nix @@ -27,12 +27,14 @@ in , buildGoModule , runCommandLocal # Native build inputs +, addDriverRunpath , makeWrapper , pkg-config , util-linux , which # Build inputs , bash +, callPackage , conmon , coreutils , cryptsetup @@ -54,6 +56,9 @@ in , hello # Overridable configurations , enableNvidiaContainerCli ? true + # --nvccli currently requires extra privileges: + # https://github.com/apptainer/apptainer/issues/1893#issuecomment-1881240800 +, forceNvcCli ? false # Compile with seccomp support # SingularityCE 3.10.0 and above requires explicit --without-seccomp when libseccomp is not available. , enableSeccomp ? true @@ -65,6 +70,7 @@ in # Whether to compile with SUID support , enableSuid ? false , starterSuidPath ? null +, substituteAll # newuidmapPath and newgidmapPath are to support --fakeroot # where those SUID-ed executables are unavailable from the FHS system PATH. # Path to SUID-ed newuidmap executable @@ -94,6 +100,10 @@ in (buildGoModule { inherit pname version src; + patches = lib.optionals (projectName == "apptainer") [ + (substituteAll { src = ./apptainer/0001-ldCache-patch-for-driverLink.patch; inherit (addDriverRunpath) driverLink; }) + ]; + # Override vendorHash with the output got from # nix-prefetch -E "{ sha256 }: ((import ./. { }).apptainer.override { vendorHash = sha256; }).goModules" # or with `null` when using vendored source tarball. @@ -175,11 +185,18 @@ in if [[ ! -e .git || ! -e VERSION ]]; then echo "${version}" > VERSION fi + # Patch shebangs for script run during build patchShebangs --build "$configureScript" makeit e2e scripts mlocal/scripts + # Patching the hard-coded defaultPath by prefixing the packages in defaultPathInputs substituteInPlace cmd/internal/cli/actions.go \ --replace "defaultPath = \"${defaultPathOriginal}\"" "defaultPath = \"''${defaultPathInputs// /\/bin:}''${defaultPathInputs:+/bin:}${defaultPathOriginal}\"" + + substituteInPlace internal/pkg/util/gpu/nvidia.go \ + --replace \ + 'return fmt.Errorf("/usr/bin not writable in the container")' \ + "" ''; postConfigure = '' @@ -212,7 +229,7 @@ in wrapProgram "$out/bin/${projectName}" \ --prefix PATH : "''${defaultPathInputs// /\/bin:}''${defaultPathInputs:+/bin:}" # Make changes in the config file - ${lib.optionalString enableNvidiaContainerCli '' + ${lib.optionalString forceNvcCli '' substituteInPlace "$out/etc/${projectName}/${projectName}.conf" \ --replace "use nvidia-container-cli = no" "use nvidia-container-cli = yes" ''} @@ -264,5 +281,38 @@ in singularity = finalAttrs.finalPackage; }; }; + gpuChecks = lib.optionalAttrs (projectName == "apptainer") { + # Should be in tests, but Ofborg would skip image-hello-cowsay because + # saxpy is unfree. + image-saxpy = callPackage + ({ singularity-tools, cudaPackages }: + singularity-tools.buildImage { + name = "saxpy"; + contents = [ cudaPackages.saxpy ]; + memSize = 2048; + diskSize = 2048; + singularity = finalAttrs.finalPackage; + }) + { }; + saxpy = + callPackage + ({ runCommand, writeShellScriptBin }: + let + unwrapped = writeShellScriptBin "apptainer-cuda-saxpy" + '' + ${lib.getExe finalAttrs.finalPackage} exec --nv $@ ${finalAttrs.passthru.tests.image-saxpy} saxpy + ''; + in + runCommand "run-apptainer-cuda-saxpy" + { + requiredSystemFeatures = [ "cuda" ]; + nativeBuildInputs = [ unwrapped ]; + passthru = { inherit unwrapped; }; + } + '' + apptainer-cuda-saxpy + '') + { }; + }; }; }) diff --git a/nixpkgs/pkgs/applications/virtualization/singularity/packages.nix b/nixpkgs/pkgs/applications/virtualization/singularity/packages.nix index 80e7d2c2a39f..50a8fc103ad1 100644 --- a/nixpkgs/pkgs/applications/virtualization/singularity/packages.nix +++ b/nixpkgs/pkgs/applications/virtualization/singularity/packages.nix @@ -38,20 +38,20 @@ let singularity = callPackage (import ./generic.nix rec { pname = "singularity-ce"; - version = "4.0.2"; + version = "4.0.3"; projectName = "singularity"; src = fetchFromGitHub { owner = "sylabs"; repo = "singularity"; rev = "refs/tags/v${version}"; - hash = "sha256-R+vAKYR4lJmC7PIITYyg4UeGYjGXoPqqUai3HmPzwG0="; + hash = "sha256-sT5nW/7xE2TT4TO9H7Y3CDf87LvwPbT1NjVQVK9yyVY="; }; # Update by running # nix-prefetch -E "{ sha256 }: ((import ./. { }).singularity.override { vendorHash = sha256; }).goModules" # at the root directory of the Nixpkgs repository - vendorHash = "sha256-z3VozeMpaqh4ddZxB3xqo25Gm+8JYeIwASOq+Mmerr4="; + vendorHash = "sha256-q7n1LymH5KGYHg73r30xryVWupzDheBp7Gpr3XZiZHI="; # Do not build conmon and squashfuse from the Git submodule sources, # Use Nixpkgs provided version diff --git a/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix b/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix index ebdf09fd8379..62109eac2700 100644 --- a/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix +++ b/nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix @@ -101,6 +101,8 @@ in stdenv.mkDerivation { ./qt-dependency-paths.patch # https://github.com/NixOS/nixpkgs/issues/123851 ./fix-audio-driver-loading.patch + ./libxml-2.12.patch + ./gcc-13.patch ]; postPatch = '' diff --git a/nixpkgs/pkgs/applications/virtualization/virtualbox/gcc-13.patch b/nixpkgs/pkgs/applications/virtualization/virtualbox/gcc-13.patch new file mode 100644 index 000000000000..c06780299f95 --- /dev/null +++ b/nixpkgs/pkgs/applications/virtualization/virtualbox/gcc-13.patch @@ -0,0 +1,35 @@ +diff --git a/src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibRuntimeXF86.cpp b/src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibRuntimeXF86.cpp +index 8a9d15c0..260ebc5c 100644 +--- a/src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibRuntimeXF86.cpp ++++ b/src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibRuntimeXF86.cpp +@@ -46,6 +46,9 @@ + #if defined(VBOX_VBGLR3_XFREE86) + extern "C" { + # define XFree86LOADER ++# ifdef RT_GNUC_PREREQ(13,0) /* cmath gets dragged in and the c++/13/cmath header is allergic to -ffreestanding. */ ++# define _GLIBCXX_INCLUDE_NEXT_C_HEADERS ++# endif + # include <xf86_ansic.h> + # undef size_t + } +diff --git a/src/libs/dxvk-native-1.9.2a/src/util/util_matrix.cpp b/src/libs/dxvk-native-1.9.2a/src/util/util_matrix.cpp +index 2c5e9314..64890169 100644 +--- a/src/libs/dxvk-native-1.9.2a/src/util/util_matrix.cpp ++++ b/src/libs/dxvk-native-1.9.2a/src/util/util_matrix.cpp +@@ -1,3 +1,5 @@ ++#include <cstdint> ++ + #include "util_matrix.h" + + namespace dxvk { +diff --git a/src/libs/dxvk-native-1.9.2a/src/util/util_vector.h b/src/libs/dxvk-native-1.9.2a/src/util/util_vector.h +index 77cdf294..9dcb4bf9 100644 +--- a/src/libs/dxvk-native-1.9.2a/src/util/util_vector.h ++++ b/src/libs/dxvk-native-1.9.2a/src/util/util_vector.h +@@ -1,5 +1,6 @@ + #pragma once + ++#include <cstdint> + #include <iostream> + + #include "util_bit.h" diff --git a/nixpkgs/pkgs/applications/virtualization/virtualbox/libxml-2.12.patch b/nixpkgs/pkgs/applications/virtualization/virtualbox/libxml-2.12.patch new file mode 100644 index 000000000000..4631f304735c --- /dev/null +++ b/nixpkgs/pkgs/applications/virtualization/virtualbox/libxml-2.12.patch @@ -0,0 +1,47 @@ +diff --git a/include/iprt/cpp/xml.h b/include/iprt/cpp/xml.h +index 40975e86..7639c281 100644 +--- a/include/iprt/cpp/xml.h ++++ b/include/iprt/cpp/xml.h +@@ -113,9 +113,9 @@ public: + class RT_DECL_CLASS XmlError : public RuntimeError + { + public: +- XmlError(xmlErrorPtr aErr); ++ XmlError(const xmlError *aErr); + +- static char* Format(xmlErrorPtr aErr); ++ static char* Format(const xmlError *aErr); + }; + + // Logical errors +diff --git a/src/VBox/Runtime/r3/xml.cpp b/src/VBox/Runtime/r3/xml.cpp +index a6661760..b301a6c6 100644 +--- a/src/VBox/Runtime/r3/xml.cpp ++++ b/src/VBox/Runtime/r3/xml.cpp +@@ -131,7 +131,7 @@ LogicError::LogicError(RT_SRC_POS_DECL) + RTStrFree(msg); + } + +-XmlError::XmlError(xmlErrorPtr aErr) ++XmlError::XmlError(const xmlError *aErr) + { + if (!aErr) + throw EInvalidArg(RT_SRC_POS); +@@ -145,7 +145,7 @@ XmlError::XmlError(xmlErrorPtr aErr) + * Composes a single message for the given error. The caller must free the + * returned string using RTStrFree() when no more necessary. + */ +-/* static */ char *XmlError::Format(xmlErrorPtr aErr) ++/* static */ char *XmlError::Format(const xmlError *aErr) + { + const char *msg = aErr->message ? aErr->message : "<none>"; + size_t msgLen = strlen(msg); +@@ -1856,7 +1856,7 @@ static void xmlParserBaseGenericError(void *pCtx, const char *pszMsg, ...) RT_NO + va_end(args); + } + +-static void xmlParserBaseStructuredError(void *pCtx, xmlErrorPtr error) RT_NOTHROW_DEF ++static void xmlParserBaseStructuredError(void *pCtx, const xmlError *error) RT_NOTHROW_DEF + { + NOREF(pCtx); + /* we expect that there is always a trailing NL */ |