diff options
Diffstat (limited to 'pkgs/applications/virtualization')
26 files changed, 530 insertions, 185 deletions
diff --git a/pkgs/applications/virtualization/OVMF/default.nix b/pkgs/applications/virtualization/OVMF/default.nix index c0080329487f..e475c4ed78af 100644 --- a/pkgs/applications/virtualization/OVMF/default.nix +++ b/pkgs/applications/virtualization/OVMF/default.nix @@ -16,7 +16,7 @@ let else throw "Unsupported architecture"; - version = (builtins.parseDrvName edk2.name).version; + version = lib.getVersion edk2; in edk2.mkDerivation projectDscPath { diff --git a/pkgs/applications/virtualization/bochs/default.nix b/pkgs/applications/virtualization/bochs/default.nix index 72db4f1e5aa5..770154f1918b 100644 --- a/pkgs/applications/virtualization/bochs/default.nix +++ b/pkgs/applications/virtualization/bochs/default.nix @@ -1,6 +1,6 @@ { stdenv, fetchurl , pkgconfig, libtool -, gtk2, libGLU_combined, readline, libX11, libXpm +, gtk2, libGLU, libGL, readline, libX11, libXpm , docbook_xml_dtd_45, docbook_xsl , sdlSupport ? true, SDL2 ? null , termSupport ? true, ncurses ? null @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { patches = [ ./bochs-2.6.9-glibc-2.26.patch ]; buildInputs = with stdenv.lib; - [ pkgconfig libtool gtk2 libGLU_combined readline libX11 libXpm docbook_xml_dtd_45 docbook_xsl ] + [ pkgconfig libtool gtk2 libGLU libGL readline libX11 libXpm docbook_xml_dtd_45 docbook_xsl ] ++ optionals termSupport [ ncurses ] ++ optionals sdlSupport [ SDL2 ] ++ optionals wxSupport [ wxGTK ] diff --git a/pkgs/applications/virtualization/charliecloud/default.nix b/pkgs/applications/virtualization/charliecloud/default.nix index 35c78dfd50a4..a0694b7efbe8 100644 --- a/pkgs/applications/virtualization/charliecloud/default.nix +++ b/pkgs/applications/virtualization/charliecloud/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { - version = "0.11"; + version = "0.12"; pname = "charliecloud"; src = fetchFromGitHub { owner = "hpc"; repo = "charliecloud"; rev = "v${version}"; - sha256 = "10dzas5fyh2lpa0kf1xv8z9c4g4cf0zlmnpilyvpcyccyfjf6cp2"; + sha256 = "177rcf1klcxsp6x9cw75cmz3y2izgd1hvi1rb9vc6iz9qx1nmk3v"; }; buildInputs = [ python ]; diff --git a/pkgs/applications/virtualization/cntr/default.nix b/pkgs/applications/virtualization/cntr/default.nix index 13afe0a42619..698f6df0673a 100644 --- a/pkgs/applications/virtualization/cntr/default.nix +++ b/pkgs/applications/virtualization/cntr/default.nix @@ -2,13 +2,13 @@ rustPlatform.buildRustPackage rec { pname = "cntr"; - version = "1.2.0"; + version = "1.2.1"; src = fetchFromGitHub { owner = "Mic92"; repo = "cntr"; rev = version; - sha256 = "0lmbsnjia44h4rskqkv9yc7xb6f3qjgbg8kcr9zqnr7ivr5fjcxg"; + sha256 = "0dhfz7aj3cqi974ybf0axchih40rzrs9m8bxhwz1hgig57aisfc0"; }; cargoSha256 = "0xkwza9fx61pvlsm0s3dxc9i09mqp6c9df8w63fyiq7174vjxryx"; diff --git a/pkgs/applications/virtualization/conmon/default.nix b/pkgs/applications/virtualization/conmon/default.nix index 89df7dae4a47..77f3d271b594 100644 --- a/pkgs/applications/virtualization/conmon/default.nix +++ b/pkgs/applications/virtualization/conmon/default.nix @@ -9,13 +9,13 @@ stdenv.mkDerivation rec { project = "conmon"; name = "${project}-${version}"; - version = "2.0.2"; + version = "2.0.8"; src = fetchFromGitHub { owner = "containers"; repo = project; rev = "v${version}"; - sha256 = "1ha5vhjlb12kshh0j1vpl1vjk8ym9w2j1x762y6zdspkdha1w3dv"; + sha256 = "17pv80ba79wh4nwxy3wl0vl1m8054s346hgcp87iy3mpnrvq2cv2"; }; nativeBuildInputs = [ pkgconfig ]; diff --git a/pkgs/applications/virtualization/cri-o/default.nix b/pkgs/applications/virtualization/cri-o/default.nix index 07b6d0249904..29111399ae96 100644 --- a/pkgs/applications/virtualization/cri-o/default.nix +++ b/pkgs/applications/virtualization/cri-o/default.nix @@ -17,7 +17,7 @@ buildGoPackage rec { project = "cri-o"; - version = "1.15.2"; + version = "1.16.1"; name = "${project}-${version}${flavor}"; goPackagePath = "github.com/${project}/${project}"; @@ -26,7 +26,7 @@ buildGoPackage rec { owner = "cri-o"; repo = "cri-o"; rev = "v${version}"; - sha256 = "0fiizxwxdq87h943421ivgw49jndk23yjz3saf1rzmn7g3xh2pn4"; + sha256 = "0w690zhc55gdqzc31jc34nrzwd253pfb3rq23z51q22nqwmlsh9p"; }; outputs = [ "bin" "out" ]; @@ -42,17 +42,23 @@ buildGoPackage rec { pushd go/src/${goPackagePath} # Build pause - go build -tags ${makeFlags} -o bin/crio-config -buildmode=pie \ - -ldflags '-s -w ${ldflags}' ${goPackagePath}/cmd/crio-config - make -C pause - # Build the crio binary - go build -tags ${makeFlags} -o bin/crio -buildmode=pie \ - -ldflags '-s -w ${ldflags}' ${goPackagePath}/cmd/crio + # Build the crio binaries + function build() { + go build \ + -tags ${makeFlags} \ + -o bin/"$1" \ + -buildmode=pie \ + -ldflags '-s -w ${ldflags}' \ + ${goPackagePath}/cmd/"$1" + } + build crio + build crio-status ''; installPhase = '' install -Dm755 bin/crio $bin/bin/crio${flavor} + install -Dm755 bin/crio-status $bin/bin/crio-status${flavor} mkdir -p $bin/libexec/crio install -Dm755 bin/pause $bin/libexec/crio/pause${flavor} diff --git a/pkgs/applications/virtualization/crosvm/default-seccomp-policy-dir.diff b/pkgs/applications/virtualization/crosvm/default-seccomp-policy-dir.diff new file mode 100644 index 000000000000..f1aa50ee102c --- /dev/null +++ b/pkgs/applications/virtualization/crosvm/default-seccomp-policy-dir.diff @@ -0,0 +1,15 @@ +diff --git a/src/crosvm.rs b/src/crosvm.rs +index b7055df..5989c87 100644 +--- a/src/crosvm.rs ++++ b/src/crosvm.rs +@@ -141,7 +141,9 @@ impl Default for Config { + x_display: None, + shared_dirs: Vec::new(), + sandbox: !cfg!(feature = "default-no-sandbox"), +- seccomp_policy_dir: PathBuf::from(SECCOMP_POLICY_DIR), ++ seccomp_policy_dir: PathBuf::from( ++ option_env!("DEFAULT_SECCOMP_POLICY_DIR").unwrap_or(SECCOMP_POLICY_DIR), ++ ), + seccomp_log_failures: false, + cras_audio: false, + cras_capture: false, diff --git a/pkgs/applications/virtualization/crosvm/default.nix b/pkgs/applications/virtualization/crosvm/default.nix new file mode 100644 index 000000000000..5035b65f9818 --- /dev/null +++ b/pkgs/applications/virtualization/crosvm/default.nix @@ -0,0 +1,89 @@ +{ stdenv, rustPlatform, fetchgit, runCommand, symlinkJoin +, pkgconfig, minijail, dtc, libusb1, libcap +}: + +let + + upstreamInfo = with builtins; fromJSON (readFile ./upstream-info.json); + + arch = with stdenv.hostPlatform; + if isAarch64 then "arm" + else if isx86_64 then "x86_64" + else throw "no seccomp policy files available for host platform"; + + crosvmSrc = fetchgit { + inherit (upstreamInfo.components."chromiumos/platform/crosvm") + url rev sha256 fetchSubmodules; + }; + + adhdSrc = fetchgit { + inherit (upstreamInfo.components."chromiumos/third_party/adhd") + url rev sha256 fetchSubmodules; + }; + +in + + rustPlatform.buildRustPackage rec { + pname = "crosvm"; + inherit (upstreamInfo) version; + + unpackPhase = '' + runHook preUnpack + + mkdir -p chromiumos/platform chromiumos/third_party + + pushd chromiumos/platform + unpackFile ${crosvmSrc} + mv ${crosvmSrc.name} crosvm + popd + + pushd chromiumos/third_party + unpackFile ${adhdSrc} + mv ${adhdSrc.name} adhd + popd + + chmod -R u+w -- "$sourceRoot" + + runHook postUnpack + ''; + + sourceRoot = "chromiumos/platform/crosvm"; + + patches = [ + ./default-seccomp-policy-dir.diff + ]; + + cargoSha256 = "1d7y07wkliy5qnlyx5zj6ni39avhs3s48sqgvwxm5g5zrahg2a85"; + + nativeBuildInputs = [ pkgconfig ]; + + buildInputs = [ dtc libcap libusb1 minijail ]; + + postPatch = '' + sed -i "s|/usr/share/policy/crosvm/|$out/share/policy/|g" \ + seccomp/*/*.policy + ''; + + preBuild = '' + export DEFAULT_SECCOMP_POLICY_DIR=$out/share/policy + ''; + + postInstall = '' + mkdir -p $out/share/policy/ + cp seccomp/${arch}/* $out/share/policy/ + ''; + + passthru = { + inherit adhdSrc; + src = crosvmSrc; + updateScript = ./update.py; + }; + + meta = with stdenv.lib; { + description = "A secure virtual machine monitor for KVM"; + homepage = "https://chromium.googlesource.com/chromiumos/platform/crosvm/"; + maintainers = with maintainers; [ qyliss ]; + license = licenses.bsd3; + platforms = [ "aarch64-linux" "x86_64-linux" ]; + }; + } diff --git a/pkgs/applications/virtualization/crosvm/update.py b/pkgs/applications/virtualization/crosvm/update.py new file mode 100755 index 000000000000..280d6ec18119 --- /dev/null +++ b/pkgs/applications/virtualization/crosvm/update.py @@ -0,0 +1,91 @@ +#! /usr/bin/env nix-shell +#! nix-shell -p nix-prefetch-git "python3.withPackages (ps: with ps; [ lxml ])" +#! nix-shell -i python + +import base64 +import json +import re +import subprocess +from codecs import iterdecode +from os.path import dirname, splitext +from lxml import etree +from lxml.etree import HTMLParser +from urllib.request import urlopen + +# ChromiumOS components required to build crosvm. +components = ['chromiumos/platform/crosvm', 'chromiumos/third_party/adhd'] + +git_root = 'https://chromium.googlesource.com/' +manifest_versions = f'{git_root}chromiumos/manifest-versions' +buildspecs_url = f'{manifest_versions}/+/refs/heads/master/paladin/buildspecs/' + +# CrOS version numbers look like this: +# [<chrome-major-version>.]<tip-build>.<branch-build>.<branch-branch-build> +# +# As far as I can tell, branches are where internal Google +# modifications are added to turn Chromium OS into Chrome OS, and +# branch branches are used for fixes for specific devices. So for +# Chromium OS they will always be 0. This is a best guess, and is not +# documented. +with urlopen('https://cros-updates-serving.appspot.com/') as resp: + document = etree.parse(resp, HTMLParser()) + # bgcolor="lightgreen" is set on the most up-to-date version for + # each channel, so find a lightgreen cell in the "Stable" column. + (platform_version, chrome_version) = document.xpath(""" + (//table[@id="cros-updates"]/tr/td[1 + count( + //table[@id="cros-updates"]/thead/tr[1]/th[text() = "Stable"] + /preceding-sibling::*) + ][@bgcolor="lightgreen"])[1]/text() + """) + +chrome_major_version = re.match(r'\d+', chrome_version)[0] +chromeos_tip_build = re.match(r'\d+', platform_version)[0] + +# Find the most recent buildspec for the stable Chrome version and +# Chromium OS build number. Its branch build and branch branch build +# numbers will (almost?) certainly be 0. It will then end with an rc +# number -- presumably these are release candidates, one of which +# becomes the final release. Presumably the one with the highest rc +# number. +with urlopen(f'{buildspecs_url}{chrome_major_version}/?format=TEXT') as resp: + listing = base64.decodebytes(resp.read()).decode('utf-8') + buildspecs = [(line.split('\t', 1)[1]) for line in listing.splitlines()] + buildspecs = [s for s in buildspecs if s.startswith(chromeos_tip_build)] + buildspecs.sort(reverse=True) + buildspec = splitext(buildspecs[0])[0] + +revisions = {} + +# Read the buildspec, and extract the git revisions for each component. +with urlopen(f'{buildspecs_url}{chrome_major_version}/{buildspec}.xml?format=TEXT') as resp: + xml = base64.decodebytes(resp.read()) + root = etree.fromstring(xml) + for project in root.findall('project'): + revisions[project.get('name')] = project.get('revision') + +# Initialize the data that will be output from this script. Leave the +# rc number in buildspec so nobody else is subject to the same level +# of confusion I have been. +data = {'version': f'{chrome_major_version}.{buildspec}', 'components': {}} + +# Fill in the 'components' dictionary with the output from +# nix-prefetch-git, which can be passed straight to fetchGit when +# imported by Nix. +for component in components: + argv = ['nix-prefetch-git', + '--url', git_root + component, + '--rev', revisions[component]] + + output = subprocess.check_output(argv) + data['components'][component] = json.loads(output.decode('utf-8')) + +# Find the path to crosvm's default.nix, so the srcs data can be +# written into the same directory. +argv = ['nix-instantiate', '--eval', '--json', '-A', 'crosvm.meta.position'] +position = json.loads(subprocess.check_output(argv).decode('utf-8')) +filename = re.match(r'[^:]*', position)[0] + +# Finally, write the output. +with open(dirname(filename) + '/upstream-info.json', 'w') as out: + json.dump(data, out, indent=2) + out.write('\n') diff --git a/pkgs/applications/virtualization/crosvm/upstream-info.json b/pkgs/applications/virtualization/crosvm/upstream-info.json new file mode 100644 index 000000000000..690eca38bffb --- /dev/null +++ b/pkgs/applications/virtualization/crosvm/upstream-info.json @@ -0,0 +1,19 @@ +{ + "version": "79.12607.0.0-rc4", + "components": { + "chromiumos/platform/crosvm": { + "url": "https://chromium.googlesource.com/chromiumos/platform/crosvm", + "rev": "cfb7db44eb9e5a0bca9a22bfb985252ef74ab251", + "date": "2019-10-17T23:22:08+00:00", + "sha256": "0gm1ggyzh9qfizm36jmh71c3anygxj1840cm94h71kzg9kiw0330", + "fetchSubmodules": false + }, + "chromiumos/third_party/adhd": { + "url": "https://chromium.googlesource.com/chromiumos/third_party/adhd", + "rev": "a8df1c52bde3bfd2aebc1d7adcd6f195eb212cb1", + "date": "2019-10-17T18:53:18+00:00", + "sha256": "1hyvnvwr5ka9zw4h7hhl6fpsfl2acp3zy4wr5qrw8s1cn8ljr9vy", + "fetchSubmodules": false + } + } +} diff --git a/pkgs/applications/virtualization/crun/default.nix b/pkgs/applications/virtualization/crun/default.nix index 7dddc3b533b4..9376adf8d6a8 100644 --- a/pkgs/applications/virtualization/crun/default.nix +++ b/pkgs/applications/virtualization/crun/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "crun"; - version = "0.8"; + version = "0.10.6"; src = fetchFromGitHub { owner = "containers"; repo = pname; rev = version; - sha256 = "1anvlgw373031w0pp0b28l10yrnyhbj192n60bbbjahw487dk2fi"; + sha256 = "0v1hrlpnln0c976fb0k2ig4jv11qbyzf95z0wy92fd8r8in16rc1"; fetchSubmodules = true; }; diff --git a/pkgs/applications/virtualization/docker-compose/default.nix b/pkgs/applications/virtualization/docker-compose/default.nix index b1c42b099b67..7e8dbf33a7b0 100644 --- a/pkgs/applications/virtualization/docker-compose/default.nix +++ b/pkgs/applications/virtualization/docker-compose/default.nix @@ -7,12 +7,12 @@ }: buildPythonApplication rec { - version = "1.24.1"; + version = "1.25.0"; pname = "docker-compose"; src = fetchPypi { inherit pname version; - sha256 = "0lx7bx6jvhydbab8vwry0bclhdf0dfj6jrns1m5y45yp9ybqxmd5"; + sha256 = "0zlprmsgmj4z627snsl0qmq8y7ggcyqrqm5vxvrvcigl7zywnprc"; }; # lots of networking and other fails diff --git a/pkgs/applications/virtualization/docker/distribution.nix b/pkgs/applications/virtualization/docker/distribution.nix index ed4db853c389..a408d20f3ba0 100644 --- a/pkgs/applications/virtualization/docker/distribution.nix +++ b/pkgs/applications/virtualization/docker/distribution.nix @@ -2,7 +2,7 @@ buildGoPackage rec { pname = "distribution"; - version = "2.6.2"; + version = "2.7.1"; rev = "v${version}"; goPackagePath = "github.com/docker/distribution"; @@ -11,7 +11,7 @@ buildGoPackage rec { owner = "docker"; repo = "distribution"; inherit rev; - sha256 = "0nj4xd72mik4pj8g065cqb0yjmgpj5ppsqf2k5ibz9f68c39c00b"; + sha256 = "1nx8b5a68rn81alp8wkkw6qd5v32mgf0fk23mxm60zdf63qk1nzw"; }; meta = with stdenv.lib; { diff --git a/pkgs/applications/virtualization/gvisor/containerd-shim.nix b/pkgs/applications/virtualization/gvisor/containerd-shim.nix new file mode 100644 index 000000000000..0161a117def3 --- /dev/null +++ b/pkgs/applications/virtualization/gvisor/containerd-shim.nix @@ -0,0 +1,36 @@ +{ lib, fetchFromGitHub, buildGoModule, go-bindata }: + +buildGoModule rec { + name = "gvisor-containerd-shim-${version}"; + version = "2019-10-09"; + + src = fetchFromGitHub { + owner = "google"; + repo = "gvisor-containerd-shim"; + rev = "f299b553afdd8455a0057862004061ea12e660f5"; + sha256 = "077bhrmjrpcxv1z020yxhx2c4asn66j21gxlpa6hz0av3lfck9lm"; + }; + + modSha256 = "1jdhgbrn59ahnabwnig99i21f6kimmqx9f3dg10ffwfs3dx0gzlg"; + + buildPhase = '' + make + ''; + + doCheck = true; + checkPhase = '' + make test + ''; + + installPhase = '' + make install DESTDIR="$out" + ''; + + meta = with lib; { + description = "containerd shim for gVisor"; + homepage = https://github.com/google/gvisor-containerd-shim; + license = licenses.asl20; + maintainers = with maintainers; [ andrew-d ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/pkgs/applications/virtualization/gvisor/default.nix b/pkgs/applications/virtualization/gvisor/default.nix new file mode 100644 index 000000000000..2d99fb3bf573 --- /dev/null +++ b/pkgs/applications/virtualization/gvisor/default.nix @@ -0,0 +1,101 @@ +{ stdenv +, buildBazelPackage +, fetchFromGitHub +, cacert +, git +, glibcLocales +, go +, iproute +, iptables +, makeWrapper +, procps +, python3 +}: + +let + preBuild = '' + patchShebangs . + + # Tell rules_go to use the Go binary found in the PATH + sed -E -i \ + -e 's|go_version\s*=\s*"[^"]+",|go_version = "host",|g' \ + WORKSPACE + + # The gazelle Go tooling needs CA certs + export SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt" + + # If we don't reset our GOPATH, the rules_go stdlib builder tries to + # install something into it. Ideally that wouldn't happen, but for now we + # can also get around it by unsetting GOPATH entirely, since rules_go + # doesn't need it. + export GOPATH= + ''; + +in buildBazelPackage rec { + name = "gvisor-${version}"; + version = "2019-11-14"; + + src = fetchFromGitHub { + owner = "google"; + repo = "gvisor"; + rev = "release-20191114.0"; + sha256 = "0kyixjjlws9iz2r2srgpdd4rrq94vpxkmh2rmmzxd9mcqy2i9bg1"; + }; + + nativeBuildInputs = [ git glibcLocales go makeWrapper python3 ]; + + bazelTarget = "//runsc:runsc"; + + # gvisor uses the Starlark implementation of rules_cc, not the built-in one, + # so we shouldn't delete it from our dependencies. + removeRulesCC = false; + + fetchAttrs = { + inherit preBuild; + + preInstall = '' + # Remove the go_sdk (it's just a copy of the go derivation) and all + # references to it from the marker files. Bazel does not need to download + # this sdk because we have patched the WORKSPACE file to point to the one + # currently present in PATH. Without removing the go_sdk from the marker + # file, the hash of it will change anytime the Go derivation changes and + # that would lead to impurities in the marker files which would result in + # a different sha256 for the fetch phase. + rm -rf $bazelOut/external/{go_sdk,\@go_sdk.marker} + + # Remove the gazelle tools, they contain go binaries that are built + # non-deterministically. As long as the gazelle version matches the tools + # should be equivalent. + rm -rf $bazelOut/external/{bazel_gazelle_go_repository_tools,\@bazel_gazelle_go_repository_tools.marker} + + # Remove the gazelle repository cache + chmod -R +w $bazelOut/external/bazel_gazelle_go_repository_cache + rm -rf $bazelOut/external/{bazel_gazelle_go_repository_cache,\@bazel_gazelle_go_repository_cache.marker} + + # Remove log file(s) + rm -f "$bazelOut"/java.log "$bazelOut"/java.log.* + ''; + + sha256 = "122qk6iv8hd7g2a84y9aqqhij4r0m47vpxzbqhhh6k5livc73qd6"; + }; + + buildAttrs = { + inherit preBuild; + + installPhase = '' + install -Dm755 bazel-bin/runsc/*_pure_stripped/runsc $out/bin/runsc + + # Needed for the 'runsc do' subcomand + wrapProgram $out/bin/runsc \ + --prefix PATH : ${stdenv.lib.makeBinPath [ iproute iptables procps ]} + ''; + }; + + meta = with stdenv.lib; { + description = "Container Runtime Sandbox"; + homepage = https://github.com/google/gvisor; + license = licenses.asl20; + maintainers = with maintainers; [ andrew-d ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/pkgs/applications/virtualization/podman-compose/default.nix b/pkgs/applications/virtualization/podman-compose/default.nix new file mode 100644 index 000000000000..31755f87f63c --- /dev/null +++ b/pkgs/applications/virtualization/podman-compose/default.nix @@ -0,0 +1,21 @@ +{ lib, buildPythonApplication, fetchPypi, podman, pyyaml }: + +buildPythonApplication rec { + version = "0.1.5"; + pname = "podman-compose"; + + src = fetchPypi { + inherit pname version; + sha256 = "1sgbc889zq127qhxa9frhswa1mid19fs5qnyzfihx648y5i968pv"; + }; + + propagatedBuildInputs = [ pyyaml podman ]; + + meta = with lib; { + description = "An implementation of docker-compose with podman backend"; + homepage = "https://github.com/containers/podman-compose"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ sikmir ]; + }; +} diff --git a/pkgs/applications/virtualization/podman/default.nix b/pkgs/applications/virtualization/podman/default.nix index fa48c8b5e5ed..9d94ced0bf21 100644 --- a/pkgs/applications/virtualization/podman/default.nix +++ b/pkgs/applications/virtualization/podman/default.nix @@ -5,13 +5,13 @@ buildGoPackage rec { pname = "podman"; - version = "1.6.2"; + version = "1.6.3"; src = fetchFromGitHub { owner = "containers"; repo = "libpod"; rev = "v${version}"; - sha256 = "0cwyrzjjgxclnzc1yx6vm2bvq73mldwxfwalkprzlg8vpqbxji8y"; + sha256 = "0y87pylpff2xl796n5s2vrm90pspzqfw8h4a5gndn1mx18s09s69"; }; goPackagePath = "github.com/containers/libpod"; diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix index 5aa1f2e1f553..f90873c6e336 100644 --- a/pkgs/applications/virtualization/qemu/default.nix +++ b/pkgs/applications/virtualization/qemu/default.nix @@ -36,11 +36,10 @@ in stdenv.mkDerivation rec { version = "4.1.0"; - name = "qemu-" - + stdenv.lib.optionalString xenSupport "xen-" - + stdenv.lib.optionalString hostCpuOnly "host-cpu-only-" - + stdenv.lib.optionalString nixosTestRunner "for-vm-tests-" - + version; + pname = "qemu" + + stdenv.lib.optionalString xenSupport "-xen" + + stdenv.lib.optionalString hostCpuOnly "-host-cpu-only" + + stdenv.lib.optionalString nixosTestRunner "-for-vm-tests"; src = fetchurl { url = "https://wiki.qemu.org/download/qemu-${version}.tar.bz2"; diff --git a/pkgs/applications/virtualization/spike/default.nix b/pkgs/applications/virtualization/spike/default.nix new file mode 100644 index 000000000000..4dbb7fbe4a52 --- /dev/null +++ b/pkgs/applications/virtualization/spike/default.nix @@ -0,0 +1,30 @@ +{ stdenv, fetchgit, dtc }: + +stdenv.mkDerivation rec { + pname = "spike"; + version = "1.0.0"; + + src = fetchgit { + url = "https://github.com/riscv/riscv-isa-sim.git"; + rev = "v${version}"; + sha256 = "1hcl01nj96s3rkz4mrq747s5lkw81lgdjdimb8b1b9h8qnida7ww"; + }; + + nativeBuildInputs = [ dtc ]; + enableParallelBuilding = true; + + patchPhase = '' + patchShebangs scripts/*.sh + patchShebangs tests/ebreak.py + ''; + + doCheck = true; + + meta = with stdenv.lib; { + description = "A RISC-V ISA Simulator"; + homepage = "https://github.com/riscv/riscv-isa-sim"; + license = licenses.bsd3; + platforms = [ "x86_64-linux" "aarch64-linux" ]; + maintainers = with maintainers; [ blitz ]; + }; +} diff --git a/pkgs/applications/virtualization/virt-manager/default.nix b/pkgs/applications/virtualization/virt-manager/default.nix index 42860966fe11..99d20477a125 100644 --- a/pkgs/applications/virtualization/virt-manager/default.nix +++ b/pkgs/applications/virtualization/virt-manager/default.nix @@ -9,17 +9,12 @@ with stdenv.lib; -# TODO: remove after there's support for setupPyDistFlags -let - setuppy = ../../../development/interpreters/python/run_setup.py; -in python3Packages.buildPythonApplication rec { - name = "virt-manager-${version}"; + pname = "virt-manager"; version = "2.2.1"; - namePrefix = ""; src = fetchurl { - url = "http://virt-manager.org/download/sources/virt-manager/${name}.tar.gz"; + url = "http://virt-manager.org/download/sources/virt-manager/${pname}-${version}.tar.gz"; sha256 = "06ws0agxlip6p6n3n43knsnjyd91gqhh2dadgc33wl9lx1k8vn6g"; }; @@ -49,13 +44,7 @@ python3Packages.buildPythonApplication rec { ${python3Packages.python.interpreter} setup.py configure --prefix=$out ''; - # TODO: remove after there's support for setupPyDistFlags - buildPhase = '' - runHook preBuild - cp ${setuppy} nix_run_setup - ${python3Packages.python.pythonForBuild.interpreter} nix_run_setup --no-update-icon-cache build_ext bdist_wheel - runHook postBuild - ''; + setupPyGlobalFlags = [ "--no-update-icon-cache" ]; preFixup = '' gappsWrapperArgs+=(--set PYTHONPATH "$PYTHONPATH") diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix index addcf125e27e..6ecdf1d29bc1 100644 --- a/pkgs/applications/virtualization/virtualbox/default.nix +++ b/pkgs/applications/virtualization/virtualbox/default.nix @@ -2,7 +2,7 @@ , libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL, libcap, libGL , libpng, glib, lvm2, libXrandr, libXinerama, libopus, qtbase, qtx11extras , qttools, qtsvg, qtwayland, pkgconfig, which, docbook_xsl, docbook_xml_dtd_43 -, alsaLib, curl, libvpx, nettools, dbus, substituteAll +, alsaLib, curl, libvpx, nettools, dbus, substituteAll, fetchpatch , makeself, perl , javaBindings ? true, jdk ? null # Almost doesn't affect closure size , pythonBindings ? false, python3 ? null @@ -21,8 +21,8 @@ let buildType = "release"; # Remember to change the extpackRev and version in extpack.nix and # guest-additions/default.nix as well. - main = "1hxbvr78b0fddcn7npz72ki89lpmbgqj4b5qvxm1wik7v0d8v1y8"; - version = "6.0.12"; + main = "036x2mvkk22lbg72cz6pik9z538j1ag6mmwjjmfikgrq1i7v24jy"; + version = "6.0.14"; in stdenv.mkDerivation { pname = "virtualbox"; inherit version; @@ -92,9 +92,26 @@ in stdenv.mkDerivation { }) ++ [ ./qtx11extras.patch - # Kernel 5.3 fix, should be fixed with VirtualBox 6.0.14 - # https://www.virtualbox.org/ticket/18911 - ./kernel-5.3-fix.patch + # Kernel 5.4 fix, should be fixed with next upstream release + # https://www.virtualbox.org/ticket/18945 + (fetchpatch { + name = "kernel-5.4-fix-1.patch"; + url = "https://www.virtualbox.org/changeset/81586/vbox?format=diff"; + sha256 = "0zbkc9v65pkdmjik53x29g39qyf7narkhpwpx5n1n1bfqnhf0k1r"; + stripLen = 1; + }) + (fetchpatch { + name = "kernel-5.4-fix-2.patch"; + url = "https://www.virtualbox.org/changeset/81587/vbox?format=diff"; + sha256 = "1j98cqxj8qlqwaqr4mvwwbkmchw8jmygjwgzz82gix7fj76j2y9c"; + stripLen = 1; + }) + (fetchpatch { + name = "kernel-5.4-fix-3.patch"; + url = "https://www.virtualbox.org/changeset/81649/vbox?format=diff"; + sha256 = "1d6p5k5dgzmjglqfkbcbvpn1x3wxila30q4gcbb7pxwfgclaw2hk"; + stripLen = 1; + }) ]; postPatch = '' @@ -214,7 +231,7 @@ in stdenv.mkDerivation { description = "PC emulator"; license = licenses.gpl2; homepage = https://www.virtualbox.org/; - maintainers = with maintainers; [ flokli sander ]; + maintainers = with maintainers; [ sander ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/applications/virtualization/virtualbox/extpack.nix b/pkgs/applications/virtualization/virtualbox/extpack.nix index 56400a759457..c935a40c5400 100644 --- a/pkgs/applications/virtualization/virtualbox/extpack.nix +++ b/pkgs/applications/virtualization/virtualbox/extpack.nix @@ -2,7 +2,7 @@ with lib; -let version = "6.0.12"; +let version = "6.0.14"; in fetchurl rec { name = "Oracle_VM_VirtualBox_Extension_Pack-${version}.vbox-extpack"; @@ -11,14 +11,14 @@ fetchurl rec { # Manually sha256sum the extensionPack file, must be hex! # Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`. # Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS - let value = "27a0956940654b0accf4d79692078bd496d9f062e4ed3da69e5421cba8d1e444"; + let value = "c8a5cc980c9c94cdac3d94e23cf159c2433aae76b416dbfb5b1a918758f21e63"; in assert (builtins.stringLength value) == 64; value; meta = { description = "Oracle Extension pack for VirtualBox"; license = licenses.virtualbox-puel; homepage = https://www.virtualbox.org/; - maintainers = with maintainers; [ flokli sander cdepillabout ]; + maintainers = with maintainers; [ sander cdepillabout ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix index af247af0051e..690b72f3eeb0 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchurl, lib, patchelf, cdrkit, kernel, which, makeWrapper -, zlib, xorg, dbus, virtualbox, dos2unix }: +, zlib, xorg, dbus, virtualbox, dos2unix, fetchpatch, findutils, patchutils }: let version = virtualbox.version; @@ -21,12 +21,12 @@ let { name = "libXfixes.so"; pkg = xorg.libXfixes; } ]; -in stdenv.mkDerivation { +in stdenv.mkDerivation rec { name = "VirtualBox-GuestAdditions-${version}-${kernel.version}"; src = fetchurl { url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso"; - sha256 = "0hflsbx70dli34mpx94vd33p55ycfs3ahzwcdzqxdiwiiskjpykq"; + sha256 = "1c9ysx0fhxxginmp607b4fk74dvlr32n6w52gawm06prf4xg90nb"; }; KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; @@ -43,13 +43,67 @@ in stdenv.mkDerivation { prePatch = '' substituteInPlace src/vboxguest-${version}/vboxvideo/vbox_ttm.c \ --replace "<ttm/" "<drm/ttm/" - ${dos2unix}/bin/dos2unix src/vboxguest-${version}/vboxguest/r0drv/linux/mp-r0drv-linux.c + + echo ${lib.escapeShellArgs patches} | \ + ${findutils}/bin/xargs -n1 ${patchutils}/bin/lsdiff --strip=1 --addprefix=src/vboxguest-${version}/ | \ + ${findutils}/bin/xargs ${dos2unix}/bin/dos2unix ''; patchFlags = [ "-p1" "-d" "src/vboxguest-${version}" ]; - # Kernel 5.3 fix, should be fixed with VirtualBox 6.0.14 - # https://www.virtualbox.org/ticket/18911 - patches = [ ./kernel-5.3-fix.patch ]; + # Kernel 5.4 fix, should be fixed with next upstream release + # https://www.virtualbox.org/ticket/18945 + patches = lib.concatLists (lib.mapAttrsToList (changeset: args: + map (arg: + fetchpatch ({ + name = "kernel-5.4-fix-${changeset}.patch"; + url = "https://www.virtualbox.org/changeset/${changeset}/vbox?format=diff"; + } // arg)) args) { + "81586" = [{ + sha256 = "126z67x6vy65w6jlqbh4z4f1cffxnycwb69vns0154bawbsbxsiw"; + stripLen = 5; + extraPrefix = "vboxguest/"; + }]; + "81587" = [ + { + sha256 = "0simzswnl0wvnc2i9gixz99rfc7lxk1nrnskksrlrrl9hqnh0lva"; + stripLen = 5; + extraPrefix = "vboxsf/"; + includes = [ "*/the-linux-kernel.h" ]; + } + { + sha256 = "0a8r9h3x3lcjq2fykgqhdaykp00rnnkbxz8xnxg847zgvca15y02"; + stripLen = 5; + extraPrefix = "vboxguest/"; + includes = [ "*/the-linux-kernel.h" ]; + } + ]; + "81649" = [ + { + sha256 = "1p1skxlvqigydxr4sk7w51lpk7nxg0d9lppq39sdnfmgi1z0h0sc"; + stripLen = 2; + extraPrefix = "vboxguest/"; + includes = [ "*/cdefs.h" ]; + } + { + sha256 = "1j060ggdnndyjdhkfvs15306gl7g932sim9xjmx2mnx8gjdmg37f"; + stripLen = 2; + extraPrefix = "vboxsf/"; + includes = [ "*/cdefs.h" ]; + } + { + sha256 = "060h3a5k2yklbvlg0hyg4x87xrg37cvv3rjb67xizlwvlyy6ykkg"; + stripLen = 5; + extraPrefix = "vboxguest/"; + includes = [ "*/thread2-r0drv-linux.c" ]; + } + { + sha256 = "0cxlkf7cy751gl8dgzr7vkims1kmx5pgzsrxyk8w18zyp5nk9glw"; + stripLen = 7; + extraPrefix = "vboxvideo/"; + includes = [ "*/vbox_*.c" ]; + } + ]; + }); unpackPhase = '' ${if stdenv.hostPlatform.system == "i686-linux" || stdenv.hostPlatform.system == "x86_64-linux" then '' diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/kernel-5.3-fix.patch b/pkgs/applications/virtualization/virtualbox/guest-additions/kernel-5.3-fix.patch deleted file mode 100644 index 0bdd9ec10563..000000000000 --- a/pkgs/applications/virtualization/virtualbox/guest-additions/kernel-5.3-fix.patch +++ /dev/null @@ -1,50 +0,0 @@ ---- a/vboxguest/r0drv/linux/mp-r0drv-linux.c -+++ a/vboxguest/r0drv/linux/mp-r0drv-linux.c -@@ -283,12 +283,15 @@ - if (RTCpuSetCount(&OnlineSet) > 1) - { - /* Fire the function on all other CPUs without waiting for completion. */ --# if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) -+# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 3, 0) -+ smp_call_function(rtmpLinuxAllWrapper, &Args, 0 /* wait */); -+# elif LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) - int rc = smp_call_function(rtmpLinuxAllWrapper, &Args, 0 /* wait */); -+ Assert(!rc); NOREF(rc); - # else - int rc = smp_call_function(rtmpLinuxAllWrapper, &Args, 0 /* retry */, 0 /* wait */); --# endif - Assert(!rc); NOREF(rc); -+# endif - } - #endif - -@@ -326,7 +329,6 @@ - { - #ifdef CONFIG_SMP - IPRT_LINUX_SAVE_EFL_AC(); -- int rc; - RTMPARGS Args; - - RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER; -@@ -337,14 +339,17 @@ - Args.cHits = 0; - - RTThreadPreemptDisable(&PreemptState); --# if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) -- rc = smp_call_function(rtmpLinuxWrapper, &Args, 1 /* wait */); -+# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 3, 0) -+ smp_call_function(rtmpLinuxWrapper, &Args, 1 /* wait */); -+# elif LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) -+ int rc = smp_call_function(rtmpLinuxWrapper, &Args, 1 /* wait */); -+ Assert(rc == 0); NOREF(rc); - # else /* older kernels */ -- rc = smp_call_function(rtmpLinuxWrapper, &Args, 0 /* retry */, 1 /* wait */); -+ int rc = smp_call_function(rtmpLinuxWrapper, &Args, 0 /* retry */, 1 /* wait */); -+ Assert(rc == 0); NOREF(rc); - # endif /* older kernels */ - RTThreadPreemptRestore(&PreemptState); - -- Assert(rc == 0); NOREF(rc); - IPRT_LINUX_RESTORE_EFL_AC(); - #else - RT_NOREF(pfnWorker, pvUser1, pvUser2); diff --git a/pkgs/applications/virtualization/virtualbox/kernel-5.3-fix.patch b/pkgs/applications/virtualization/virtualbox/kernel-5.3-fix.patch deleted file mode 100644 index ba9c7c941db9..000000000000 --- a/pkgs/applications/virtualization/virtualbox/kernel-5.3-fix.patch +++ /dev/null @@ -1,72 +0,0 @@ ---- a/src/VBox/HostDrivers/VBoxNetFlt/linux/VBoxNetFlt-linux.c -+++ b/src/VBox/HostDrivers/VBoxNetFlt/linux/VBoxNetFlt-linux.c -@@ -2123,7 +2123,9 @@ - #endif - if (in_dev != NULL) - { -- for_ifa(in_dev) { -+ struct in_ifaddr *ifa; -+ -+ for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { - if (VBOX_IPV4_IS_LOOPBACK(ifa->ifa_address)) - return NOTIFY_OK; - -@@ -2137,7 +2139,7 @@ - - pThis->pSwitchPort->pfnNotifyHostAddress(pThis->pSwitchPort, - /* :fAdded */ true, kIntNetAddrType_IPv4, &ifa->ifa_address); -- } endfor_ifa(in_dev); -+ } - } - - /* ---- a/src/VBox/Runtime/r0drv/linux/mp-r0drv-linux.c -+++ a/src/VBox/Runtime/r0drv/linux/mp-r0drv-linux.c -@@ -283,12 +283,15 @@ - if (RTCpuSetCount(&OnlineSet) > 1) - { - /* Fire the function on all other CPUs without waiting for completion. */ --# if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) -+# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 3, 0) -+ smp_call_function(rtmpLinuxAllWrapper, &Args, 0 /* wait */); -+# elif LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) - int rc = smp_call_function(rtmpLinuxAllWrapper, &Args, 0 /* wait */); -+ Assert(!rc); NOREF(rc); - # else - int rc = smp_call_function(rtmpLinuxAllWrapper, &Args, 0 /* retry */, 0 /* wait */); --# endif - Assert(!rc); NOREF(rc); -+# endif - } - #endif - -@@ -326,7 +329,6 @@ - { - #ifdef CONFIG_SMP - IPRT_LINUX_SAVE_EFL_AC(); -- int rc; - RTMPARGS Args; - - RTTHREADPREEMPTSTATE PreemptState = RTTHREADPREEMPTSTATE_INITIALIZER; -@@ -337,14 +339,17 @@ - Args.cHits = 0; - - RTThreadPreemptDisable(&PreemptState); --# if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) -- rc = smp_call_function(rtmpLinuxWrapper, &Args, 1 /* wait */); -+# if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 3, 0) -+ smp_call_function(rtmpLinuxWrapper, &Args, 1 /* wait */); -+# elif LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 27) -+ int rc = smp_call_function(rtmpLinuxWrapper, &Args, 1 /* wait */); -+ Assert(rc == 0); NOREF(rc); - # else /* older kernels */ -- rc = smp_call_function(rtmpLinuxWrapper, &Args, 0 /* retry */, 1 /* wait */); -+ int rc = smp_call_function(rtmpLinuxWrapper, &Args, 0 /* retry */, 1 /* wait */); -+ Assert(rc == 0); NOREF(rc); - # endif /* older kernels */ - RTThreadPreemptRestore(&PreemptState); - -- Assert(rc == 0); NOREF(rc); - IPRT_LINUX_RESTORE_EFL_AC(); - #else - RT_NOREF(pfnWorker, pvUser1, pvUser2); diff --git a/pkgs/applications/virtualization/x11docker/default.nix b/pkgs/applications/virtualization/x11docker/default.nix index c57a7f6e7714..0d6b3632bc76 100644 --- a/pkgs/applications/virtualization/x11docker/default.nix +++ b/pkgs/applications/virtualization/x11docker/default.nix @@ -1,12 +1,12 @@ { stdenv, fetchFromGitHub, makeWrapper, nx-libs, xorg, getopt, gnugrep, gawk, ps, mount, iproute }: stdenv.mkDerivation rec { pname = "x11docker"; - version = "6.3.0"; + version = "6.5.0"; src = fetchFromGitHub { owner = "mviereck"; repo = "x11docker"; rev = "v${version}"; - sha256 = "0x2sx41y3ylzg511x52k3wh8mfbzp4ialpas6sn4ccagqxh2hc4y"; + sha256 = "1lh45cxzpdwvhahlcayzqwq1q5hra25mszs13j0dswklcjvjqw8b"; }; nativeBuildInputs = [ makeWrapper ]; |