diff options
Diffstat (limited to 'pkgs/applications/virtualization')
25 files changed, 480 insertions, 521 deletions
diff --git a/pkgs/applications/virtualization/OVMF/default.nix b/pkgs/applications/virtualization/OVMF/default.nix index 63c137c220c2..4798e324141d 100644 --- a/pkgs/applications/virtualization/OVMF/default.nix +++ b/pkgs/applications/virtualization/OVMF/default.nix @@ -1,8 +1,22 @@ { stdenv, nixosTests, lib, edk2, util-linux, nasm, acpica-tools, llvmPackages -, csmSupport ? false, seabios -, fdSize2MB ? csmSupport -, fdSize4MB ? false +, fetchurl, python3, pexpect, xorriso, qemu, dosfstools, mtools +, fdSize2MB ? false +, fdSize4MB ? secureBoot , secureBoot ? false +, systemManagementModeRequired ? secureBoot && stdenv.hostPlatform.isx86 +# Whether to create an nvram variables template +# which includes the MSFT secure boot keys +, msVarsTemplate ? false +# When creating the nvram variables template with +# the MSFT keys, we also must provide a certificate +# to use as the PK and first KEK for the keystore. +# +# By default, we use Debian's cert. This default +# should chnage to a NixOS cert once we have our +# own secure boot signing infrastructure. +# +# Ignored if msVarsTemplate is false. +, vendorPkKek ? "$NIX_BUILD_TOP/debian/PkKek-1-Debian.pem" , httpSupport ? false , tpmSupport ? false , tlsSupport ? false @@ -14,28 +28,55 @@ let - projectDscPath = if stdenv.isi686 then - "OvmfPkg/OvmfPkgIa32.dsc" - else if stdenv.isx86_64 then - "OvmfPkg/OvmfPkgX64.dsc" - else if stdenv.hostPlatform.isAarch then - "ArmVirtPkg/ArmVirtQemu.dsc" - else if stdenv.hostPlatform.isRiscV then - "OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc" - else - throw "Unsupported architecture"; + platformSpecific = { + i686 = { + projectDscPath = "OvmfPkg/OvmfPkgIa32.dsc"; + fwPrefix = "OVMF"; + }; + x86_64 = { + projectDscPath = "OvmfPkg/OvmfPkgX64.dsc"; + fwPrefix = "OVMF"; + msVarsArgs = { + flavor = "OVMF_4M"; + archDir = "X64"; + }; + }; + aarch64 = { + projectDscPath = "ArmVirtPkg/ArmVirtQemu.dsc"; + fwPrefix = "AAVMF"; + msVarsArgs = { + flavor = "AAVMF"; + archDir = "AARCH64"; + }; + }; + riscv64 = { + projectDscPath = "OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc"; + fwPrefix = "RISCV_VIRT"; + }; + }; + + cpuName = stdenv.hostPlatform.parsed.cpu.name; + + inherit (platformSpecific.${cpuName}) + projectDscPath fwPrefix msVarsArgs; version = lib.getVersion edk2; - suffixes = { - i686 = "FV/OVMF"; - x86_64 = "FV/OVMF"; - aarch64 = "FV/AAVMF"; - riscv64 = "FV/RISCV_VIRT"; + OvmfPkKek1AppPrefix = "4e32566d-8e9e-4f52-81d3-5bb9715f9727"; + + debian-edk-src = fetchurl { + url = "http://deb.debian.org/debian/pool/main/e/edk2/edk2_2023.11-5.debian.tar.xz"; + sha256 = "1yxlab4md30pxvjadr6b4xn6cyfw0c292q63pyfv4vylvhsb24g4"; }; + buildPrefix = "Build/*/*"; + in +assert platformSpecific ? ${cpuName}; +assert msVarsTemplate -> fdSize4MB; +assert msVarsTemplate -> platformSpecific.${cpuName} ? msVarsArgs; + edk2.mkDerivation projectDscPath (finalAttrs: { pname = "OVMF"; inherit version; @@ -43,7 +84,8 @@ edk2.mkDerivation projectDscPath (finalAttrs: { outputs = [ "out" "fd" ]; nativeBuildInputs = [ util-linux nasm acpica-tools ] - ++ lib.optionals stdenv.cc.isClang [ llvmPackages.bintools llvmPackages.llvm ]; + ++ lib.optionals stdenv.cc.isClang [ llvmPackages.bintools llvmPackages.llvm ] + ++ lib.optionals msVarsTemplate [ python3 pexpect xorriso qemu dosfstools mtools ]; strictDeps = true; hardeningDisable = [ "format" "stackprotector" "pic" "fortify" ]; @@ -54,7 +96,7 @@ edk2.mkDerivation projectDscPath (finalAttrs: { ++ lib.optionals debug [ "-D DEBUG_ON_SERIAL_PORT=TRUE" ] ++ lib.optionals sourceDebug [ "-D SOURCE_DEBUG_ENABLE=TRUE" ] ++ lib.optionals secureBoot [ "-D SECURE_BOOT_ENABLE=TRUE" ] - ++ lib.optionals csmSupport [ "-D CSM_ENABLE" ] + ++ lib.optionals systemManagementModeRequired [ "-D SMM_REQUIRE=TRUE" ] ++ lib.optionals fdSize2MB ["-D FD_SIZE_2MB"] ++ lib.optionals fdSize4MB ["-D FD_SIZE_4MB"] ++ lib.optionals httpSupport [ "-D NETWORK_HTTP_ENABLE=TRUE" "-D NETWORK_HTTP_BOOT_ENABLE=TRUE" ] @@ -66,49 +108,76 @@ edk2.mkDerivation projectDscPath (finalAttrs: { env.PYTHON_COMMAND = "python3"; - postPatch = lib.optionalString csmSupport '' - cp ${seabios}/share/seabios/Csm16.bin OvmfPkg/Csm/Csm16/Csm16.bin + postUnpack = lib.optionalDrvAttr msVarsTemplate '' + unpackFile ${debian-edk-src} ''; - postFixup = ( - if stdenv.hostPlatform.isAarch then '' - mkdir -vp $fd/FV - mkdir -vp $fd/AAVMF - mv -v $out/FV/QEMU_{EFI,VARS}.fd $fd/FV + postConfigure = lib.optionalDrvAttr msVarsTemplate '' + tr -d '\n' < ${vendorPkKek} | sed \ + -e 's/.*-----BEGIN CERTIFICATE-----/${OvmfPkKek1AppPrefix}:/' \ + -e 's/-----END CERTIFICATE-----//' > vendor-cert-string + export PYTHONPATH=$NIX_BUILD_TOP/debian/python:$PYTHONPATH + ''; - # Use Debian dir layout: https://salsa.debian.org/qemu-team/edk2/blob/debian/debian/rules - dd of=$fd/FV/AAVMF_CODE.fd if=/dev/zero bs=1M count=64 - dd of=$fd/FV/AAVMF_CODE.fd if=$fd/FV/QEMU_EFI.fd conv=notrunc - dd of=$fd/FV/AAVMF_VARS.fd if=/dev/zero bs=1M count=64 + postBuild = lib.optionalString stdenv.hostPlatform.isAarch '' + ( + cd ${buildPrefix}/FV + cp QEMU_EFI.fd ${fwPrefix}_CODE.fd + cp QEMU_VARS.fd ${fwPrefix}_VARS.fd + + # QEMU expects 64MiB CODE and VARS files on ARM/AARCH64 architectures + # Truncate the firmware files to the expected size + truncate -s 64M ${fwPrefix}_CODE.fd + truncate -s 64M ${fwPrefix}_VARS.fd + ) + '' + lib.optionalString stdenv.hostPlatform.isRiscV '' + truncate -s 32M ${buildPrefix}/FV/${fwPrefix}_CODE.fd + truncate -s 32M ${buildPrefix}/FV/${fwPrefix}_VARS.fd + '' + lib.optionalString msVarsTemplate '' + ( + cd ${buildPrefix} + python3 $NIX_BUILD_TOP/debian/edk2-vars-generator.py \ + --flavor ${msVarsArgs.flavor} \ + --enrolldefaultkeys ${msVarsArgs.archDir}/EnrollDefaultKeys.efi \ + --shell ${msVarsArgs.archDir}/Shell.efi \ + --code FV/${fwPrefix}_CODE.fd \ + --vars-template FV/${fwPrefix}_VARS.fd \ + --certificate `< $NIX_BUILD_TOP/$sourceRoot/vendor-cert-string` \ + --out-file FV/${fwPrefix}_VARS.ms.fd + ) + ''; - # Also add symlinks for Fedora dir layout: https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/edk2.spec + # TODO: Usage of -bios OVMF.fd is discouraged: https://lists.katacontainers.io/pipermail/kata-dev/2021-January/001650.html + # We should remove the isx86-specifc block here once we're ready to update nixpkgs to stop using that and update the + # release notes accordingly. + postInstall = '' + mkdir -vp $fd/FV + mv -v $out/FV/${fwPrefix}_{CODE,VARS}.fd $fd/FV + '' + lib.optionalString stdenv.hostPlatform.isx86 '' + mv -v $out/FV/${fwPrefix}.fd $fd/FV + '' + lib.optionalString msVarsTemplate '' + mv -v $out/FV/${fwPrefix}_VARS.ms.fd $fd/FV + ln -sv $fd/FV/${fwPrefix}_CODE{,.ms}.fd + '' + lib.optionalString stdenv.hostPlatform.isAarch '' + mv -v $out/FV/QEMU_{EFI,VARS}.fd $fd/FV + # Add symlinks for Fedora dir layout: https://src.fedoraproject.org/cgit/rpms/edk2.git/tree/edk2.spec + mkdir -vp $fd/AAVMF ln -s $fd/FV/AAVMF_CODE.fd $fd/AAVMF/QEMU_EFI-pflash.raw ln -s $fd/FV/AAVMF_VARS.fd $fd/AAVMF/vars-template-pflash.raw - '' - else if stdenv.hostPlatform.isRiscV then '' - mkdir -vp $fd/FV - - mv -v $out/FV/RISCV_VIRT_{CODE,VARS}.fd $fd/FV/ - truncate -s 32M $fd/FV/RISCV_VIRT_CODE.fd - truncate -s 32M $fd/FV/RISCV_VIRT_VARS.fd - '' - else '' - mkdir -vp $fd/FV - mv -v $out/FV/OVMF{,_CODE,_VARS}.fd $fd/FV - ''); + ''; dontPatchELF = true; passthru = let - cpuName = stdenv.hostPlatform.parsed.cpu.name; - suffix = suffixes."${cpuName}" or (throw "Host cpu name `${cpuName}` is not supported in this OVMF derivation!"); - prefix = "${finalAttrs.finalPackage.fd}/${suffix}"; + prefix = "${finalAttrs.finalPackage.fd}/FV/${fwPrefix}"; in { firmware = "${prefix}_CODE.fd"; variables = "${prefix}_VARS.fd"; # This will test the EFI firmware for the host platform as part of the NixOS Tests setup. tests.basic-systemd-boot = nixosTests.systemd-boot.basic; + tests.secureBoot-systemd-boot = nixosTests.systemd-boot.secureBoot; + inherit secureBoot systemManagementModeRequired; }; meta = { diff --git a/pkgs/applications/virtualization/cloud-hypervisor/Cargo.lock b/pkgs/applications/virtualization/cloud-hypervisor/Cargo.lock index 52afc0d15f83..533a473d036e 100644 --- a/pkgs/applications/virtualization/cloud-hypervisor/Cargo.lock +++ b/pkgs/applications/virtualization/cloud-hypervisor/Cargo.lock @@ -5,7 +5,7 @@ version = 3 [[package]] name = "acpi_tables" version = "0.1.0" -source = "git+https://github.com/rust-vmm/acpi_tables?branch=main#1a733bf690ccc10bdfeacad33e3c9f6cce0008fd" +source = "git+https://github.com/rust-vmm/acpi_tables?branch=main#76e8552f57f76ca918e19c0a7b7480d2fa2c7241" dependencies = [ "zerocopy", ] @@ -50,9 +50,9 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.1" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3a30da5c5f2d5e72842e00bcb57657162cdabef0931f40e2deb9b4140440cecd" +checksum = "8901269c6307e8d93993578286ac0edf7f195079ffff5ebdeea6a59ffb7e36bc" [[package]] name = "anstyle-parse" @@ -65,28 +65,28 @@ dependencies = [ [[package]] name = "anstyle-query" -version = "1.0.0" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b" +checksum = "e28923312444cdd728e4738b3f9c9cac739500909bb3d3c94b43551b16517648" dependencies = [ - "windows-sys 0.48.0", + "windows-sys 0.52.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.1" +version = "3.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0699d10d2f4d628a98ee7b57b289abbc98ff3bad977cb3152709d4bf2330628" +checksum = "1cd54b81ec8d6180e24654d0b371ad22fc3dd083b6ff8ba325b72e00c87660a7" dependencies = [ "anstyle", - "windows-sys 0.48.0", + "windows-sys 0.52.0", ] [[package]] name = "anyhow" -version = "1.0.75" +version = "1.0.79" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" +checksum = "080e9890a082662b09c1ad45f567faeeb47f22b5fb23895fbe1e651e718e25ca" [[package]] name = "api_client" @@ -135,13 +135,15 @@ dependencies = [ [[package]] name = "async-channel" -version = "1.9.0" +version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81953c529336010edd6d8e358f886d9581267795c61b19475b71314bffa46d35" +checksum = "1ca33f4bc4ed1babef42cad36cc1f51fa88be00420404e5b1e80ab1b18f7678c" dependencies = [ "concurrent-queue", - "event-listener 2.5.3", + "event-listener 4.0.0", + "event-listener-strategy", "futures-core", + "pin-project-lite", ] [[package]] @@ -223,7 +225,7 @@ dependencies = [ "cfg-if", "event-listener 3.0.0", "futures-lite 1.13.0", - "rustix 0.38.8", + "rustix 0.38.25", "windows-sys 0.48.0", ] @@ -235,7 +237,7 @@ checksum = "5fd55a5ba1179988837d24ab4c7cc8ed6efdeff578ede0416b4225a5fca35bd0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -265,13 +267,13 @@ checksum = "b4eb2cdb97421e01129ccb49169d8279ed21e829929144f4a22a6e54ac549ca1" [[package]] name = "async-trait" -version = "0.1.74" +version = "0.1.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a66537f1bb974b254c98ed142ff995236e81b9d0fe4db0575f46612cb15eb0f9" +checksum = "531b97fb4cd3dfdce92c35dedbfdc1f0b9d8091c8ca943d6dae340ef5012d514" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -312,13 +314,13 @@ dependencies = [ [[package]] name = "bitfield-struct" -version = "0.5.4" +version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eac32db62a43cf33353ce30b4a208b08193ea2086a1c6c004acb0073c706a29d" +checksum = "a26b8cea8bb6a81b75a84603b9e096f05fa86db057904ef29be1deee900532bd" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -338,7 +340,7 @@ name = "block" version = "0.1.0" dependencies = [ "byteorder", - "crc32c", + "crc-any", "io-uring", "libc", "log", @@ -366,17 +368,18 @@ dependencies = [ [[package]] name = "blocking" -version = "1.3.1" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77231a1c8f801696fc0123ec6150ce92cffb8e164a02afb9c8ddee0e9b65ad65" +checksum = "6a37913e8dc4ddcc604f0c6d3bf2887c995153af3611de9e23c352b44c1b9118" dependencies = [ "async-channel", - "async-lock 2.7.0", + "async-lock 3.2.0", "async-task", - "atomic-waker", - "fastrand 1.9.0", - "futures-lite 1.13.0", - "log", + "fastrand 2.0.0", + "futures-io", + "futures-lite 2.1.0", + "piper", + "tracing", ] [[package]] @@ -436,7 +439,7 @@ checksum = "702fc72eb24e5a1e48ce58027a675bc24edd52096d5397d4aea7c6dd9eca0bd1" [[package]] name = "cloud-hypervisor" -version = "37.0.0" +version = "38.0.0" dependencies = [ "anyhow", "api_client", @@ -473,9 +476,9 @@ checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7" [[package]] name = "concurrent-queue" -version = "2.3.0" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f057a694a54f12365049b0958a1685bb52d567f5593b355fbf685838e873d400" +checksum = "d16048cd947b08fa32c24458a22f5dc5e835264f689f4f5653210c69fd107363" dependencies = [ "crossbeam-utils", ] @@ -490,12 +493,12 @@ dependencies = [ ] [[package]] -name = "crc32c" -version = "0.6.4" +name = "crc-any" +version = "2.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8f48d60e5b4d2c53d5c2b1d8a58c849a70ae5e5509b08a48d047e3b65714a74" +checksum = "c01a5e1f881f6fb6099a7bdf949e946719fd4f1fefa56264890574febf0eb6d0" dependencies = [ - "rustc_version", + "debug-helper", ] [[package]] @@ -509,18 +512,15 @@ dependencies = [ [[package]] name = "crc64" -version = "1.0.0" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55626594feae15d266d52440b26ff77de0e22230cf0c113abe619084c1ddc910" +checksum = "2707e3afba5e19b75d582d88bc79237418f2a2a2d673d01cf9b03633b46e98f3" [[package]] name = "crossbeam-utils" -version = "0.8.16" +version = "0.8.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" -dependencies = [ - "cfg-if", -] +checksum = "248e3bacc7dc6baa3b21e405ee045c3047101a49145e7e9eca583ab4c2ca5345" [[package]] name = "crypto-common" @@ -534,9 +534,9 @@ dependencies = [ [[package]] name = "darling" -version = "0.20.3" +version = "0.20.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0209d94da627ab5605dcccf08bb18afa5009cfbef48d8a8b7d7bdbc79be25c5e" +checksum = "c376d08ea6aa96aafe61237c7200d1241cb177b7d3a542d791f2d118e9cbb955" dependencies = [ "darling_core", "darling_macro", @@ -544,30 +544,36 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.20.3" +version = "0.20.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "177e3443818124b357d8e76f53be906d60937f0d3a90773a664fa63fa253e621" +checksum = "33043dcd19068b8192064c704b3f83eb464f91f1ff527b44a4e2b08d9cdb8855" dependencies = [ "fnv", "ident_case", "proc-macro2", "quote", "strsim", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] name = "darling_macro" -version = "0.20.3" +version = "0.20.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "836a9bbc7ad63342d6d6e7b815ccab164bc77a2d95d84bc3117a8c0d5c98e2d5" +checksum = "c5a91391accf613803c2a9bf9abccdbaa07c54b4244a5b64883f9c3c137c86be" dependencies = [ "darling_core", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] +name = "debug-helper" +version = "0.3.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f578e8e2c440e7297e008bb5486a3a8a194775224bbc23729b0dbdfaeebf162e" + +[[package]] name = "derivative" version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -605,9 +611,9 @@ dependencies = [ [[package]] name = "dhat" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f2aaf837aaf456f6706cb46386ba8dffd4013a757e36f4ea05c20dd46b209a3" +checksum = "98cd11d84628e233de0ce467de10b8633f4ddaecafadefc86e13b84b8739b827" dependencies = [ "backtrace", "lazy_static", @@ -668,14 +674,14 @@ checksum = "f95e2801cd355d4a1a3e3953ce6ee5ae9603a5c833455343a8bfe3f44d418246" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] name = "env_logger" -version = "0.10.0" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85cdab6a89accf66733ad5a1693a4dcced6aeff64602b634530dd73c1f3ee9f0" +checksum = "95b3f3e67048839cb0d0781f445682a35113da7121f7c949db0e2be96a4fbece" dependencies = [ "humantime", "is-terminal", @@ -801,9 +807,9 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "futures" -version = "0.3.28" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40" +checksum = "645c6916888f6cb6350d2550b80fb63e734897a8498abe35cfb732b6487804b0" dependencies = [ "futures-channel", "futures-core", @@ -816,9 +822,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.28" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2" +checksum = "eac8f7d7865dcb88bd4373ab671c8cf4508703796caa2b1985a9ca867b3fcb78" dependencies = [ "futures-core", "futures-sink", @@ -826,15 +832,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb1d22c66e66d9d72e1758f0bd7d4fd0bee04cad842ee34587d68c07e45d088c" +checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d" [[package]] name = "futures-executor" -version = "0.3.28" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ccecee823288125bd88b4d7f565c9e58e41858e47ab72e8ea2d64e93624386e0" +checksum = "a576fc72ae164fca6b9db127eaa9a9dda0d61316034f33a0a0d4eda41f02b01d" dependencies = [ "futures-core", "futures-task", @@ -843,9 +849,9 @@ dependencies = [ [[package]] name = "futures-io" -version = "0.3.28" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fff74096e71ed47f8e023204cfd0aa1289cd54ae5430a9523be060cdb849964" +checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1" [[package]] name = "futures-lite" @@ -877,32 +883,32 @@ dependencies = [ [[package]] name = "futures-macro" -version = "0.3.28" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" +checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] name = "futures-sink" -version = "0.3.28" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f43be4fe21a13b9781a69afa4985b0f6ee0e1afab2c6f454a8cf30e2b2237b6e" +checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5" [[package]] name = "futures-task" -version = "0.3.29" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "efd193069b0ddadc69c46389b740bbccdd97203899b48d09c5f7969591d6bae2" +checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004" [[package]] name = "futures-util" -version = "0.3.28" +version = "0.3.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "26b01e40b772d54cf6c6d721c1d1abd0647a0106a12ecaa1c186273392a69533" +checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48" dependencies = [ "futures-channel", "futures-core", @@ -918,9 +924,9 @@ dependencies = [ [[package]] name = "gdbstub" -version = "0.7.0" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09a8b954f9d02b74fe8e89a1c77bd9a6b8206713ebf1b272bfad9573b4a86f88" +checksum = "6341b3480afbb34eaefc7f92713bc92f2d83e338aaa1c44192f9c2956f4a4903" dependencies = [ "bitflags 2.4.1", "cfg-if", @@ -952,9 +958,9 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.2.10" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" +checksum = "fe9006bed769170c11f845cf00c7c1e9092aeb3f268e007c3e760ac68008070f" dependencies = [ "cfg-if", "js-sys", @@ -1121,7 +1127,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" dependencies = [ "hermit-abi", - "rustix 0.38.8", + "rustix 0.38.25", "windows-sys 0.48.0", ] @@ -1142,8 +1148,8 @@ dependencies = [ [[package]] name = "kvm-bindings" -version = "0.6.0" -source = "git+https://github.com/cloud-hypervisor/kvm-bindings?branch=ch-v0.6.0-tdx#7d9ffb47e5b9b1989577258800a0f57c93f1445f" +version = "0.7.0" +source = "git+https://github.com/cloud-hypervisor/kvm-bindings?branch=ch-v0.7.0#2dcf85d4f8aa55befcaa996b699ddb18ec9ed059" dependencies = [ "serde", "serde_derive", @@ -1152,9 +1158,11 @@ dependencies = [ [[package]] name = "kvm-ioctls" -version = "0.13.0" -source = "git+https://github.com/rust-vmm/kvm-ioctls?branch=main#23a3bb045a467e60bb00328a0b13cea13b5815d0" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9002dff009755414f22b962ec6ae6980b07d6d8b06e5297b1062019d72bd6a8c" dependencies = [ + "bitflags 2.4.1", "kvm-bindings", "libc", "vmm-sys-util", @@ -1168,9 +1176,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.147" +version = "0.2.153" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd" [[package]] name = "libssh2-sys" @@ -1200,9 +1208,9 @@ dependencies = [ [[package]] name = "linux-loader" -version = "0.10.0" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "132a531b85b3a164012ab682c72f8f2cce7757f187be5f60782fd2b4cda9cb34" +checksum = "eb68dd3452f25a8defaf0ae593509cff0c777683e4d8924f59ac7c5f89267a83" dependencies = [ "vm-memory", ] @@ -1215,9 +1223,9 @@ checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" [[package]] name = "linux-raw-sys" -version = "0.4.5" +version = "0.4.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57bcfdad1b858c2db7c38303a6d2ad4dfaf5eb53dfeb0910128b2c26d6158503" +checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c" [[package]] name = "lock_api" @@ -1259,7 +1267,7 @@ dependencies = [ [[package]] name = "micro_http" version = "0.1.0" -source = "git+https://github.com/firecracker-microvm/micro-http?branch=main#a4d632f2c5ea45712c0d2002dc909a63879e85c3" +source = "git+https://github.com/firecracker-microvm/micro-http?branch=main#e75dfa1eeea23b69caa7407bc2c3a76d7b7262fb" dependencies = [ "libc", "vmm-sys-util", @@ -1287,7 +1295,7 @@ dependencies = [ [[package]] name = "mshv-bindings" version = "0.1.1" -source = "git+https://github.com/rust-vmm/mshv?branch=main#0dd4d3452a7f2e95199f4b58380acc41458474de" +source = "git+https://github.com/rust-vmm/mshv?branch=main#9d0c11fe9fedfbcf56a5d62fbf4bad80cdf91340" dependencies = [ "libc", "serde", @@ -1299,7 +1307,7 @@ dependencies = [ [[package]] name = "mshv-ioctls" version = "0.1.1" -source = "git+https://github.com/rust-vmm/mshv?branch=main#0dd4d3452a7f2e95199f4b58380acc41458474de" +source = "git+https://github.com/rust-vmm/mshv?branch=main#9d0c11fe9fedfbcf56a5d62fbf4bad80cdf91340" dependencies = [ "libc", "mshv-bindings", @@ -1385,9 +1393,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.18.0" +version = "1.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" +checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" [[package]] name = "open-enum" @@ -1420,9 +1428,9 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.93" +version = "0.9.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db4d56a4c0478783083cfafcc42493dd4a981d41669da64b4572a2a089b51b1d" +checksum = "22e1bf214306098e4832460f797824c05d25aacdf896f64a985fb0fd992454ae" dependencies = [ "cc", "libc", @@ -1549,22 +1557,22 @@ dependencies = [ [[package]] name = "pin-project" -version = "1.1.3" +version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fda4ed1c6c173e3fc7a83629421152e01d7b1f9b7f65fb301e490e8cfc656422" +checksum = "0302c4a0442c456bd56f841aee5c3bfd17967563f6fadc9ceb9f9c23cf3807e0" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.3" +version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4359fd9c9171ec6e8c62926d6faaf553a8dc3f64e1507e76da7911b4f6a04405" +checksum = "266c042b60c9c76b8d53061e52b2e0d1116abc57cefc8c5cd671619a56ac3690" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -1580,6 +1588,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] +name = "piper" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "668d31b1c4eba19242f2088b2bf3316b82ca31082a8335764db4e083db7485d4" +dependencies = [ + "atomic-waker", + "fastrand 2.0.0", + "futures-io", +] + +[[package]] name = "pkg-config" version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1630,7 +1649,7 @@ dependencies = [ "proc-macro2", "quote", "regex", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -1710,18 +1729,18 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.70" +version = "1.0.78" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39278fbbf5fb4f646ce651690877f89d1c5811a3d4acb27700c1cb3cdb78fd3b" +checksum = "e2422ad645d89c99f8f3e6b88a9fdeca7fabeac836b1002371c4367c8f984aae" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.33" +version = "1.0.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" +checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" dependencies = [ "proc-macro2", ] @@ -1766,8 +1785,10 @@ checksum = "8edc89eaa583cf6bc4c6ef16a219f0a60d342ca3bf0eae793560038ac8af1795" name = "rate_limiter" version = "0.1.0" dependencies = [ + "epoll", "libc", "log", + "thiserror", "vmm-sys-util", ] @@ -1837,7 +1858,7 @@ checksum = "bce3a7139d2ee67d07538ee5dba997364fbc243e7e7143e96eb830c74bfaa082" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -1853,15 +1874,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" [[package]] -name = "rustc_version" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" -dependencies = [ - "semver", -] - -[[package]] name = "rustix" version = "0.37.27" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1877,14 +1889,14 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.8" +version = "0.38.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19ed4fa021d81c8392ce04db050a3da9a60299050b7ae1cf482d862b54a7218f" +checksum = "dc99bc2d4f1fed22595588a013687477aedf3cdcfb26558c559edb67b4d9b22e" dependencies = [ "bitflags 2.4.1", "errno", "libc", - "linux-raw-sys 0.4.5", + "linux-raw-sys 0.4.13", "windows-sys 0.48.0", ] @@ -1910,36 +1922,30 @@ dependencies = [ ] [[package]] -name = "semver" -version = "1.0.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" - -[[package]] name = "serde" -version = "1.0.168" +version = "1.0.196" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d614f89548720367ded108b3c843be93f3a341e22d5674ca0dd5cd57f34926af" +checksum = "870026e60fa08c69f064aa766c10f10b1d62db9ccd4d0abb206472bee0ce3b32" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.168" +version = "1.0.196" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4fe589678c688e44177da4f27152ee2d190757271dc7f1d5b6b9f68d869d641" +checksum = "33c85360c95e7d137454dc81d9a4ed2b8efd8fbe19cee57357b32b9771fccb67" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] name = "serde_json" -version = "1.0.107" +version = "1.0.109" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b420ce6e3d8bd882e9b243c6eed35dbc9a6110c9769e74b584e0d68d1f20c65" +checksum = "cb0652c533506ad7a2e353cce269330d6afd8bdfb6d75e0ace5b35aacbd7b9e9" dependencies = [ "itoa", "ryu", @@ -1954,7 +1960,7 @@ checksum = "3081f5ffbb02284dda55132aa26daecedd7372a42417bbbab6f14ab7d6bb9145" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -1976,7 +1982,7 @@ dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -2024,9 +2030,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.11.0" +version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" +checksum = "e6ecd384b10a64542d77071bd64bd7b231f4ed5940fba55e98c3de13824cf3d7" [[package]] name = "socket2" @@ -2084,9 +2090,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.31" +version = "2.0.48" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "718fa2415bcb8d8bd775917a1bf12a7931b6dfa890753378538118181e0cb398" +checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" dependencies = [ "proc-macro2", "quote", @@ -2112,7 +2118,7 @@ dependencies = [ "cfg-if", "fastrand 2.0.0", "redox_syscall 0.3.5", - "rustix 0.38.8", + "rustix 0.38.25", "windows-sys 0.48.0", ] @@ -2131,7 +2137,7 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "21bebf2b7c9e0a515f6e0f8c51dc0f8e4696391e6f1ff30379559f8365fb0df7" dependencies = [ - "rustix 0.38.8", + "rustix 0.38.25", "windows-sys 0.48.0", ] @@ -2152,22 +2158,22 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.40" +version = "1.0.52" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac" +checksum = "83a48fd946b02c0a526b2e9481c8e2a17755e47039164a86c4070446e3a4614d" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.40" +version = "1.0.52" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" +checksum = "e7fbe9b594d6568a6a1443250a7e67d80b74e1e96f6d1715e1e21cc1888291d3" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] @@ -2219,11 +2225,10 @@ dependencies = [ [[package]] name = "tracing" -version = "0.1.37" +version = "0.1.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" +checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef" dependencies = [ - "cfg-if", "pin-project-lite", "tracing-attributes", "tracing-core", @@ -2231,20 +2236,20 @@ dependencies = [ [[package]] name = "tracing-attributes" -version = "0.1.26" +version = "0.1.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" +checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] name = "tracing-core" -version = "0.1.31" +version = "0.1.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" +checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54" dependencies = [ "once_cell", ] @@ -2300,9 +2305,9 @@ checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "versionize" -version = "0.1.10" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dca4b7062e7e6d685901e815c35f9671e059de97c1c0905eeff8592f3fff442f" +checksum = "62929d59c7f6730b7298fcb363760550f4db6e353fbac4076d447d0e82799d6d" dependencies = [ "bincode", "crc64", @@ -2317,8 +2322,8 @@ dependencies = [ [[package]] name = "versionize_derive" -version = "0.1.4" -source = "git+https://github.com/cloud-hypervisor/versionize_derive?branch=ch#e502b1d4aabab342386f0c53780d49f21a6a1df6" +version = "0.1.6" +source = "git+https://github.com/cloud-hypervisor/versionize_derive?branch=ch-0.1.6#7906da996152e2d0ab08f5526440683bf3ca7834" dependencies = [ "proc-macro2", "quote", @@ -2328,7 +2333,7 @@ dependencies = [ [[package]] name = "vfio-bindings" version = "0.4.0" -source = "git+https://github.com/rust-vmm/vfio?branch=main#59c604fa6e42080f0a47c124ba29454fe4cb7475" +source = "git+https://github.com/rust-vmm/vfio?branch=main#0daff4d4c159e842cf18b8b90457a45032b2df5a" dependencies = [ "vmm-sys-util", ] @@ -2336,7 +2341,7 @@ dependencies = [ [[package]] name = "vfio-ioctls" version = "0.2.0" -source = "git+https://github.com/rust-vmm/vfio?branch=main#59c604fa6e42080f0a47c124ba29454fe4cb7475" +source = "git+https://github.com/rust-vmm/vfio?branch=main#0daff4d4c159e842cf18b8b90457a45032b2df5a" dependencies = [ "byteorder", "kvm-bindings", @@ -2354,7 +2359,7 @@ dependencies = [ [[package]] name = "vfio_user" version = "0.1.0" -source = "git+https://github.com/rust-vmm/vfio-user?branch=main#6c72e997e61d9e84b8ee691ad63ece6c717cf5aa" +source = "git+https://github.com/rust-vmm/vfio-user?branch=main#a1f6e52829e069b6d698b2cfeecac742e4653186" dependencies = [ "bitflags 1.3.2", "libc", @@ -2370,9 +2375,9 @@ dependencies = [ [[package]] name = "vhost" -version = "0.9.0" +version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "289adfce099c71f8310f895932ccd978f352ca494ea47496dbe20d4241888b82" +checksum = "2b64e816d0d49769fbfaa1494eb77cc2a3ddc526ead05c7f922cb7d64106286f" dependencies = [ "bitflags 2.4.1", "libc", @@ -2382,9 +2387,9 @@ dependencies = [ [[package]] name = "vhost-user-backend" -version = "0.11.0" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61255322e3ebe93fb77d9f6d99577eca7089bbea4174076c5353a8024a463061" +checksum = "72c8c447d076ac508d78cb45664d203df7989e891656dce260a7e93d72352c9a" dependencies = [ "libc", "log", @@ -2474,9 +2479,9 @@ dependencies = [ [[package]] name = "virtio-queue" -version = "0.10.0" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "73a01db2cfb6c4b9bc20608b1336263d16714ea8db05de9fec2a254e076f9385" +checksum = "e3f69a13d6610db9312acbb438b0390362af905d37634a2106be70c0f734986d" dependencies = [ "log", "virtio-bindings", @@ -2513,9 +2518,9 @@ source = "git+https://github.com/rust-vmm/vm-fdt?branch=main#77212bd0d62913e445c [[package]] name = "vm-memory" -version = "0.13.1" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5376c9ee5ebe2103a310d8241936cfb93c946734b0479a4fa5bdf7a64abbacd8" +checksum = "74ffc42216c32c35f858fa4bfdcd9b61017dfd691e0240268fdc85dbf59e5459" dependencies = [ "arc-swap", "libc", @@ -2579,6 +2584,7 @@ dependencies = [ "option_parser", "pci", "range_map_vec", + "rate_limiter", "seccompiler", "serde", "serde_json", @@ -2605,9 +2611,9 @@ dependencies = [ [[package]] name = "vmm-sys-util" -version = "0.11.1" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd64fe09d8e880e600c324e7d664760a17f56e9672b7495a86381b49e4f72f46" +checksum = "1d1435039746e20da4f8d507a72ee1b916f7b4b05af7a91c093d2c6561934ede" dependencies = [ "bitflags 1.3.2", "libc", @@ -2657,7 +2663,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", "wasm-bindgen-shared", ] @@ -2679,7 +2685,7 @@ checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2740,6 +2746,15 @@ dependencies = [ ] [[package]] +name = "windows-sys" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +dependencies = [ + "windows-targets 0.52.0", +] + +[[package]] name = "windows-targets" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2770,6 +2785,21 @@ dependencies = [ ] [[package]] +name = "windows-targets" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a18201040b24831fbb9e4eb208f8892e1f50a37feb53cc7ff887feb8f50e7cd" +dependencies = [ + "windows_aarch64_gnullvm 0.52.0", + "windows_aarch64_msvc 0.52.0", + "windows_i686_gnu 0.52.0", + "windows_i686_msvc 0.52.0", + "windows_x86_64_gnu 0.52.0", + "windows_x86_64_gnullvm 0.52.0", + "windows_x86_64_msvc 0.52.0", +] + +[[package]] name = "windows_aarch64_gnullvm" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2782,6 +2812,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "91ae572e1b79dba883e0d315474df7305d12f569b400fcf90581b06062f7e1bc" [[package]] +name = "windows_aarch64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb7764e35d4db8a7921e09562a0304bf2f93e0a51bfccee0bd0bb0b666b015ea" + +[[package]] name = "windows_aarch64_msvc" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2794,6 +2830,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b2ef27e0d7bdfcfc7b868b317c1d32c641a6fe4629c171b8928c7b08d98d7cf3" [[package]] +name = "windows_aarch64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbaa0368d4f1d2aaefc55b6fcfee13f41544ddf36801e793edbbfd7d7df075ef" + +[[package]] name = "windows_i686_gnu" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2806,6 +2848,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "622a1962a7db830d6fd0a69683c80a18fda201879f0f447f065a3b7467daa241" [[package]] +name = "windows_i686_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a28637cb1fa3560a16915793afb20081aba2c92ee8af57b4d5f28e4b3e7df313" + +[[package]] name = "windows_i686_msvc" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2818,6 +2866,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4542c6e364ce21bf45d69fdd2a8e455fa38d316158cfd43b3ac1c5b1b19f8e00" [[package]] +name = "windows_i686_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffe5e8e31046ce6230cc7215707b816e339ff4d4d67c65dffa206fd0f7aa7b9a" + +[[package]] name = "windows_x86_64_gnu" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2830,6 +2884,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ca2b8a661f7628cbd23440e50b05d705db3686f894fc9580820623656af974b1" [[package]] +name = "windows_x86_64_gnu" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" + +[[package]] name = "windows_x86_64_gnullvm" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2842,6 +2902,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7896dbc1f41e08872e9d5e8f8baa8fdd2677f29468c4e156210174edc7f7b953" [[package]] +name = "windows_x86_64_gnullvm" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a657e1e9d3f514745a572a6846d3c7aa7dbe1658c056ed9c3344c4109a6949e" + +[[package]] name = "windows_x86_64_msvc" version = "0.42.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2854,10 +2920,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" [[package]] +name = "windows_x86_64_msvc" +version = "0.52.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" + +[[package]] name = "winnow" -version = "0.5.18" +version = "0.5.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "176b6138793677221d420fd2f0aeeced263f197688b36484660da767bca2fa32" +checksum = "5389a154b01683d28c77f8f68f49dea75f0a4da32557a58f68ee51ebba472d29" dependencies = [ "memchr", ] @@ -2940,9 +3012,9 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.7.21" +version = "0.7.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "686b7e407015242119c33dab17b8f61ba6843534de936d94368856528eae4dcc" +checksum = "74d4d3961e53fa4c9a25a8637fc2bfaf2595b3d3ae34875568a5cf64787716be" dependencies = [ "byteorder", "zerocopy-derive", @@ -2950,13 +3022,13 @@ dependencies = [ [[package]] name = "zerocopy-derive" -version = "0.7.21" +version = "0.7.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "020f3dfe25dfc38dfea49ce62d5d45ecdd7f0d8a724fa63eb36b6eba4ec76806" +checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.48", ] [[package]] diff --git a/pkgs/applications/virtualization/cloud-hypervisor/default.nix b/pkgs/applications/virtualization/cloud-hypervisor/default.nix index 8c0d6e9e1c1b..44bbdcd66313 100644 --- a/pkgs/applications/virtualization/cloud-hypervisor/default.nix +++ b/pkgs/applications/virtualization/cloud-hypervisor/default.nix @@ -2,27 +2,26 @@ rustPlatform.buildRustPackage rec { pname = "cloud-hypervisor"; - version = "37.0"; + version = "38.0"; src = fetchFromGitHub { owner = "cloud-hypervisor"; repo = pname; rev = "v${version}"; - hash = "sha256-zNk3KkKl0bEZUdsWe+9FEMKVepZeQWGasDIn68NEVyw="; + hash = "sha256-Lhug7DCa+QutlvksL6EFQa04UK/sWebDIkqQmwPUpX4="; }; cargoLock = { lockFile = ./Cargo.lock; outputHashes = { - "acpi_tables-0.1.0" = "sha256-FYjzwCSjuTUDCCQPC2ccDpwRRaG1eT5XgV/b8uSu8uc="; + "acpi_tables-0.1.0" = "sha256-syDq+db1hTne6QoP0vMGUv4tB0J9arQG2Ea2hHW1k3M="; "igvm-0.1.0" = "sha256-l+Qyhdy3b8h8hPLHg5M0os8aSkjM55hAP5nqi0AGmjo="; - "kvm-bindings-0.6.0" = "sha256-wGdAuPwsgRIqx9dh0m+hC9A/Akz9qg9BM+p06Fi5ACM="; - "kvm-ioctls-0.13.0" = "sha256-jHnFGwBWnAa2lRu4a5eRNy1Y26NX5MV8alJ86VR++QE="; - "micro_http-0.1.0" = "sha256-Ov75Gs+wSmsxOHJu024nWtOJp0cKpS8bkxJJGW6jiKw="; - "mshv-bindings-0.1.1" = "sha256-4ADpLvi9hmHsMyGtqDQ2Msa3aMZmJsi4BPW7B5ZfAMw="; - "versionize_derive-0.1.4" = "sha256-oGuREJ5+FDs8ihmv99WmjIPpL2oPdOr4REk6+7cV/7o="; - "vfio-bindings-0.4.0" = "sha256-grOV+7W1tB4YDRAFbDNQp5nQ1WaivH+N+qHTIj4WA+E="; - "vfio_user-0.1.0" = "sha256-Vi6dBu1mUwyWh7ryKDOBS6GeUD2sqqIrt/bth/LDW6s="; + "kvm-bindings-0.7.0" = "sha256-hXv5N3TTwGQaVxdQ/DTzLt+uwLxFnstJwNhxRD2K8TM="; + "micro_http-0.1.0" = "sha256-gyeOop6AMXEIbLXhJMN/oYGGU8Un8Y0nFZc9ucCa0y4="; + "mshv-bindings-0.1.1" = "sha256-yWvkpOcW3lV47s+rWnN4Bki8tt8CkiPVZ0I36nrWMi4="; + "versionize_derive-0.1.6" = "sha256-eI9fM8WnEBZvskPhU67IWeN6QAPg2u5EBT+AOxfb/fY="; + "vfio-bindings-0.4.0" = "sha256-Dk4T2dMzPZ+Aoq1YSXX2z1Nky8zvyDl7b+A8NH57Hkc="; + "vfio_user-0.1.0" = "sha256-LJ84k9pMkSAaWkuaUd+2LnPXnNgrP5LdbPOc1Yjz5xA="; "vm-fdt-0.2.0" = "sha256-lKW4ZUraHomSDyxgNlD5qTaBTZqM0Fwhhh/08yhrjyE="; }; }; diff --git a/pkgs/applications/virtualization/cri-o/default.nix b/pkgs/applications/virtualization/cri-o/default.nix index edf4f1f60d4a..50e49fd192ac 100644 --- a/pkgs/applications/virtualization/cri-o/default.nix +++ b/pkgs/applications/virtualization/cri-o/default.nix @@ -15,13 +15,13 @@ buildGoModule rec { pname = "cri-o"; - version = "1.29.1"; + version = "1.29.2"; src = fetchFromGitHub { owner = "cri-o"; repo = "cri-o"; rev = "v${version}"; - sha256 = "sha256-RL4JkEJMVduG06udIVlVdr+bj9wIGbun3rpeTCUehhk="; + hash = "sha256-il28u2+Jv2gh6XqRV4y6u0FDZ4flmcp+bOj9aibL+ro="; }; vendorHash = null; diff --git a/pkgs/applications/virtualization/crosvm/default.nix b/pkgs/applications/virtualization/crosvm/default.nix index 95cada54296a..3e70bd390e16 100644 --- a/pkgs/applications/virtualization/crosvm/default.nix +++ b/pkgs/applications/virtualization/crosvm/default.nix @@ -1,32 +1,22 @@ -{ lib, rustPlatform, fetchgit, fetchpatch +{ lib, rustPlatform, fetchgit , pkg-config, protobuf, python3, wayland-scanner , libcap, libdrm, libepoxy, minijail, virglrenderer, wayland, wayland-protocols }: rustPlatform.buildRustPackage rec { pname = "crosvm"; - version = "120.0"; + version = "121.3"; src = fetchgit { url = "https://chromium.googlesource.com/chromiumos/platform/crosvm"; - rev = "0a9d1cb8be29e49c355ea8b18cd58506dbbaf6e5"; - sha256 = "BbCcsxJU25VgWVday4rGPXaJSuAWebNGo3MiYPIBBto="; + rev = "1e7125327a29b7b7a0593caf339d382728c55cf6"; + sha256 = "Rjs46TtOhFZxqnEyqa4IyrRs7HnDZ/DJZ9DPEe7Oux0="; fetchSubmodules = true; }; - patches = [ - (fetchpatch { - name = "test-page-size-fix.patch"; - url = "https://chromium.googlesource.com/crosvm/crosvm/+/d9bc6e99ff5ac31d7d88b684c938af01a0872fc1%5E%21/?format=TEXT"; - decode = "base64 -d"; - includes = [ "src/crosvm/config.rs" ]; - hash = "sha256-3gfNzp0WhtNr+8CWSISCJau208EMIo3RJhM+4SyeV3o="; - }) - ]; - separateDebugInfo = true; - cargoHash = "sha256-YXfKZeRL3gfWztf36lVNbCCwUqW+0w3q7X7v0arCrvk="; + cargoHash = "sha256-7nfeg/q8baLvB0CoRWKU60TRfLAaRkeRxGojPvKpOLs="; nativeBuildInputs = [ pkg-config protobuf python3 rustPlatform.bindgenHook wayland-scanner diff --git a/pkgs/applications/virtualization/crun/default.nix b/pkgs/applications/virtualization/crun/default.nix index 336321d09a20..a17a115c2c59 100644 --- a/pkgs/applications/virtualization/crun/default.nix +++ b/pkgs/applications/virtualization/crun/default.nix @@ -39,13 +39,13 @@ let in stdenv.mkDerivation rec { pname = "crun"; - version = "1.14.1"; + version = "1.14.4"; src = fetchFromGitHub { owner = "containers"; repo = pname; rev = version; - hash = "sha256-IEfHww+kAPKcTe5bWM+YuDe6PHlSdZQVEunlBMQ29Ic="; + hash = "sha256-f+cG9800QKZH4+9ie97TmTbQlpLXe+z+47ptP+HgIgs="; fetchSubmodules = true; }; diff --git a/pkgs/applications/virtualization/ddev/default.nix b/pkgs/applications/virtualization/ddev/default.nix index 3709b8dbd901..cf4a13dee031 100644 --- a/pkgs/applications/virtualization/ddev/default.nix +++ b/pkgs/applications/virtualization/ddev/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "ddev"; - version = "1.22.6"; + version = "1.22.7"; src = fetchFromGitHub { owner = "ddev"; repo = "ddev"; rev = "v${version}"; - hash = "sha256-i+uubmCQwJALt7YRuANpEN2AAn9i6880MaXkayIZ82g="; + hash = "sha256-bFQW12VzH+/OXTRBavEdfxnGowJt5TKM3r0UD64ALVs="; }; vendorHash = null; diff --git a/pkgs/applications/virtualization/docker/buildx.nix b/pkgs/applications/virtualization/docker/buildx.nix index 24e2d5113cfa..000bb6ee4bcd 100644 --- a/pkgs/applications/virtualization/docker/buildx.nix +++ b/pkgs/applications/virtualization/docker/buildx.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "docker-buildx"; - version = "0.12.1"; + version = "0.13.0"; src = fetchFromGitHub { owner = "docker"; repo = "buildx"; rev = "v${version}"; - hash = "sha256-QC2mlJWjOtqYAB+YrL+s2FsJ79LuLFZGOgSVGL6WmX8="; + hash = "sha256-R4+MVC8G4wNwjZtBnLFq+TBiesUYACg9c5y2CUcqHHQ="; }; doCheck = false; diff --git a/pkgs/applications/virtualization/docker/compose.nix b/pkgs/applications/virtualization/docker/compose.nix index f6f2e5f5a843..e3f0ec1b97bd 100644 --- a/pkgs/applications/virtualization/docker/compose.nix +++ b/pkgs/applications/virtualization/docker/compose.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "docker-compose"; - version = "2.24.5"; + version = "2.24.6"; src = fetchFromGitHub { owner = "docker"; repo = "compose"; rev = "v${version}"; - hash = "sha256-mn6HkGLQM5kx6yzV4IK+GTV6pCoIm1CNjQ8AZLv3sMw="; + hash = "sha256-CrQM9fTXGI3uGAk2yk/+enBr9LuMhNFLFBYHT78lNWc="; }; postPatch = '' @@ -16,7 +16,7 @@ buildGoModule rec { rm -rf e2e/ ''; - vendorHash = "sha256-KR+4OZKabshnGpkPq8vtEutvQUE+3jVwAlfAwFVlscU="; + vendorHash = "sha256-0YZ36fouuVjj12a7d9F8OkJAmtLIHo0bZhcmOYO5Ki4="; ldflags = [ "-X github.com/docker/compose/v2/internal.Version=${version}" "-s" "-w" ]; diff --git a/pkgs/applications/virtualization/docker/default.nix b/pkgs/applications/virtualization/docker/default.nix index 561066bfa12a..9b6bb0a48be3 100644 --- a/pkgs/applications/virtualization/docker/default.nix +++ b/pkgs/applications/virtualization/docker/default.nix @@ -120,7 +120,7 @@ rec { ]; postPatch = '' - patchShebangs hack/make.sh hack/make/ + patchShebangs hack/make.sh hack/make/ hack/with-go-mod.sh ''; buildPhase = '' @@ -272,7 +272,7 @@ rec { To enable the docker daemon on NixOS, set the `virtualisation.docker.enable` option to `true`. ''; license = licenses.asl20; - maintainers = with maintainers; [ offline vdemeester periklis amaxine ]; + maintainers = with maintainers; [ offline vdemeester periklis ]; mainProgram = "docker"; }; }); @@ -306,4 +306,18 @@ rec { tiniRev = "v0.19.0"; tiniHash = "sha256-ZDKu/8yE5G0RYFJdhgmCdN3obJNyRWv6K/Gd17zc1sI="; }; + + docker_25 = callPackage dockerGen rec { + version = "25.0.3"; + cliRev = "v${version}"; + cliHash = "sha256-Jvb0plV1O/UzrcpzN4zH5OulmTVF+p9UQQQ9xqkiObQ="; + mobyRev = "v${version}"; + mobyHash = "sha256-cDlRVdQNzH/X2SJUYHK1QLUHlKQtSyRYCVbz3wPx1ZM="; + runcRev = "v1.1.12"; + runcHash = "sha256-N77CU5XiGYIdwQNPFyluXjseTeaYuNJ//OsEUS0g/v0="; + containerdRev = "v1.7.13"; + containerdHash = "sha256-y3CYDZbA2QjIn1vyq/p1F1pAVxQHi/0a6hGWZCRWzyk="; + tiniRev = "v0.19.0"; + tiniHash = "sha256-ZDKu/8yE5G0RYFJdhgmCdN3obJNyRWv6K/Gd17zc1sI="; + }; } diff --git a/pkgs/applications/virtualization/firecracker/default.nix b/pkgs/applications/virtualization/firecracker/default.nix index ee95b55a0b90..d9bab2169623 100644 --- a/pkgs/applications/virtualization/firecracker/default.nix +++ b/pkgs/applications/virtualization/firecracker/default.nix @@ -1,7 +1,7 @@ { fetchurl, lib, stdenv }: let - version = "1.5.0"; + version = "1.6.0"; # nixpkgs-update: no auto update suffix = { @@ -23,8 +23,8 @@ stdenv.mkDerivation { sourceRoot = "."; src = dlbin { - x86_64-linux = "sha256-TzNPWcLDKOv12eJ9PHckdJ7tfdlozPoXj2fbdOzHfAk="; - aarch64-linux = "sha256-cHNMfcoHCBw+BnWx9USny8jyvH97gXCCJW1aKvPXgCs="; + x86_64-linux = "sha256-FflAYvWTcigIchVrAaUgg6IRleEtis6eh6fCqrZ5lb8="; + aarch64-linux = "sha256-4O0kPMl7RbMjszUNql0OQrl/4or/e8ZCHPngqq0CNxk="; }; dontConfigure = true; @@ -54,6 +54,6 @@ stdenv.mkDerivation { mainProgram = "firecracker"; license = licenses.asl20; platforms = [ "x86_64-linux" "aarch64-linux" ]; - maintainers = with maintainers; [ thoughtpolice endocrimes ]; + maintainers = with maintainers; [ thoughtpolice endocrimes qjoly ]; }; } diff --git a/pkgs/applications/virtualization/lima/bin.nix b/pkgs/applications/virtualization/lima/bin.nix index 2080ac1e7876..e02d41f4ddc3 100644 --- a/pkgs/applications/virtualization/lima/bin.nix +++ b/pkgs/applications/virtualization/lima/bin.nix @@ -9,31 +9,31 @@ }: let - version = "0.19.1"; + version = "0.20.1"; dist = { aarch64-darwin = rec { archSuffix = "Darwin-arm64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "0dfcf3a39782baf1c2ea43cf026f8df0321c671d914c105fbb78de507aa8bda4"; + sha256 = "a561a457d3620965e017fc750805dd2fb99db1c21b2f14e8f044dfaa042de76f"; }; x86_64-darwin = rec { archSuffix = "Darwin-x86_64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "ac8827479f66ef1b288b31f164b22f6433faa14c44ce5bbebe09e6e913582479"; + sha256 = "c57d2b317e5488c96b642b05146146a5ec94d0407cccba0f31401f52824d404d"; }; aarch64-linux = rec { archSuffix = "Linux-aarch64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "c55e57ddbefd9988d0f3676bb873bcc6e0f7b3c3d47a1f07599ee151c5198d96"; + sha256 = "1d93b5fc0bde1369fce3029c917934ef57514fa23a715f8fb7fb333c1db9ec41"; }; x86_64-linux = rec { archSuffix = "Linux-x86_64"; url = "https://github.com/lima-vm/lima/releases/download/v${version}/lima-${version}-${archSuffix}.tar.gz"; - sha256 = "7d18b1716aae14bf98d6ea93a703e8877b0c3142f7ba2e87401d47d5d0fe3ff1"; + sha256 = "e7093ca1889d2dab436d9f0e6b53d65336f75cf8ebd54f583085eca462a1fc4b"; }; }; in diff --git a/pkgs/applications/virtualization/lima/default.nix b/pkgs/applications/virtualization/lima/default.nix index 53c6eb55d564..ae6e6d19ee79 100644 --- a/pkgs/applications/virtualization/lima/default.nix +++ b/pkgs/applications/virtualization/lima/default.nix @@ -11,16 +11,16 @@ buildGoModule rec { pname = "lima"; - version = "0.19.1"; + version = "0.20.1"; src = fetchFromGitHub { owner = "lima-vm"; repo = pname; rev = "v${version}"; - sha256 = "sha256-0EKVWXNxOnz7j+f1ExkwQW69khhazj2Uz7RBAvwSjmQ="; + sha256 = "sha256-MeTFATaAGRSaUXmC1fv9/gMFWafvkteKVJS6MHaqt8A="; }; - vendorHash = "sha256-SfN4gj5nC9TEVD7aogsUv1um5w5Hvdy1eOSSNjGmnEw="; + vendorHash = "sha256-wd7YiEo4Gy2kHF7aCRoNGlbOQUxqQnKqP3znzMqS2PI="; nativeBuildInputs = [ makeWrapper installShellFiles ] ++ lib.optionals stdenv.isDarwin [ xcbuild.xcrun sigtool ]; diff --git a/pkgs/applications/virtualization/nixpacks/default.nix b/pkgs/applications/virtualization/nixpacks/default.nix index 97ad009bb80d..acf7456c76ab 100644 --- a/pkgs/applications/virtualization/nixpacks/default.nix +++ b/pkgs/applications/virtualization/nixpacks/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "nixpacks"; - version = "1.21.0"; + version = "1.21.2"; src = fetchFromGitHub { owner = "railwayapp"; repo = pname; rev = "v${version}"; - sha256 = "sha256-S7Kgp1KNp8GTGp+Go7pUdRJTZLxFsOYfmgcaRBQfeHA="; + sha256 = "sha256-GY5fwmwr2FAJB9SjTaghlC4GD6ECnect21VInTXseRE="; }; - cargoHash = "sha256-5Q5ZUSPI+BQj/2nIx6RsshJQPPoZO4EX07b1rzvXlyU="; + cargoHash = "sha256-kXfNWAloMwpykv6zJS5g6ng8RGn+NBNgYJmUg/I7dBg="; # skip test due FHS dependency doCheck = false; diff --git a/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix b/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix deleted file mode 100644 index 7d0ecfab53e7..000000000000 --- a/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix +++ /dev/null @@ -1,111 +0,0 @@ -{ lib -, glibc -, fetchFromGitLab -, makeWrapper -, buildGoModule -, linkFarm -, writeShellScript -, formats -, containerRuntimePath -, configTemplate -, configTemplatePath ? null -, libnvidia-container -}: - -assert configTemplate != null -> (lib.isAttrs configTemplate && configTemplatePath == null); -assert configTemplatePath != null -> (lib.isStringLike configTemplatePath && configTemplate == null); - -let - isolatedContainerRuntimePath = linkFarm "isolated_container_runtime_path" [ - { - name = "runc"; - path = containerRuntimePath; - } - ]; - warnIfXdgConfigHomeIsSet = writeShellScript "warn_if_xdg_config_home_is_set" '' - set -eo pipefail - - if [ -n "$XDG_CONFIG_HOME" ]; then - echo >&2 "$(tput setaf 3)warning: \$XDG_CONFIG_HOME=$XDG_CONFIG_HOME$(tput sgr 0)" - fi - ''; - - configToml = if configTemplatePath != null then configTemplatePath else (formats.toml { }).generate "config.toml" configTemplate; -in -buildGoModule rec { - pname = "container-toolkit/container-toolkit"; - version = "1.9.0"; - - src = fetchFromGitLab { - owner = "nvidia"; - repo = pname; - rev = "v${version}"; - hash = "sha256-b4mybNB5FqizFTraByHk5SCsNO66JaISj18nLgLN7IA="; - }; - - vendorHash = null; - - postPatch = '' - # replace the default hookDefaultFilePath to the $out path - substituteInPlace cmd/nvidia-container-runtime/main.go \ - --replace '/usr/bin/nvidia-container-runtime-hook' '${placeholder "out"}/bin/nvidia-container-runtime-hook' - ''; - - ldflags = [ "-s" "-w" ]; - - nativeBuildInputs = [ makeWrapper ]; - - preConfigure = '' - # Ensure the runc symlink isn't broken: - if ! readlink --quiet --canonicalize-existing "${isolatedContainerRuntimePath}/runc" ; then - echo "${isolatedContainerRuntimePath}/runc: broken symlink" >&2 - exit 1 - fi - ''; - - checkFlags = - let - skippedTests = [ - # Disable tests executing nvidia-container-runtime command. - "TestGoodInput" - "TestDuplicateHook" - ]; - in - [ "-skip" "${builtins.concatStringsSep "|" skippedTests}" ]; - - postInstall = '' - mkdir -p $out/etc/nvidia-container-runtime - - # nvidia-container-runtime invokes docker-runc or runc if that isn't - # available on PATH. - # - # Also set XDG_CONFIG_HOME if it isn't already to allow overriding - # configuration. This in turn allows users to have the nvidia container - # runtime enabled for any number of higher level runtimes like docker and - # podman, i.e., there's no need to have mutually exclusivity on what high - # level runtime can enable the nvidia runtime because each high level - # runtime has its own config.toml file. - wrapProgram $out/bin/nvidia-container-runtime \ - --run "${warnIfXdgConfigHomeIsSet}" \ - --prefix PATH : ${isolatedContainerRuntimePath}:${libnvidia-container}/bin \ - --set-default XDG_CONFIG_HOME $out/etc - - cp ${configToml} $out/etc/nvidia-container-runtime/config.toml - - substituteInPlace $out/etc/nvidia-container-runtime/config.toml \ - --subst-var-by glibcbin ${lib.getBin glibc} - - ln -s $out/bin/nvidia-container-{toolkit,runtime-hook} - - wrapProgram $out/bin/nvidia-container-toolkit \ - --add-flags "-config ${placeholder "out"}/etc/nvidia-container-runtime/config.toml" - ''; - - meta = with lib; { - homepage = "https://gitlab.com/nvidia/container-toolkit/container-toolkit"; - description = "NVIDIA Container Toolkit"; - license = licenses.asl20; - platforms = platforms.linux; - maintainers = with maintainers; [ cpcloud ]; - }; -} diff --git a/pkgs/applications/virtualization/nvidia-container-toolkit/packages.nix b/pkgs/applications/virtualization/nvidia-container-toolkit/packages.nix deleted file mode 100644 index 0ce76d5aed31..000000000000 --- a/pkgs/applications/virtualization/nvidia-container-toolkit/packages.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ - lib, - newScope, - docker, - libnvidia-container, - runc, - symlinkJoin, -}: - -# Note this scope isn't recursed into, at the time of writing. -lib.makeScope newScope ( - self: { - - # The config is only exposed as an attrset so that the user may reach the - # deafult values, for inspectability purposes. - dockerConfig = { - disable-require = false; - #swarm-resource = "DOCKER_RESOURCE_GPU" - - nvidia-container-cli = { - #root = "/run/nvidia/driver"; - #path = "/usr/bin/nvidia-container-cli"; - environment = [ ]; - #debug = "/var/log/nvidia-container-runtime-hook.log"; - ldcache = "/tmp/ld.so.cache"; - load-kmods = true; - #no-cgroups = false; - #user = "root:video"; - ldconfig = "@@glibcbin@/bin/ldconfig"; - }; - }; - nvidia-container-toolkit-docker = self.callPackage ./. { - containerRuntimePath = "${docker}/libexec/docker/docker"; - configTemplate = self.dockerConfig; - }; - - podmanConfig = { - disable-require = true; - #swarm-resource = "DOCKER_RESOURCE_GPU"; - - nvidia-container-cli = { - #root = "/run/nvidia/driver"; - #path = "/usr/bin/nvidia-container-cli"; - environment = [ ]; - #debug = "/var/log/nvidia-container-runtime-hook.log"; - ldcache = "/tmp/ld.so.cache"; - load-kmods = true; - no-cgroups = true; - #user = "root:video"; - ldconfig = "@@glibcbin@/bin/ldconfig"; - }; - }; - nvidia-container-toolkit-podman = self.nvidia-container-toolkit-docker.override { - containerRuntimePath = lib.getExe runc; - - configTemplate = self.podmanConfig; - }; - - nvidia-docker = symlinkJoin { - name = "nvidia-docker"; - paths = [ - libnvidia-container - self.nvidia-docker-unwrapped - self.nvidia-container-toolkit-docker - ]; - inherit (self.nvidia-docker-unwrapped) meta; - }; - nvidia-docker-unwrapped = self.callPackage ../nvidia-docker { }; - - nvidia-podman = symlinkJoin { - name = "nvidia-podman"; - paths = [ - libnvidia-container - self.nvidia-container-toolkit-podman - ]; - inherit (self.nvidia-container-toolkit-podman) meta; - }; - } -) diff --git a/pkgs/applications/virtualization/nvidia-docker/default.nix b/pkgs/applications/virtualization/nvidia-docker/default.nix deleted file mode 100644 index 07dfc3fdb6dc..000000000000 --- a/pkgs/applications/virtualization/nvidia-docker/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ stdenv, lib, fetchFromGitHub, callPackage }: -stdenv.mkDerivation rec { - pname = "nvidia-docker"; - version = "2.5.0"; - - src = fetchFromGitHub { - owner = "NVIDIA"; - repo = pname; - rev = "v${version}"; - sha256 = "1n1k7fnimky67s12p2ycaq9mgk245fchq62vgd7bl3bzfcbg0z4h"; - }; - - buildPhase = '' - mkdir bin - - cp nvidia-docker bin - substituteInPlace bin/nvidia-docker --subst-var-by VERSION ${version} - ''; - - installPhase = '' - mkdir -p $out/bin - cp bin/nvidia-docker $out/bin - ''; - - meta = with lib; { - homepage = "https://github.com/NVIDIA/nvidia-docker"; - description = "NVIDIA container runtime for Docker"; - license = licenses.bsd3; - platforms = platforms.linux; - maintainers = with maintainers; [ cpcloud ]; - }; -} diff --git a/pkgs/applications/virtualization/podman/default.nix b/pkgs/applications/virtualization/podman/default.nix index b66aa7681bc7..30a259d12540 100644 --- a/pkgs/applications/virtualization/podman/default.nix +++ b/pkgs/applications/virtualization/podman/default.nix @@ -62,13 +62,13 @@ let in buildGoModule rec { pname = "podman"; - version = "4.9.2"; + version = "4.9.3"; src = fetchFromGitHub { owner = "containers"; repo = "podman"; rev = "v${version}"; - hash = "sha256-6E6Qobkvv6y+Jx+X6Z9wJsGIuP7MXoc+cXRiajj0ojw="; + hash = "sha256-PdAXcXtc/Jl3ttWWB6TciiOwWescJ51Glhf2ZhOw550="; }; patches = [ diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix index f241a553f864..e7da99d561f6 100644 --- a/pkgs/applications/virtualization/qemu/default.nix +++ b/pkgs/applications/virtualization/qemu/default.nix @@ -55,11 +55,11 @@ stdenv.mkDerivation (finalAttrs: { + lib.optionalString hostCpuOnly "-host-cpu-only" + lib.optionalString nixosTestRunner "-for-vm-tests" + lib.optionalString toolsOnly "-utils"; - version = "8.2.1"; + version = "8.2.2"; src = fetchurl { url = "https://download.qemu.org/qemu-${finalAttrs.version}.tar.xz"; - hash = "sha256-hWJ1EVgXX50YfF8itXVVq+PIcPAyXIztEsNMbZh3Kb4="; + hash = "sha256-hHNGwbgsGlSyw49u29hVSe3rF0MLfU09oSYg4pYrxPM="; }; depsBuildBuild = [ buildPackages.stdenv.cc ] diff --git a/pkgs/applications/virtualization/spike/default.nix b/pkgs/applications/virtualization/spike/default.nix index df967339f8f0..29597860ecc7 100644 --- a/pkgs/applications/virtualization/spike/default.nix +++ b/pkgs/applications/virtualization/spike/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, dtc, pkgsCross }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, dtc, pkgsCross }: stdenv.mkDerivation rec { pname = "spike"; @@ -11,6 +11,14 @@ stdenv.mkDerivation rec { sha256 = "sha256-4D2Fezej0ioOOupw3kgMT5VLs+/jXQjwvek6v0AVMzI="; }; + patches = [ + (fetchpatch { + name = "fesvr-fix-compilation-with-gcc-13.patch"; + url = "https://github.com/riscv-software-src/riscv-isa-sim/commit/0a7bb5403d0290cea8b2356179d92e4c61ffd51d.patch"; + hash = "sha256-JUMTbGawvLkoOWKkruzLzUFQytVR3wqTlGu/eegRFEE="; + }) + ]; + nativeBuildInputs = [ dtc ]; enableParallelBuilding = true; diff --git a/pkgs/applications/virtualization/tart/default.nix b/pkgs/applications/virtualization/tart/default.nix index 29f84ba691d7..fd46baba6fce 100644 --- a/pkgs/applications/virtualization/tart/default.nix +++ b/pkgs/applications/virtualization/tart/default.nix @@ -10,11 +10,11 @@ }: stdenvNoCC.mkDerivation (finalAttrs: { pname = "tart"; - version = "2.4.3"; + version = "2.6.0"; src = fetchurl { - url = "https://github.com/cirruslabs/tart/releases/download/${finalAttrs.version}/tart.tar.gz"; - sha256 = "sha256-cXisvF+W/Uxe3Q0ZRhkvF13UWXxbsIQSzG172lzwruo="; + url = "https://github.com/cirruslabs/tart/releases/download/${finalAttrs.version}/tart-arm64.tar.gz"; + hash = "sha256-QtVqgmjYpLAhFibW1DIVWNYiOjHB1X/YY6zRVB+1soA="; }; sourceRoot = "."; diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix index ca3d15db0fea..f226a32596d3 100644 --- a/pkgs/applications/virtualization/virtualbox/default.nix +++ b/pkgs/applications/virtualization/virtualbox/default.nix @@ -1,4 +1,4 @@ -{ config, stdenv, fetchurl, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook +{ config, stdenv, fetchurl, fetchpatch, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook , libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL2, libcap, libGL, libGLU , libpng, glib, lvm2, libXrandr, libXinerama, libopus, libtpms, qtbase, qtx11extras , qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43 @@ -17,26 +17,34 @@ , headless ? false , enable32bitGuests ? true , enableWebService ? false +, enableKvm ? false , extraConfigureFlags ? "" }: +# See https://github.com/cyberus-technology/virtualbox-kvm/issues/12 +assert enableKvm -> !enableHardening; + with lib; let buildType = "release"; # Use maintainers/scripts/update.nix to update the version and all related hashes or # change the hashes in extpack.nix and guest-additions/default.nix as well manually. - version = "7.0.12"; + version = "7.0.14"; + + # The KVM build is not compatible to VirtualBox's kernel modules. So don't export + # modsrc at all. + withModsrc = !enableKvm; in stdenv.mkDerivation { pname = "virtualbox"; inherit version; src = fetchurl { url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2"; - sha256 = "d76634c6ccf62503726a5aeae6c78a3462474c51a0ebe4942591ccc2d939890a"; + sha256 = "45860d834804a24a163c1bb264a6b1cb802a5bc7ce7e01128072f8d6a4617ca9"; }; - outputs = [ "out" "modsrc" ]; + outputs = [ "out" ] ++ optional withModsrc "modsrc"; nativeBuildInputs = [ pkg-config which docbook_xsl docbook_xml_dtd_43 yasm glslang ] ++ optional (!headless) wrapQtAppsHook; @@ -85,7 +93,13 @@ in stdenv.mkDerivation { patches = optional enableHardening ./hardened.patch # Since VirtualBox 7.0.8, VBoxSDL requires SDL2, but the build framework uses SDL1 - ++ optional (!headless) ./fix-sdl.patch + ++ optionals (!headless) [ ./fix-sdl.patch + # No update patch disables check for update function + # https://bugs.launchpad.net/ubuntu/+source/virtualbox-ose/+bug/272212 + (fetchpatch { + url = "https://salsa.debian.org/pkg-virtualbox-team/virtualbox/-/raw/debian/${version}-dfsg-1/debian/patches/16-no-update.patch"; + hash = "sha256-UJHpuB6QB/BbxJorlqZXUF12lgq8gbLMRHRMsbyqRpY="; + })] ++ [ ./extra_symbols.patch ] # When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees # the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH. @@ -97,7 +111,17 @@ in stdenv.mkDerivation { ++ optional (!headless && enableHardening) (substituteAll { src = ./qt-env-vars.patch; qtPluginPath = "${qtbase.bin}/${qtbase.qtPluginPrefix}:${qtsvg.bin}/${qtbase.qtPluginPrefix}:${qtwayland.bin}/${qtbase.qtPluginPrefix}"; - }) + }) + # While the KVM patch should not break any other behavior if --with-kvm is not specified, + # we don't take any chances and only apply it if people actually want to use KVM support. + ++ optional enableKvm (fetchpatch + (let + patchVersion = "20240226"; + in { + name = "virtualbox-${version}-kvm-dev-${patchVersion}.patch"; + url = "https://github.com/cyberus-technology/virtualbox-kvm/releases/download/dev-${patchVersion}/virtualbox-${version}-kvm-dev-${patchVersion}.patch"; + hash = "sha256-3YT1ZN/TwoNWNb2eqOcPF8GTrVGfOPaPb8vpGoPNISY="; + })) ++ [ ./qt-dependency-paths.patch # https://github.com/NixOS/nixpkgs/issues/123851 @@ -159,6 +183,7 @@ in stdenv.mkDerivation { ${optionalString (!enable32bitGuests) "--disable-vmmraw"} \ ${optionalString enableWebService "--enable-webservice"} \ ${optionalString (open-watcom-bin != null) "--with-ow-dir=${open-watcom-bin}"} \ + ${optionalString (enableKvm) "--with-kvm"} \ ${extraConfigureFlags} \ --disable-kmods sed -e 's@PKG_CONFIG_PATH=.*@PKG_CONFIG_PATH=${libIDL}/lib/pkgconfig:${glib.dev}/lib/pkgconfig ${libIDL}/bin/libIDL-config-2@' \ @@ -214,9 +239,13 @@ in stdenv.mkDerivation { mkdir -p $out/share/icons/hicolor/$size/apps ln -s $libexec/icons/$size/*.png $out/share/icons/hicolor/$size/apps done + # Translation + ln -sv $libexec/nls "$out/share/virtualbox" ''} - cp -rv out/linux.*/${buildType}/bin/src "$modsrc" + ${optionalString withModsrc '' + cp -rv out/linux.*/${buildType}/bin/src "$modsrc" + ''} mkdir -p "$out/share/virtualbox" cp -rv src/VBox/Main/UnattendedTemplates "$out/share/virtualbox" diff --git a/pkgs/applications/virtualization/virtualbox/extpack.nix b/pkgs/applications/virtualization/virtualbox/extpack.nix index c7057c2de76c..1831d42a129e 100644 --- a/pkgs/applications/virtualization/virtualbox/extpack.nix +++ b/pkgs/applications/virtualization/virtualbox/extpack.nix @@ -12,7 +12,7 @@ fetchurl rec { # Manually sha256sum the extensionPack file, must be hex! # Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`. # Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS - let value = "dbf7ce39e5c021d420fc6b2045b084a68fc5172937192bd70c3207efa786278d"; + let value = "42cb36fbf439a9ed28c95d2bbc718a0eac902225eb579c884c549af2e94be633"; in assert (builtins.stringLength value) == 64; value; meta = { diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix index 3d6fc0a64c00..6f9e3cab4f59 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix @@ -23,7 +23,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso"; - sha256 = "b37f6aabe5a32e8b96ccca01f37fb49f4fd06674f1b29bc8fe0f423ead37b917"; + sha256 = "0efbcb9bf4722cb19292ae00eba29587432e918d3b1f70905deb70f7cf78e8ce"; }; KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; diff --git a/pkgs/applications/virtualization/xen/4.15.nix b/pkgs/applications/virtualization/xen/4.15.nix index 5cc81fc0ab85..d4905088ae1e 100644 --- a/pkgs/applications/virtualization/xen/4.15.nix +++ b/pkgs/applications/virtualization/xen/4.15.nix @@ -125,7 +125,7 @@ callPackage (import ./generic.nix (rec { ++ optional (withSeabios) "--with-system-seabios=${seabios}/share/seabios" ++ optional (!withInternalSeabios && !withSeabios) "--disable-seabios" - ++ optional (withOVMF) "--with-system-ovmf=${OVMF.fd}/FV/OVMF.fd" + ++ optional (withOVMF) "--with-system-ovmf=${OVMF.firmware}" ++ optional (withInternalOVMF) "--enable-ovmf"; NIX_CFLAGS_COMPILE = toString [ |