cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
nixpkgs/pkgs/applications/virtualization/virtualbox/default.nix
Yarny0 0ad873b44b virtualbox: update patch linux-5.18 -> linux-5.19 
Some history:

The linux kernel v5.18-rc contains the commit

> commit 6e8ec2552c7d13991148e551e3325a624d73fac6
> Author: Jason A. Donenfeld <Jason@zx2c4.com>
> Date:   2022-01-16 14:23:10 +0100
>
>     random: use computational hash for entropy extraction
> [...]

which modifies the kernels random number generator.

This change broke VirtualBox 6.1.34 in several ways:
It causes random crashes and filesystem corruption in the guest
(at least on some host CPU models).
More details can be found in the
corresponding ticket in the VirtualBox bug tracker:
https://www.virtualbox.org/ticket/20914

That ticket also contains a patch "vbox-linux-5.18.patch"
for VirtualBox that fixes the problem,
at least for kernels 5.18 and (hopefully) above.
This patch got added to nixpkgs' VirtualBox build recipe with
9c8132494f .

Meanwhile, the kernel patch got backported to LTS kernels.
As the VirtualBox patch contains several `#if RTLNX_VER_MIN(5,18,0)`
clauses to apply the fix,
it can't heal VirtualBox on LTS kernel versions.
The result is that VirtualBox is still broken if used
with linux kernels 5.10 and 5.15
(currenly the default kernel in nixpkgs).

Luckily, VirtualBox developers updated the patch
(now named "vbox-linux-5.19.patch") to not only fix the
problem for the upcoming 5.19 kernel, but also address
backport releases.

The commit at hand replaces "vbox-linux-5.18.patch"
with the new "vbox-linux-5.19.patch",
fixing VirtualBox for LTS kernel releases.
2022-07-04 22:15:03 +02:00

248 lines
9.8 KiB
Nix
Raw Blame History

{ config, stdenv, fetchurl, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook
, libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL, libcap, libGL
, libpng, glib, lvm2, libXrandr, libXinerama, libopus, qtbase, qtx11extras
, qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43
, alsa-lib, curl, libvpx, nettools, dbus, substituteAll, gsoap, zlib
, fetchpatch
# If open-watcom-bin is not passed, VirtualBox will fall back to use
# the shipped alternative sources (assembly).
, open-watcom-bin
, makeself, perl
, javaBindings ? true, jdk # Almost doesn't affect closure size
, pythonBindings ? false, python3
, extensionPack ? null, fakeroot
, pulseSupport ? config.pulseaudio or stdenv.isLinux, libpulseaudio
, enableHardening ? false
, headless ? false
, enable32bitGuests ? true
, enableWebService ? false
}:
with lib;
let
buildType = "release";
# Use maintainers/scripts/update.nix to update the version and all related hashes or
# change the hashes in extpack.nix and guest-additions/default.nix as well manually.
version = "6.1.34";
in stdenv.mkDerivation {
pname = "virtualbox";
inherit version;
src = fetchurl {
url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
sha256 = "9c3ce1829432e5b8374f950698587038f45fb0492147dc200e59edb9bb75eb49";
};
outputs = [ "out" "modsrc" ];
nativeBuildInputs = [ pkg-config which docbook_xsl docbook_xml_dtd_43 ]
++ optional (!headless) wrapQtAppsHook;
# Wrap manually because we wrap just a small number of executables.
dontWrapQtApps = true;
buildInputs = [
acpica-tools dev86 libxslt libxml2 xorgproto libX11 libXext libXcursor libIDL
libcap glib lvm2 alsa-lib curl libvpx pam makeself perl
libXmu libpng libopus python3 ]
++ optional javaBindings jdk
++ optional pythonBindings python3 # Python is needed even when not building bindings
++ optional pulseSupport libpulseaudio
++ optionals headless [ libXrandr libGL ]
++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL ]
++ optionals enableWebService [ gsoap zlib ];
hardeningDisable = [ "format" "fortify" "pic" "stackprotector" ];
prePatch = ''
set -x
sed -e 's@MKISOFS --version@MKISOFS -version@' \
-e 's@PYTHONDIR=.*@PYTHONDIR=${lib.optionalString pythonBindings python3}@' \
-e 's@CXX_FLAGS="\(.*\)"@CXX_FLAGS="-std=c++11 \1"@' \
${optionalString (!headless) ''
-e 's@TOOLQT5BIN=.*@TOOLQT5BIN="${getDev qtbase}/bin"@' \
''} -i configure
ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux.so.2
ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux-x86-64.so.2
grep 'libpulse\.so\.0' src include -rI --files-with-match | xargs sed -i -e '
${optionalString pulseSupport
''s@"libpulse\.so\.0"@"${libpulseaudio.out}/lib/libpulse.so.0"@g''}'
grep 'libdbus-1\.so\.3' src include -rI --files-with-match | xargs sed -i -e '
s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g'
grep 'libasound\.so\.2' src include -rI --files-with-match | xargs sed -i -e '
s@"libasound\.so\.2"@"${alsa-lib.out}/lib/libasound.so.2"@g'
export USER=nix
set +x
'';
patches =
optional enableHardening ./hardened.patch
++ [ ./extra_symbols.patch ]
# When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees
# the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH.
# This is because VirtualBoxVM would detect that it is wrapped that and refuse to run,
# and also because it would unset QT_PLUGIN_PATH for security reasons. We work around
# these issues by patching the code to set QT_PLUGIN_PATH to the necessary paths,
# after the code that unsets it. Note that qtsvg is included so that SVG icons from
# the user's icon theme can be loaded.
++ optional (!headless && enableHardening) (substituteAll {
src = ./qt-env-vars.patch;
qtPluginPath = "${qtbase.bin}/${qtbase.qtPluginPrefix}:${qtsvg.bin}/${qtbase.qtPluginPrefix}:${qtwayland.bin}/${qtbase.qtPluginPrefix}";
})
++ [
./qtx11extras.patch
# https://github.com/NixOS/nixpkgs/issues/123851
./fix-audio-driver-loading.patch
# NOTE: both patches below should be removed when updating to 6.1.35
# https://www.virtualbox.org/ticket/20914#comment:15
(fetchpatch {
url = "https://www.virtualbox.org/raw-attachment/ticket/20914/vbox-linux-5.19.patch";
hash = "sha512-NNiMf8kUuM/PimrQCOacYLkrf7UFPh6ZdPsXKyLlsqWfWQXkG92Fv3qZXvg8weE1Z/SBsFTuHICEI4b4l1wZFw==";
extraPrefix = "/";
})
# https://www.virtualbox.org/ticket/20904#comment:22
./ffreestanding.patch
];
postPatch = ''
sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \
src/VBox/HostDrivers/adpctl/VBoxNetAdpCtl.cpp
'' + optionalString headless ''
# Fix compile error in version 6.1.6
substituteInPlace src/VBox/HostServices/SharedClipboard/VBoxSharedClipboardSvc-x11-stubs.cpp \
--replace PSHCLFORMATDATA PSHCLFORMATS
'';
# first line: ugly hack, and it isn't yet clear why it's a problem
configurePhase = ''
NIX_CFLAGS_COMPILE=$(echo "$NIX_CFLAGS_COMPILE" | sed 's,\-isystem ${lib.getDev stdenv.cc.libc}/include,,g')
cat >> LocalConfig.kmk <<LOCAL_CONFIG
VBOX_WITH_TESTCASES :=
VBOX_WITH_TESTSUITE :=
VBOX_WITH_VALIDATIONKIT :=
VBOX_WITH_DOCS :=
VBOX_WITH_WARNINGS_AS_ERRORS :=
VBOX_WITH_ORIGIN :=
VBOX_PATH_APP_PRIVATE_ARCH_TOP := $out/share/virtualbox
VBOX_PATH_APP_PRIVATE_ARCH := $out/libexec/virtualbox
VBOX_PATH_SHARED_LIBS := $out/libexec/virtualbox
VBOX_WITH_RUNPATH := $out/libexec/virtualbox
VBOX_PATH_APP_PRIVATE := $out/share/virtualbox
VBOX_PATH_APP_DOCS := $out/doc
${optionalString javaBindings ''
VBOX_JAVA_HOME := ${jdk}
''}
${optionalString (!headless) ''
PATH_QT5_X11_EXTRAS_LIB := ${getLib qtx11extras}/lib
PATH_QT5_X11_EXTRAS_INC := ${getDev qtx11extras}/include
TOOL_QT5_LRC := ${getDev qttools}/bin/lrelease
''}
${optionalString enableWebService ''
# fix gsoap missing zlib include and produce errors with --as-needed
VBOX_GSOAP_CXX_LIBS := gsoapssl++ z
''}
LOCAL_CONFIG
./configure \
${optionalString headless "--build-headless"} \
${optionalString (!javaBindings) "--disable-java"} \
${optionalString (!pythonBindings) "--disable-python"} \
${optionalString (!pulseSupport) "--disable-pulse"} \
${optionalString (!enableHardening) "--disable-hardening"} \
${optionalString (!enable32bitGuests) "--disable-vmmraw"} \
${optionalString enableWebService "--enable-webservice"} \
${optionalString (open-watcom-bin != null) "--with-ow-dir=${open-watcom-bin}"} \
--disable-kmods
sed -e 's@PKG_CONFIG_PATH=.*@PKG_CONFIG_PATH=${libIDL}/lib/pkgconfig:${glib.dev}/lib/pkgconfig ${libIDL}/bin/libIDL-config-2@' \
-i AutoConfig.kmk
sed -e 's@arch/x86/@@' \
-i Config.kmk
substituteInPlace Config.kmk --replace "VBOX_WITH_TESTCASES = 1" "#"
'';
enableParallelBuilding = true;
buildPhase = ''
source env.sh
kmk -j $NIX_BUILD_CORES BUILD_TYPE="${buildType}"
'';
installPhase = ''
libexec="$out/libexec/virtualbox"
share="${if enableHardening then "$out/share/virtualbox" else "$libexec"}"
# Install VirtualBox files
mkdir -p "$libexec"
find out/linux.*/${buildType}/bin -mindepth 1 -maxdepth 1 \
-name src -o -exec cp -avt "$libexec" {} +
mkdir -p $out/bin
for file in ${optionalString (!headless) "VirtualBox VBoxSDL rdesktop-vrdp"} ${optionalString enableWebService "vboxwebsrv"} VBoxManage VBoxBalloonCtrl VBoxHeadless; do
echo "Linking $file to /bin"
test -x "$libexec/$file"
ln -s "$libexec/$file" $out/bin/$file
done
${optionalString (extensionPack != null) ''
mkdir -p "$share"
"${fakeroot}/bin/fakeroot" "${stdenv.shell}" <<EOF
"$libexec/VBoxExtPackHelperApp" install \
--base-dir "$share/ExtensionPacks" \
--cert-dir "$share/ExtPackCertificates" \
--name "Oracle VM VirtualBox Extension Pack" \
--tarball "${extensionPack}" \
--sha-256 "${extensionPack.outputHash}"
EOF
''}
${optionalString (!headless) ''
# Create and fix desktop item
mkdir -p $out/share/applications
sed -i -e "s|Icon=VBox|Icon=$libexec/VBox.png|" $libexec/virtualbox.desktop
ln -sfv $libexec/virtualbox.desktop $out/share/applications
# Icons
mkdir -p $out/share/icons/hicolor
for size in `ls -1 $libexec/icons`; do
mkdir -p $out/share/icons/hicolor/$size/apps
ln -s $libexec/icons/$size/*.png $out/share/icons/hicolor/$size/apps
done
''}
cp -rv out/linux.*/${buildType}/bin/src "$modsrc"
'';
preFixup = optionalString (!headless) ''
wrapQtApp $out/bin/VirtualBox
''
# If hardening is disabled, wrap the VirtualBoxVM binary instead of patching
# the source code (see postPatch).
+ optionalString (!headless && !enableHardening) ''
wrapQtApp $out/libexec/virtualbox/VirtualBoxVM
'';
passthru = {
inherit version; # for guest additions
inherit extensionPack; # for inclusion in profile to prevent gc
updateScript = ./update.sh;
};
meta = {
description = "PC emulator";
sourceProvenance = with lib.sourceTypes; [
fromSource
binaryNativeCode
];
license = licenses.gpl2;
homepage = "https://www.virtualbox.org/";
maintainers = with maintainers; [ sander ];
platforms = [ "x86_64-linux" ];
mainProgram = "VirtualBox";
};
}
Reference in a new issue View git blame Copy permalink