aland/nixpkgs-odroid-hc4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

Browse source 
https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948
this can do it nicely.

Signed-off-by: Anton Arapov <anton@deadbeef.mx>
This commit is contained in:
Anton Arapov 2021-04-03 12:58:10 +02:00 committed by Alan Daniels
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

239
pkgs/applications/virtualization/virtualbox/default.nix Normal file
View file

@ -0,0 +1,239 @@
{ config, stdenv, fetchurl, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook
, libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL, libcap, libGL
, libpng, glib, lvm2, libXrandr, libXinerama, libopus, qtbase, qtx11extras
, qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43
, alsa-lib, curl, libvpx, nettools, dbus, substituteAll, gsoap, zlib
# If open-watcom-bin is not passed, VirtualBox will fall back to use
# the shipped alternative sources (assembly).
, open-watcom-bin
, makeself, perl
, javaBindings ? true, jdk # Almost doesn't affect closure size
, pythonBindings ? false, python3
, extensionPack ? null, fakeroot
, pulseSupport ? config.pulseaudio or stdenv.isLinux, libpulseaudio
, enableHardening ? false
, headless ? false
, enable32bitGuests ? true
, enableWebService ? false
}:
with lib;
let
buildType = "release";
# Use maintainers/scripts/update.nix to update the version and all related hashes or
# change the hashes in extpack.nix and guest-additions/default.nix as well manually.
version = "6.1.34";
in stdenv.mkDerivation {
pname = "virtualbox";
inherit version;
src = fetchurl {
url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
sha256 = "9c3ce1829432e5b8374f950698587038f45fb0492147dc200e59edb9bb75eb49";
};
outputs = [ "out" "modsrc" ];
nativeBuildInputs = [ pkg-config which docbook_xsl docbook_xml_dtd_43 ]
++ optional (!headless) wrapQtAppsHook;
# Wrap manually because we wrap just a small number of executables.
dontWrapQtApps = true;
buildInputs = [
acpica-tools dev86 libxslt libxml2 xorgproto libX11 libXext libXcursor libIDL
libcap glib lvm2 alsa-lib curl libvpx pam makeself perl
libXmu libpng libopus python3 ]
++ optional javaBindings jdk
++ optional pythonBindings python3 # Python is needed even when not building bindings
++ optional pulseSupport libpulseaudio
++ optionals headless [ libXrandr libGL ]
++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL ]
++ optionals enableWebService [ gsoap zlib ];
hardeningDisable = [ "format" "fortify" "pic" "stackprotector" ];
prePatch = ''
set -x
sed -e 's@MKISOFS --version@MKISOFS -version@' \
-e 's@PYTHONDIR=.*@PYTHONDIR=${lib.optionalString pythonBindings python3}@' \
-e 's@CXX_FLAGS="\(.*\)"@CXX_FLAGS="-std=c++11 \1"@' \
${optionalString (!headless) ''
-e 's@TOOLQT5BIN=.*@TOOLQT5BIN="${getDev qtbase}/bin"@' \
''} -i configure
ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux.so.2
ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.cc.libc}/lib/ld-linux-x86-64.so.2
grep 'libpulse\.so\.0' src include -rI --files-with-match | xargs sed -i -e '
${optionalString pulseSupport
''s@"libpulse\.so\.0"@"${libpulseaudio.out}/lib/libpulse.so.0"@g''}'
grep 'libdbus-1\.so\.3' src include -rI --files-with-match | xargs sed -i -e '
s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g'
grep 'libasound\.so\.2' src include -rI --files-with-match | xargs sed -i -e '
s@"libasound\.so\.2"@"${alsa-lib.out}/lib/libasound.so.2"@g'
export USER=nix
set +x
'';
patches =
optional enableHardening ./hardened.patch
++ [ ./extra_symbols.patch ]
# When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees
# the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH.
# This is because VirtualBoxVM would detect that it is wrapped that and refuse to run,
# and also because it would unset QT_PLUGIN_PATH for security reasons. We work around
# these issues by patching the code to set QT_PLUGIN_PATH to the necessary paths,
# after the code that unsets it. Note that qtsvg is included so that SVG icons from
# the user's icon theme can be loaded.
++ optional (!headless && enableHardening) (substituteAll {
src = ./qt-env-vars.patch;
qtPluginPath = "${qtbase.bin}/${qtbase.qtPluginPrefix}:${qtsvg.bin}/${qtbase.qtPluginPrefix}:${qtwayland.bin}/${qtbase.qtPluginPrefix}";
})
++ [
./qtx11extras.patch
# https://github.com/NixOS/nixpkgs/issues/123851
./fix-audio-driver-loading.patch
# NOTE: both patches below should be removed when updating to 6.1.35
# https://www.virtualbox.org/ticket/20914#comment:6
./linux518.patch
# https://www.virtualbox.org/ticket/20904#comment:22
./ffreestanding.patch
];
postPatch = ''
sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \
src/VBox/HostDrivers/adpctl/VBoxNetAdpCtl.cpp
'' + optionalString headless ''
# Fix compile error in version 6.1.6
substituteInPlace src/VBox/HostServices/SharedClipboard/VBoxSharedClipboardSvc-x11-stubs.cpp \
--replace PSHCLFORMATDATA PSHCLFORMATS
'';
# first line: ugly hack, and it isn't yet clear why it's a problem
configurePhase = ''
NIX_CFLAGS_COMPILE=$(echo "$NIX_CFLAGS_COMPILE" | sed 's,\-isystem ${lib.getDev stdenv.cc.libc}/include,,g')
cat >> LocalConfig.kmk <<LOCAL_CONFIG
VBOX_WITH_TESTCASES :=
VBOX_WITH_TESTSUITE :=
VBOX_WITH_VALIDATIONKIT :=
VBOX_WITH_DOCS :=
VBOX_WITH_WARNINGS_AS_ERRORS :=
VBOX_WITH_ORIGIN :=
VBOX_PATH_APP_PRIVATE_ARCH_TOP := $out/share/virtualbox
VBOX_PATH_APP_PRIVATE_ARCH := $out/libexec/virtualbox
VBOX_PATH_SHARED_LIBS := $out/libexec/virtualbox
VBOX_WITH_RUNPATH := $out/libexec/virtualbox
VBOX_PATH_APP_PRIVATE := $out/share/virtualbox
VBOX_PATH_APP_DOCS := $out/doc
${optionalString javaBindings ''
VBOX_JAVA_HOME := ${jdk}
''}
${optionalString (!headless) ''
PATH_QT5_X11_EXTRAS_LIB := ${getLib qtx11extras}/lib
PATH_QT5_X11_EXTRAS_INC := ${getDev qtx11extras}/include
TOOL_QT5_LRC := ${getDev qttools}/bin/lrelease
''}
${optionalString enableWebService ''
# fix gsoap missing zlib include and produce errors with --as-needed
VBOX_GSOAP_CXX_LIBS := gsoapssl++ z
''}
LOCAL_CONFIG
./configure \
${optionalString headless "--build-headless"} \
${optionalString (!javaBindings) "--disable-java"} \
${optionalString (!pythonBindings) "--disable-python"} \
${optionalString (!pulseSupport) "--disable-pulse"} \
${optionalString (!enableHardening) "--disable-hardening"} \
${optionalString (!enable32bitGuests) "--disable-vmmraw"} \
${optionalString enableWebService "--enable-webservice"} \
${optionalString (open-watcom-bin != null) "--with-ow-dir=${open-watcom-bin}"} \
--disable-kmods
sed -e 's@PKG_CONFIG_PATH=.*@PKG_CONFIG_PATH=${libIDL}/lib/pkgconfig:${glib.dev}/lib/pkgconfig ${libIDL}/bin/libIDL-config-2@' \
-i AutoConfig.kmk
sed -e 's@arch/x86/@@' \
-i Config.kmk
substituteInPlace Config.kmk --replace "VBOX_WITH_TESTCASES = 1" "#"
'';
enableParallelBuilding = true;
buildPhase = ''
source env.sh
kmk -j $NIX_BUILD_CORES BUILD_TYPE="${buildType}"
'';
installPhase = ''
libexec="$out/libexec/virtualbox"
share="${if enableHardening then "$out/share/virtualbox" else "$libexec"}"
# Install VirtualBox files
mkdir -p "$libexec"
find out/linux.*/${buildType}/bin -mindepth 1 -maxdepth 1 \
-name src -o -exec cp -avt "$libexec" {} +
mkdir -p $out/bin
for file in ${optionalString (!headless) "VirtualBox VBoxSDL rdesktop-vrdp"} ${optionalString enableWebService "vboxwebsrv"} VBoxManage VBoxBalloonCtrl VBoxHeadless; do
echo "Linking $file to /bin"
test -x "$libexec/$file"
ln -s "$libexec/$file" $out/bin/$file
done
${optionalString (extensionPack != null) ''
mkdir -p "$share"
"${fakeroot}/bin/fakeroot" "${stdenv.shell}" <<EOF
"$libexec/VBoxExtPackHelperApp" install \
--base-dir "$share/ExtensionPacks" \
--cert-dir "$share/ExtPackCertificates" \
--name "Oracle VM VirtualBox Extension Pack" \
--tarball "${extensionPack}" \
--sha-256 "${extensionPack.outputHash}"
EOF
''}
${optionalString (!headless) ''
# Create and fix desktop item
mkdir -p $out/share/applications
sed -i -e "s|Icon=VBox|Icon=$libexec/VBox.png|" $libexec/virtualbox.desktop
ln -sfv $libexec/virtualbox.desktop $out/share/applications
# Icons
mkdir -p $out/share/icons/hicolor
for size in `ls -1 $libexec/icons`; do
mkdir -p $out/share/icons/hicolor/$size/apps
ln -s $libexec/icons/$size/*.png $out/share/icons/hicolor/$size/apps
done
''}
cp -rv out/linux.*/${buildType}/bin/src "$modsrc"
'';
preFixup = optionalString (!headless) ''
wrapQtApp $out/bin/VirtualBox
''
# If hardening is disabled, wrap the VirtualBoxVM binary instead of patching
# the source code (see postPatch).
+ optionalString (!headless && !enableHardening) ''
wrapQtApp $out/libexec/virtualbox/VirtualBoxVM
'';
passthru = {
inherit version; # for guest additions
inherit extensionPack; # for inclusion in profile to prevent gc
updateScript = ./update.sh;
};
meta = {
description = "PC emulator";
license = licenses.gpl2;
homepage = "https://www.virtualbox.org/";
maintainers = with maintainers; [ sander ];
platforms = [ "x86_64-linux" ];
mainProgram = "VirtualBox";
};
}

25
pkgs/applications/virtualization/virtualbox/extpack.nix Normal file
View file

@ -0,0 +1,25 @@
{fetchurl, lib, virtualbox}:
with lib;
let
inherit (virtualbox) version;
in
fetchurl rec {
name = "Oracle_VM_VirtualBox_Extension_Pack-${version}.vbox-extpack";
url = "https://download.virtualbox.org/virtualbox/${version}/${name}";
sha256 =
# Manually sha256sum the extensionPack file, must be hex!
# Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`.
# Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS
let value = "d7856f0688b6d2ed1e8bff0b367efa952068b03fa5a3a29b46db08cfd5d9a810";
in assert (builtins.stringLength value) == 64; value;
meta = {
description = "Oracle Extension pack for VirtualBox";
license = licenses.virtualbox-puel;
homepage = "https://www.virtualbox.org/";
maintainers = with maintainers; [ sander cdepillabout ];
platforms = [ "x86_64-linux" ];
};
}

25
pkgs/applications/virtualization/virtualbox/extra_symbols.patch Normal file
View file

@ -0,0 +1,25 @@
diff --git a/src/VBox/HostDrivers/linux/Makefile b/src/VBox/HostDrivers/linux/Makefile
index 8ba33952..3b8abe60 100644
--- a/src/VBox/HostDrivers/linux/Makefile
+++ b/src/VBox/HostDrivers/linux/Makefile
@@ -99,17 +99,17 @@ install-vboxdrv:
install-vboxnetflt:
+@if [ -d vboxnetflt ]; then \
- $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) -C vboxnetflt install; \
+ $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) KBUILD_EXTRA_SYMBOLS=$(abspath vboxnetflt/Module.symvers) -C vboxnetflt install; \
fi
install-vboxnetadp:
+@if [ -d vboxnetadp ]; then \
- $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) -C vboxnetadp install; \
+ $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) KBUILD_EXTRA_SYMBOLS=$(abspath vboxnetadp/Module.symvers) -C vboxnetadp install; \
fi
install-vboxpci:
+@if [ -d vboxpci ]; then \
- $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) -C vboxpci install; \
+ $(MAKE) KBUILD_VERBOSE=$(KBUILD_VERBOSE) KBUILD_EXTRA_SYMBOLS=$(abspath vboxpci/Module.symvers) -C vboxpci install; \
fi
install: install-vboxdrv install-vboxnetflt install-vboxnetadp install-vboxpci

20
pkgs/applications/virtualization/virtualbox/ffreestanding.patch Normal file
View file

@ -0,0 +1,20 @@
diff --git a/Config.kmk b/Config.kmk
index 3df197404..4c6bd76bb 100644
--- a/Config.kmk
+++ b/Config.kmk
@@ -4503,11 +4504,14 @@ ifeq ($(VBOX_LDR_FMT),elf)
TEMPLATE_VBoxR0_TOOL = $(VBOX_GCC_TOOL)
TEMPLATE_VBoxR0_CFLAGS = -fno-pie -nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_C) \
$(VBOX_GCC_Wno-variadic-macros) $(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) -fno-strict-aliasing -fno-exceptions \
- $(VBOX_GCC_fno-stack-protector) -fno-common $(VBOX_GCC_fvisibility-hidden) -std=gnu99 $(VBOX_GCC_IPRT_FMT_CHECK)
+ $(VBOX_GCC_fno-stack-protector) -fno-common -ffreestanding $(VBOX_GCC_fvisibility-hidden) -std=gnu99 $(VBOX_GCC_IPRT_FMT_CHECK)
TEMPLATE_VBoxR0_CXXFLAGS = -fno-pie -nostdinc -g $(VBOX_GCC_pipe) $(VBOX_GCC_WERR) $(VBOX_GCC_PEDANTIC_CXX) \
$(VBOX_GCC_Wno-variadic-macros) $(VBOX_GCC_R0_OPT) $(VBOX_GCC_R0_FP) -fno-strict-aliasing -fno-exceptions \
$(VBOX_GCC_fno-stack-protector) -fno-common $(VBOX_GCC_fvisibility-inlines-hidden) $(VBOX_GCC_fvisibility-hidden) \
-fno-rtti $(VBOX_GCC_IPRT_FMT_CHECK)
+ if $(VBOX_GCC_VERSION_CC) >= 40500 # 4.1.2 complains, 4.5.2 is okay, didn't check which version inbetween made it okay with g++.
+TEMPLATE_VBoxR0_CXXFLAGS += -ffreestanding
+ endif
TEMPLATE_VBoxR0_CFLAGS.amd64 = -m64 -mno-red-zone -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -fasynchronous-unwind-tables -ffreestanding
TEMPLATE_VBoxR0_CXXFLAGS.amd64 = -m64 -mno-red-zone -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -fasynchronous-unwind-tables
TEMPLATE_VBoxR0_CXXFLAGS.freebsd = -ffreestanding

26
pkgs/applications/virtualization/virtualbox/fix-audio-driver-loading.patch Normal file
View file

@ -0,0 +1,26 @@
diff --git a/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp b/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp
index cfcb0abbf..2ce564f6f 100644
--- a/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp
+++ b/src/VBox/Devices/Audio/DrvHostAudioAlsaStubs.cpp
@@ -258,7 +258,7 @@ static DECLCALLBACK(int32_t) drvHostAudioAlsaLibInitOnce(void *pvUser)
LogFlowFunc(("\n"));
RTLDRMOD hMod = NIL_RTLDRMOD;
- int rc = RTLdrLoadSystemEx(VBOX_ALSA_LIB, RTLDRLOAD_FLAGS_NO_UNLOAD, &hMod);
+ int rc = RTLdrLoad(VBOX_ALSA_LIB, &hMod);
if (RT_SUCCESS(rc))
{
for (uintptr_t i = 0; i < RT_ELEMENTS(SharedFuncs); i++)
diff --git a/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp b/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp
index a17fc93f9..148f5c39a 100644
--- a/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp
+++ b/src/VBox/Devices/Audio/DrvHostAudioPulseAudioStubs.cpp
@@ -332,7 +332,7 @@ static DECLCALLBACK(int32_t) drvHostAudioPulseLibInitOnce(void *pvUser)
LogFlowFunc(("\n"));
RTLDRMOD hMod = NIL_RTLDRMOD;
- int rc = RTLdrLoadSystemEx(VBOX_PULSE_LIB, RTLDRLOAD_FLAGS_NO_UNLOAD, &hMod);
+ int rc = RTLdrLoad(VBOX_PULSE_LIB, &hMod);
if (RT_SUCCESS(rc))
{
for (unsigned i = 0; i < RT_ELEMENTS(g_aImportedFunctions); i++)

11
pkgs/applications/virtualization/virtualbox/fix-configure-pkgconfig-qt.patch Normal file
View file

@ -0,0 +1,11 @@
Index: /trunk/configure
===================================================================
--- a/configure (revision 90360)
+++ b/configure (revision 90377)
@@ -1588,5 +1588,5 @@
if [ $? -eq 0 ]; then
echo "(Qt5 from pkg-config)" >> $LOG
- FLGQT5=`pkg-config Qt5Core Qt5Gui --cflags`
+ FLGQT5=`pkg-config Qt5Core --cflags`
# gcc 4.8 is able to compile with C++11 (see also VBOX_GCC_std in Config.kmk)
[ $(($cc_maj * 100 + $cc_min)) -ge 408 ] && FLGQT5="$FLGQT5 -std=c++11"

163
pkgs/applications/virtualization/virtualbox/guest-additions/default.nix Normal file
View file

@ -0,0 +1,163 @@
{ stdenv, fetchurl, lib, patchelf, cdrkit, kernel, which, makeWrapper
, zlib, xorg, dbus, virtualbox}:
let
version = virtualbox.version;
xserverVListFunc = builtins.elemAt (lib.splitVersion xorg.xorgserver.version);
# Forced to 1.18; vboxvideo doesn't seem to provide any newer ABI,
# and nixpkgs doesn't support older ABIs anymore.
xserverABI = "118";
# Specifies how to patch binaries to make sure that libraries loaded using
# dlopen are found. We grep binaries for specific library names and patch
# RUNPATH in matching binaries to contain the needed library paths.
dlopenLibs = [
{ name = "libdbus-1.so"; pkg = dbus; }
{ name = "libXfixes.so"; pkg = xorg.libXfixes; }
{ name = "libXrandr.so"; pkg = xorg.libXrandr; }
];
in stdenv.mkDerivation rec {
name = "VirtualBox-GuestAdditions-${version}-${kernel.version}";
src = fetchurl {
url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso";
sha256 = "88f86fa0e6970b6a7c80d714b7a91a8c425ff8ef53a3e73fc80781191a87257b";
};
KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
KERN_INCL = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/source/include";
hardeningDisable = [ "pic" ];
NIX_CFLAGS_COMPILE = "-Wno-error=incompatible-pointer-types -Wno-error=implicit-function-declaration";
nativeBuildInputs = [ patchelf makeWrapper ];
buildInputs = [ cdrkit ] ++ kernel.moduleBuildDependencies;
prePatch = ''
substituteInPlace src/vboxguest-${version}/vboxvideo/vbox_ttm.c \
--replace "<ttm/" "<drm/ttm/"
'';
patchFlags = [ "-p1" "-d" "src/vboxguest-${version}" ];
unpackPhase = ''
${if stdenv.hostPlatform.system == "i686-linux" || stdenv.hostPlatform.system == "x86_64-linux" then ''
isoinfo -J -i $src -x /VBoxLinuxAdditions.run > ./VBoxLinuxAdditions.run
chmod 755 ./VBoxLinuxAdditions.run
# An overflow leads the is-there-enough-space check to fail when there's too much space available, so fake how much space there is
sed -i 's/\$leftspace/16383/' VBoxLinuxAdditions.run
./VBoxLinuxAdditions.run --noexec --keep
''
else throw ("Architecture: "+stdenv.hostPlatform.system+" not supported for VirtualBox guest additions")
}
# Unpack files
cd install
${if stdenv.hostPlatform.system == "i686-linux" then ''
tar xfvj VBoxGuestAdditions-x86.tar.bz2
''
else if stdenv.hostPlatform.system == "x86_64-linux" then ''
tar xfvj VBoxGuestAdditions-amd64.tar.bz2
''
else throw ("Architecture: "+stdenv.hostPlatform.system+" not supported for VirtualBox guest additions")
}
'';
buildPhase = ''
# Build kernel modules.
cd src
find . -type f | xargs sed 's/depmod -a/true/' -i
cd vboxguest-${version}
# Run just make first. If we only did make install, we get symbol warnings during build.
make
cd ../..
# Change the interpreter for various binaries
for i in sbin/VBoxService bin/{VBoxClient,VBoxControl} other/mount.vboxsf; do
patchelf --set-interpreter ${stdenv.cc.bintools.dynamicLinker} $i
patchelf --set-rpath ${lib.makeLibraryPath [ stdenv.cc.cc stdenv.cc.libc zlib
xorg.libX11 xorg.libXt xorg.libXext xorg.libXmu xorg.libXfixes xorg.libXrandr xorg.libXcursor ]} $i
done
for i in lib/VBoxOGL*.so
do
patchelf --set-rpath ${lib.makeLibraryPath [ "$out"
xorg.libXcomposite xorg.libXdamage xorg.libXext xorg.libXfixes ]} $i
done
# FIXME: Virtualbox 4.3.22 moved VBoxClient-all (required by Guest Additions
# NixOS module) to 98vboxadd-xclient. For now, just work around it:
mv other/98vboxadd-xclient bin/VBoxClient-all
# Remove references to /usr from various scripts and files
sed -i -e "s|/usr/bin|$out/bin|" other/vboxclient.desktop
sed -i -e "s|/usr/bin|$out/bin|" bin/VBoxClient-all
'';
installPhase = ''
# Install kernel modules.
cd src/vboxguest-${version}
make install INSTALL_MOD_PATH=$out KBUILD_EXTRA_SYMBOLS=$PWD/vboxsf/Module.symvers
cd ../..
# Install binaries
install -D -m 755 other/mount.vboxsf $out/bin/mount.vboxsf
install -D -m 755 sbin/VBoxService $out/bin/VBoxService
mkdir -p $out/bin
install -m 755 bin/VBoxClient $out/bin
install -m 755 bin/VBoxControl $out/bin
install -m 755 bin/VBoxClient-all $out/bin
wrapProgram $out/bin/VBoxClient-all \
--prefix PATH : "${which}/bin"
# Don't install VBoxOGL for now
# It seems to be broken upstream too, and fixing it is far down the priority list:
# https://www.virtualbox.org/pipermail/vbox-dev/2017-June/014561.html
# Additionally, 3d support seems to rely on VBoxOGL.so being symlinked from
# libGL.so (which we can't), and Oracle doesn't plan on supporting libglvnd
# either. (#18457)
## Install OpenGL libraries
#mkdir -p $out/lib
#cp -v lib/VBoxOGL*.so $out/lib
#mkdir -p $out/lib/dri
#ln -s $out/lib/VBoxOGL.so $out/lib/dri/vboxvideo_dri.so
# Install desktop file
mkdir -p $out/share/autostart
cp -v other/vboxclient.desktop $out/share/autostart
# Install Xorg drivers
mkdir -p $out/lib/xorg/modules/{drivers,input}
install -m 644 other/vboxvideo_drv_${xserverABI}.so $out/lib/xorg/modules/drivers/vboxvideo_drv.so
'';
# Stripping breaks these binaries for some reason.
dontStrip = true;
# Patch RUNPATH according to dlopenLibs (see the comment there).
postFixup = lib.concatMapStrings (library: ''
for i in $(grep -F ${lib.escapeShellArg library.name} -l -r $out/{lib,bin}); do
origRpath=$(patchelf --print-rpath "$i")
patchelf --set-rpath "$origRpath:${lib.makeLibraryPath [ library.pkg ]}" "$i"
done
'') dlopenLibs;
meta = {
description = "Guest additions for VirtualBox";
longDescription = ''
Various add-ons which makes NixOS work better as guest OS inside VirtualBox.
This add-on provides support for dynamic resizing of the X Display, shared
host/guest clipboard support and guest OpenGL support.
'';
license = "GPL";
maintainers = [ lib.maintainers.sander ];
platforms = lib.platforms.linux;
broken = kernel.kernelAtLeast "5.17";
};
}

181
pkgs/applications/virtualization/virtualbox/hardened.patch Normal file
View file

@ -0,0 +1,181 @@
diff --git a/include/iprt/mangling.h b/include/iprt/mangling.h
index 25b918d1..1420ff1d 100644
--- a/include/iprt/mangling.h
+++ b/include/iprt/mangling.h
@@ -1695,6 +1695,7 @@
# define RTPathStripSuffix RT_MANGLER(RTPathStripSuffix)
# define RTPathStripFilename RT_MANGLER(RTPathStripFilename)
# define RTPathStripTrailingSlash RT_MANGLER(RTPathStripTrailingSlash)
+# define RTPathSuidDir RT_MANGLER(RTPathSuidDir)
# define RTPathTemp RT_MANGLER(RTPathTemp)
# define RTPathTraverseList RT_MANGLER(RTPathTraverseList)
# define RTPathUnlink RT_MANGLER(RTPathUnlink)
@@ -1734,6 +1735,7 @@
# define RTProcGetAffinityMask RT_MANGLER(RTProcGetAffinityMask)
# define RTProcGetExecutablePath RT_MANGLER(RTProcGetExecutablePath)
# define RTProcGetPriority RT_MANGLER(RTProcGetPriority)
+# define RTProcGetSuidPath RT_MANGLER(RTProcGetSuidPath)
# define RTProcIsRunningByName RT_MANGLER(RTProcIsRunningByName)
# define RTProcQueryParent RT_MANGLER(RTProcQueryParent)
# define RTProcQueryUsername RT_MANGLER(RTProcQueryUsername)
diff --git a/include/iprt/path.h b/include/iprt/path.h
index 99060e35..ccfbeb76 100644
--- a/include/iprt/path.h
+++ b/include/iprt/path.h
@@ -1221,6 +1221,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, const char *p
*/
RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath);
+/**
+ * Gets the path to the NixOS setuid wrappers directory.
+ *
+ * @returns iprt status code.
+ * @param pszPath Buffer where to store the path.
+ * @param cchPath Buffer size in bytes.
+ */
+RTDECL(int) RTPathSuidDir(char *pszPath, size_t cchPath);
+
/**
* Gets the user home directory.
*
diff --git a/include/iprt/process.h b/include/iprt/process.h
index f4f67dd4..ab882a19 100644
--- a/include/iprt/process.h
+++ b/include/iprt/process.h
@@ -352,6 +352,16 @@ RTR3DECL(const char *) RTProcExecutablePath(void);
*/
RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath);
+/**
+ * Gets the path to the NixOS setuid wrappers directory.
+ *
+ * @returns pszExecPath on success. NULL on buffer overflow or other errors.
+ *
+ * @param pszExecPath Where to store the path.
+ * @param cbExecPath The size of the buffer.
+ */
+RTR3DECL(char *) RTProcGetSuidPath(char *pszExecPath, size_t cbExecPath);
+
/**
* Daemonize the current process, making it a background process.
*
diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
index 75ff8572..18a077b7 100644
--- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
+++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
@@ -1531,9 +1531,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
bool fBad = !fRelaxed || pFsObjState->Stat.st_gid != 2 /*bin*/ || suplibHardenedStrCmp(pszPath, "/usr/lib/iconv");
# else
NOREF(fRelaxed);
- bool fBad = true;
+ bool fBad = !(fDir && pFsObjState->Stat.st_mode & S_ISVTX && !suplibHardenedStrCmp(pszPath, "/nix/store"));
# endif
- if (fBad)
+ if (fBad && suplibHardenedStrCmp(pszPath, "/nix/store"))
return supR3HardenedSetError3(VERR_SUPLIB_WRITE_NON_SYS_GROUP, pErrInfo,
"An unknown (and thus untrusted) group has write access to '", pszPath,
"' and we therefore cannot trust the directory content or that of any subdirectory");
diff --git a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
index 2991d3a7..d042a08b 100644
--- a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
+++ b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
@@ -90,7 +90,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
/* Get the path to the executable directory w/ trailing slash: */
char szPath[RTPATH_MAX];
- int vrc = RTPathAppPrivateArch(szPath, sizeof(szPath));
+ int vrc = RTStrCopy(szPath, sizeof(szPath) - 1, "/run/wrappers/bin");
AssertRCReturn(vrc, vrc);
size_t cbBufLeft = RTPathEnsureTrailingSeparator(szPath, sizeof(szPath));
AssertReturn(cbBufLeft > 0, VERR_FILENAME_TOO_LONG);
diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
index 2e57690a..3272c840 100644
--- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp
+++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
@@ -188,7 +188,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
* ASSUME it is relative to the directory that holds VBoxSVC.
*/
char szExePath[RTPATH_MAX];
- AssertReturn(RTProcGetExecutablePath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
+ AssertReturn(RTProcGetSuidPath(szExePath, RTPATH_MAX), VERR_FILENAME_TOO_LONG);
RTPathStripFilename(szExePath);
int vrc = RTPathAppend(szExePath, sizeof(szExePath), m->pszProcName);
AssertLogRelRCReturn(vrc, vrc);
diff --git a/src/VBox/Main/src-server/generic/NetIf-generic.cpp b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
index af155966..3b8e793d 100644
--- a/src/VBox/Main/src-server/generic/NetIf-generic.cpp
+++ b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
@@ -48,7 +48,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
const char *args[] = { NULL, pcszIfName, pszAddr, pszOption, pszMask, NULL };
char szAdpCtl[RTPATH_MAX];
- int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
+ int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
if (RT_FAILURE(rc))
{
LogRel(("NetIfAdpCtl: failed to get program path, rc=%Rrc.\n", rc));
@@ -95,7 +95,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
int NetIfAdpCtlOut(const char * pcszName, const char * pcszCmd, char *pszBuffer, size_t cBufSize)
{
char szAdpCtl[RTPATH_MAX];
- int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
+ int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
if (RT_FAILURE(rc))
{
LogRel(("NetIfAdpCtlOut: Failed to get program path, rc=%Rrc\n", rc));
@@ -210,7 +210,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
progress.queryInterfaceTo(aProgress);
char szAdpCtl[RTPATH_MAX];
- vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
+ vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " add"));
if (RT_FAILURE(vrc))
{
progress->i_notifyComplete(E_FAIL,
diff --git a/src/VBox/Runtime/r3/path.cpp b/src/VBox/Runtime/r3/path.cpp
index 4b1a0ada..7f6dd707 100644
--- a/src/VBox/Runtime/r3/path.cpp
+++ b/src/VBox/Runtime/r3/path.cpp
@@ -81,6 +81,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath)
}
+RTDECL(int) RTPathSuidDir(char *pszPath, size_t cchPath)
+{
+ return RTStrCopy(pszPath, cchPath, "/run/wrappers/bin");
+}
+
+
RTDECL(int) RTPathAppPrivateNoArch(char *pszPath, size_t cchPath)
{
#if !defined(RT_OS_WINDOWS) && defined(RTPATH_APP_PRIVATE)
diff --git a/src/VBox/Runtime/r3/process.cpp b/src/VBox/Runtime/r3/process.cpp
index 5f7c7a87..59461cfa 100644
--- a/src/VBox/Runtime/r3/process.cpp
+++ b/src/VBox/Runtime/r3/process.cpp
@@ -117,6 +117,25 @@ RTR3DECL(const char *) RTProcExecutablePath(void)
return g_szrtProcExePath;
}
+/*
+ * Note the / at the end! This is important, because the functions using this
+ * will cut off everything after the rightmost / as this function is analogous
+ * to RTProcGetExecutablePath().
+ */
+#define SUIDDIR "/run/wrappers/bin/"
+
+RTR3DECL(char *) RTProcGetSuidPath(char *pszExecPath, size_t cbExecPath)
+{
+ if (cbExecPath >= sizeof(SUIDDIR))
+ {
+ memcpy(pszExecPath, SUIDDIR, sizeof(SUIDDIR));
+ pszExecPath[sizeof(SUIDDIR)] = '\0';
+ return pszExecPath;
+ }
+
+ AssertMsgFailed(("Buffer too small (%zu <= %zu)\n", cbExecPath, sizeof(SUIDDIR)));
+ return NULL;
+}
RTR3DECL(const char *) RTProcShortName(void)
{

285
pkgs/applications/virtualization/virtualbox/linux518.patch Normal file
View file

@ -0,0 +1,285 @@
Index: include/VBox/sup.h
===================================================================
--- trunk/include/VBox/sup.h (revision 151556)
+++ trunk/include/VBox/sup.h (working copy)
@@ -2142,6 +2142,26 @@
*/
SUPR0DECL(uint32_t) SUPR0GetKernelFeatures(void);
+/**
+ * Notification from R0 VMM prior to loading the guest-FPU register state.
+ *
+ * @returns Whether the host-FPU register state has been saved by the host kernel.
+ * @param fCtxHook Whether thread-context hooks are enabled.
+ *
+ * @remarks Called with preemption disabled.
+ */
+SUPR0DECL(bool) SUPR0FpuBegin(bool fCtxHook);
+
+/**
+ * Notification from R0 VMM prior to saving the guest-FPU register state (and
+ * potentially restoring the host-FPU register state) in ring-0.
+ *
+ * @param fCtxHook Whether thread-context hooks are enabled.
+ *
+ * @remarks Called with preemption disabled.
+ */
+SUPR0DECL(void) SUPR0FpuEnd(bool fCtxHook);
+
/** @copydoc RTLogGetDefaultInstanceEx
* @remarks To allow overriding RTLogGetDefaultInstanceEx locally. */
SUPR0DECL(struct RTLOGGER *) SUPR0GetDefaultLogInstanceEx(uint32_t fFlagsAndGroup);
Index: src/VBox/Additions/linux/sharedfolders/regops.c
===================================================================
--- trunk/src/VBox/Additions/linux/sharedfolders/regops.c (revision 151556)
+++ trunk/src/VBox/Additions/linux/sharedfolders/regops.c (working copy)
@@ -3823,7 +3823,9 @@
.readpage = vbsf_readpage,
.writepage = vbsf_writepage,
/** @todo Need .writepages if we want msync performance... */
-#if RTLNX_VER_MIN(2,5,12)
+#if RTLNX_VER_MIN(5,18,0)
+ .dirty_folio = filemap_dirty_folio,
+#elif RTLNX_VER_MIN(2,5,12)
.set_page_dirty = __set_page_dirty_buffers,
#endif
#if RTLNX_VER_MIN(5,14,0)
Index: src/VBox/Additions
===================================================================
--- trunk/src/VBox/Additions (revision 151556)
+++ trunk/src/VBox/Additions (working copy)
Property changes on: src/VBox/Additions
___________________________________________________________________
Modified: svn:mergeinfo
## -0,0 +0,1 ##
Merged /trunk/src/VBox/Additions:r150844
Index: src/VBox/HostDrivers/Support/SUPDrv.cpp
===================================================================
--- trunk/src/VBox/HostDrivers/Support/SUPDrv.cpp (revision 151556)
+++ trunk/src/VBox/HostDrivers/Support/SUPDrv.cpp (working copy)
@@ -98,6 +98,18 @@
# endif
#endif
+#if defined(RT_OS_LINUX) && !defined(__NO_FORTIFY) && defined(__OPTIMIZE__) && defined(CONFIG_FORTIFY_SOURCE)
+/* In Linux 5.18-rc1, memcpy became a wrapper which does fortify checks
+ * before triggering __underlying_memcpy() call. We do not pass these checks here,
+ * so bypass them for now. */
+# if RTLNX_VER_MIN(5,18,0)
+# define SUPDRV_MEMCPY __underlying_memcpy
+# else
+# define SUPDRV_MEMCPY memcpy
+# endif
+#else
+# define SUPDRV_MEMCPY memcpy
+#endif
/*
* Logging assignments:
@@ -266,6 +278,8 @@
SUPEXP_STK_BACK( 2, SUPR0ContFree),
SUPEXP_STK_BACK( 2, SUPR0ChangeCR4),
SUPEXP_STK_BACK( 1, SUPR0EnableVTx),
+ SUPEXP_STK_OKAY( 1, SUPR0FpuBegin),
+ SUPEXP_STK_OKAY( 1, SUPR0FpuEnd),
SUPEXP_STK_BACK( 0, SUPR0SuspendVTxOnCpu),
SUPEXP_STK_BACK( 1, SUPR0ResumeVTxOnCpu),
SUPEXP_STK_OKAY( 1, SUPR0GetCurrentGdtRw),
@@ -1742,7 +1756,7 @@
/* execute */
pReq->u.Out.cFunctions = RT_ELEMENTS(g_aFunctions);
- memcpy(&pReq->u.Out.aFunctions[0], g_aFunctions, sizeof(g_aFunctions));
+ SUPDRV_MEMCPY(&pReq->u.Out.aFunctions[0], g_aFunctions, sizeof(g_aFunctions));
pReq->Hdr.rc = VINF_SUCCESS;
return 0;
}
Index: src/VBox/HostDrivers/Support/darwin/SUPDrv-darwin.cpp
===================================================================
--- trunk/src/VBox/HostDrivers/Support/darwin/SUPDrv-darwin.cpp (revision 151556)
+++ trunk/src/VBox/HostDrivers/Support/darwin/SUPDrv-darwin.cpp (working copy)
@@ -2002,6 +2002,18 @@
}
+SUPR0DECL(bool) SUPR0FpuBegin(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+ return false;
+}
+
+
+SUPR0DECL(void) SUPR0FpuEnd(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+}
+
/*
*
* org_virtualbox_SupDrv
Index: src/VBox/HostDrivers/Support/freebsd/SUPDrv-freebsd.c
===================================================================
--- trunk/src/VBox/HostDrivers/Support/freebsd/SUPDrv-freebsd.c (revision 151556)
+++ trunk/src/VBox/HostDrivers/Support/freebsd/SUPDrv-freebsd.c (working copy)
@@ -640,3 +640,16 @@
return 0;
}
+
+SUPR0DECL(bool) SUPR0FpuBegin(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+ return false;
+}
+
+
+SUPR0DECL(void) SUPR0FpuEnd(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+}
+
Index: src/VBox/HostDrivers/Support/linux/SUPDrv-linux.c
===================================================================
--- trunk/src/VBox/HostDrivers/Support/linux/SUPDrv-linux.c (revision 151556)
+++ trunk/src/VBox/HostDrivers/Support/linux/SUPDrv-linux.c (working copy)
@@ -1454,6 +1454,31 @@
}
+SUPR0DECL(bool) SUPR0FpuBegin(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+#if RTLNX_VER_MIN(5,18,0)
+ kernel_fpu_begin();
+ /* if (fCtxHook) */
+ preempt_enable(); /* HACK ALERT! undo the implicit preempt_disable() in kernel_fpu_begin(). */
+ return true;
+#else
+ return false;
+#endif
+}
+
+
+SUPR0DECL(void) SUPR0FpuEnd(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+#if RTLNX_VER_MIN(5,18,0)
+ /* if (fCtxHook) */
+ preempt_disable(); /* HACK ALERT! undo the implicit preempt_enable() in SUPR0FpuBegin(). */
+ kernel_fpu_end();
+#endif
+}
+
+
int VBOXCALL supdrvOSGetCurrentGdtRw(RTHCUINTPTR *pGdtRw)
{
#if RTLNX_VER_MIN(4,12,0)
Index: src/VBox/HostDrivers/Support/os2/SUPDrv-os2.cpp
===================================================================
--- trunk/src/VBox/HostDrivers/Support/os2/SUPDrv-os2.cpp (revision 151556)
+++ trunk/src/VBox/HostDrivers/Support/os2/SUPDrv-os2.cpp (working copy)
@@ -541,3 +541,16 @@
return 0;
}
+
+SUPR0DECL(bool) SUPR0FpuBegin(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+ return false;
+}
+
+
+SUPR0DECL(void) SUPR0FpuEnd(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+}
+
Index: src/VBox/HostDrivers/Support/solaris/SUPDrv-solaris.c
===================================================================
--- trunk/src/VBox/HostDrivers/Support/solaris/SUPDrv-solaris.c (revision 151556)
+++ trunk/src/VBox/HostDrivers/Support/solaris/SUPDrv-solaris.c (working copy)
@@ -1309,3 +1309,16 @@
return 0;
}
+
+SUPR0DECL(bool) SUPR0FpuBegin(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+ return false;
+}
+
+
+SUPR0DECL(void) SUPR0FpuEnd(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+}
+
Index: src/VBox/HostDrivers/Support/win/SUPDrv-win.cpp
===================================================================
--- trunk/src/VBox/HostDrivers/Support/win/SUPDrv-win.cpp (revision 151556)
+++ trunk/src/VBox/HostDrivers/Support/win/SUPDrv-win.cpp (working copy)
@@ -2704,6 +2704,19 @@
}
+SUPR0DECL(bool) SUPR0FpuBegin(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+ return false;
+}
+
+
+SUPR0DECL(void) SUPR0FpuEnd(bool fCtxHook)
+{
+ RT_NOREF(fCtxHook);
+}
+
+
SUPR0DECL(int) SUPR0IoCtlSetupForHandle(PSUPDRVSESSION pSession, intptr_t hHandle, uint32_t fFlags, PSUPR0IOCTLCTX *ppCtx)
{
/*
Index: src/VBox/HostDrivers/VBoxNetFlt/linux/VBoxNetFlt-linux.c
===================================================================
--- trunk/src/VBox/HostDrivers/VBoxNetFlt/linux/VBoxNetFlt-linux.c (revision 151556)
+++ trunk/src/VBox/HostDrivers/VBoxNetFlt/linux/VBoxNetFlt-linux.c (working copy)
@@ -2311,7 +2311,13 @@
vboxNetFltDumpPacket(pSG, true, "host", (fDst & INTNETTRUNKDIR_WIRE) ? 0 : 1);
Log6(("vboxNetFltPortOsXmit: pBuf->cb dump:\n%.*Rhxd\n", sizeof(pBuf->cb), pBuf->cb));
Log6(("vboxNetFltPortOsXmit: netif_rx_ni(%p)\n", pBuf));
+#if RTLNX_VER_MIN(5,18,0)
+ local_bh_disable();
+ err = netif_rx(pBuf);
+ local_bh_enable();
+#else
err = netif_rx_ni(pBuf);
+#endif
if (err)
rc = RTErrConvertFromErrno(err);
}
Index: src/VBox/VMM/VMMR0/CPUMR0.cpp
===================================================================
--- trunk/src/VBox/VMM/VMMR0/CPUMR0.cpp (revision 151556)
+++ trunk/src/VBox/VMM/VMMR0/CPUMR0.cpp (working copy)
@@ -440,6 +440,9 @@
Assert(!(pVCpu->cpum.s.fUseFlags & CPUM_USED_FPU_GUEST));
Assert(!(pVCpu->cpum.s.fUseFlags & CPUM_SYNC_FPU_STATE));
+ /* Notify the support driver prior to loading the guest-FPU register state. */
+ SUPR0FpuBegin(false /* unused */);
+
if (!pVM->cpum.s.HostFeatures.fLeakyFxSR)
{
Assert(!(pVCpu->cpum.s.fUseFlags & CPUM_USED_MANUAL_XMM_RESTORE));
@@ -484,6 +487,9 @@
Assert(ASMGetCR4() & X86_CR4_OSFXSR);
if (pVCpu->cpum.s.fUseFlags & (CPUM_USED_FPU_GUEST | CPUM_USED_FPU_HOST))
{
+ /* Notify the support driver prior to loading the host-FPU register state. */
+ SUPR0FpuEnd(false /* unused */);
+
fSavedGuest = RT_BOOL(pVCpu->cpum.s.fUseFlags & CPUM_USED_FPU_GUEST);
if (!(pVCpu->cpum.s.fUseFlags & CPUM_USED_MANUAL_XMM_RESTORE))
cpumR0SaveGuestRestoreHostFPUState(&pVCpu->cpum.s);

14
pkgs/applications/virtualization/virtualbox/qt-env-vars.patch Normal file
View file

@ -0,0 +1,14 @@
--- a/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp
+++ b/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp
@@ -2131,6 +2131,11 @@ static void supR3HardenedMainPurgeEnvironment(char **envp)
/** @todo Call NT API to do the same. */
#endif
}
+
+ /*
+ * NixOS hack: Set QT_PLUGIN_PATH to make Qt find plugins.
+ */
+ setenv("QT_PLUGIN_PATH", "@qtPluginPath@", /*overwrite=*/ 1);
}

16
pkgs/applications/virtualization/virtualbox/qtx11extras.patch Normal file
View file

@ -0,0 +1,16 @@
diff --git a/kBuild/units/qt5.kmk b/kBuild/units/qt5.kmk
index 71b96a3..73391f0 100644
--- a/kBuild/units/qt5.kmk
+++ b/kBuild/units/qt5.kmk
@@ -1054,9 +1054,9 @@ else
$(eval $(target)_LIBS += $(PATH_SDK_QT5_LIB)/$(qt_prefix)qtmain$(qt_infix)$(SUFF_LIB) )
endif
else
- $(eval $(target)_LIBS += $(foreach module,$(qt_modules), $(PATH_SDK_QT5_LIB)/lib$(qt_prefix)Qt5$(module)$(qt_infix)$(SUFF_DLL)) )
+ $(eval $(target)_LIBS += $(foreach module,$(qt_modules), $(if $(filter X11Extras,$(module)),$(PATH_QT5_X11_EXTRAS_LIB),$(PATH_SDK_QT5_LIB))/lib$(qt_prefix)Qt5$(module)$(qt_infix)$(SUFF_DLL)) )
endif
- $(eval $(target)_INCS += $(addprefix $(PATH_SDK_QT5_INC)/Qt,$(qt_modules)) $(PATH_SDK_QT5_INC) )
+ $(eval $(target)_INCS += $(addprefix $(PATH_SDK_QT5_INC)/Qt,$(qt_modules)) $(PATH_SDK_QT5_INC) $(PATH_QT5_X11_EXTRAS_INC)/QtX11Extras )
endif
$(eval $(target)_DEFS += $(foreach module,$(toupper $(qt_modules)), QT_$(module)_LIB) )

44
pkgs/applications/virtualization/virtualbox/update.sh Executable file
View file

@ -0,0 +1,44 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p curl common-updater-scripts nix-prefetch-scripts jq
set -xeuo pipefail
nixpkgs="$(git rev-parse --show-toplevel)"
attr=virtualbox
oldVersion="$(nix-instantiate --eval -E "with import $nixpkgs {}; $attr.version or (builtins.parseDrvName $attr.name).version" | tr -d '"')"
latestVersion="$(curl -sS https://download.virtualbox.org/virtualbox/LATEST.TXT)"
function fileShaSum() {
echo "$1" | grep -w $2 | cut -f1 -d' '
}
function oldHash() {
nix-instantiate --eval --strict -A "$1.drvAttrs.outputHash" | tr -d '"'
}
function nixFile() {
nix-instantiate --eval --strict -A "${1}.meta.position" | sed -re 's/^"(.*):[0-9]+"$/\1/'
}
if [ ! "$oldVersion" = "$latestVersion" ]; then
shaSums=$(curl -sS https://download.virtualbox.org/virtualbox/$latestVersion/SHA256SUMS)
virtualBoxShaSum=$(fileShaSum "$shaSums" "VirtualBox-$latestVersion.tar.bz2")
extpackShaSum=$(fileShaSum "$shaSums" "Oracle_VM_VirtualBox_Extension_Pack-$latestVersion.vbox-extpack")
guestAdditionsShaSum=$(fileShaSum "$shaSums" "*VBoxGuestAdditions_$latestVersion.iso")
virtualboxNixFile=$(nixFile ${attr})
extpackNixFile=$(nixFile ${attr}Extpack)
guestAdditionsNixFile=$(nixFile linuxPackages.${attr}GuestAdditions)
extpackOldShaSum=$(oldHash ${attr}Extpack)
guestAdditionsOldShaSum=$(oldHash linuxPackages.${attr}GuestAdditions.src)
update-source-version $attr $latestVersion $virtualBoxShaSum
sed -i -e 's|value = "'$extpackOldShaSum'"|value = "'$extpackShaSum'"|' $extpackNixFile
sed -i -e 's|sha256 = "'$guestAdditionsOldShaSum'"|sha256 = "'$guestAdditionsShaSum'"|' $guestAdditionsNixFile
git add $virtualboxNixFile $extpackNixFile $guestAdditionsNixFile
git commit -m "$attr: ${oldVersion} -> ${latestVersion}"
else
echo "$attr is already up-to-date"
fi