aland/nixpkgs-odroid-hc4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

Browse source 
https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948
this can do it nicely.

Signed-off-by: Anton Arapov <anton@deadbeef.mx>
This commit is contained in:
Anton Arapov 2021-04-03 12:58:10 +02:00 committed by Alan Daniels
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

16
pkgs/applications/virtualization/xen/0000-fix-install-python.patch Normal file
View file

@ -0,0 +1,16 @@
tools/python/install-wrap script brakes shebangs patching, disable
diff --git a/tools/Rules.mk b/tools/Rules.mk
index 87a56dc..a7da869 100644
--- a/tools/Rules.mk
+++ b/tools/Rules.mk
@@ -90,8 +90,7 @@ CFLAGS += $(CFLAGS-y)
CFLAGS += $(EXTRA_CFLAGS_XEN_TOOLS)
-INSTALL_PYTHON_PROG = \
- $(XEN_ROOT)/tools/python/install-wrap "$(PYTHON_PATH)" $(INSTALL_PROG)
+INSTALL_PYTHON_PROG = $(INSTALL_PROG)
%.opic: %.c
$(CC) $(CPPFLAGS) -DPIC $(CFLAGS) $(CFLAGS_$*.opic) -fPIC -c -o $@ $< $(APPEND_CFLAGS)

27
pkgs/applications/virtualization/xen/0000-fix-ipxe-src.patch Normal file
View file

@ -0,0 +1,27 @@
hack to make etherboot use prefetched ipxe
diff --git a/tools/firmware/etherboot/Makefile b/tools/firmware/etherboot/Makefile
index a0578d2..64428a0 100644
--- a/tools/firmware/etherboot/Makefile
+++ b/tools/firmware/etherboot/Makefile
@@ -16,6 +16,7 @@ IPXE_TARBALL_URL ?= $(XEN_EXTFILES_URL)/ipxe-git-$(IPXE_GIT_TAG).tar.gz
D=ipxe
T=ipxe.tar.gz
+G=ipxe.git
ROMS = $(addprefix $D/src/bin/, $(addsuffix .rom, $(ETHERBOOT_NICS)))
@@ -36,9 +37,9 @@ $T:
fi
mv _$T $T
-$D/src/arch/i386/Makefile: $T Config
- rm -rf $D
- gzip -dc $T | tar xf -
+$D/src/arch/i386/Makefile: $G Config
+ mkdir $D
+ cp -a $G/* $D
for i in $$(cat patches/series) ; do \
patch -d $D -p1 --quiet <patches/$$i || exit 1 ; \
done

19
pkgs/applications/virtualization/xen/0000-qemu-seabios-enable-ATA_DMA.patch Normal file
View file

@ -0,0 +1,19 @@
diff -uNr a/src/Kconfig b/src/Kconfig
--- a/src/Kconfig 2015-08-31 10:15:13.231134858 +0200
+++ b/src/Kconfig 2015-08-31 10:14:24.039180178 +0200
@@ -144,13 +144,13 @@
config ATA_DMA
depends on ATA
bool "ATA DMA"
- default n
+ default y
help
Detect and try to use ATA bus mastering DMA controllers.
config ATA_PIO32
depends on ATA
bool "ATA 32bit PIO"
- default n
+ default y
help
Use 32bit PIO accesses on ATA (minor optimization on PCI transfers).
config AHCI

36
pkgs/applications/virtualization/xen/0004-makefile-use-efi-ld.patch Normal file
View file

@ -0,0 +1,36 @@
diff -Naur xen-4.10.4-orig/xen/arch/x86/Makefile xen-4.10.4-patched/xen/arch/x86/Makefile
--- xen-4.10.4-orig/xen/arch/x86/Makefile 2019-07-04 01:28:50.000000000 +1000
+++ xen-4.10.4-patched/xen/arch/x86/Makefile 2020-03-03 13:32:34.607951507 +1100
@@ -166,7 +166,7 @@
# Check if the compiler supports the MS ABI.
export XEN_BUILD_EFI := $(shell $(CC) $(filter-out $(CFLAGS-y) .%.d,$(CFLAGS)) -c efi/check.c -o efi/check.o 2>/dev/null && echo y)
# Check if the linker supports PE.
-XEN_BUILD_PE := $(if $(XEN_BUILD_EFI),$(shell $(LD) -mi386pep --subsystem=10 -o efi/check.efi efi/check.o 2>/dev/null && echo y))
+XEN_BUILD_PE := $(if $(XEN_BUILD_EFI),$(shell $(EFI_LD) -mi386pep --subsystem=10 -o efi/check.efi efi/check.o 2>/dev/null && echo y))
CFLAGS-$(XEN_BUILD_EFI) += -DXEN_BUILD_EFI
$(TARGET).efi: VIRT_BASE = 0x$(shell $(NM) efi/relocs-dummy.o | sed -n 's, A VIRT_START$$,,p')
@@ -188,20 +188,20 @@
$(TARGET).efi: prelink-efi.o $(note_file) efi.lds efi/relocs-dummy.o $(BASEDIR)/common/symbols-dummy.o efi/mkreloc
$(foreach base, $(VIRT_BASE) $(ALT_BASE), \
- $(guard) $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \
+ $(guard) $(EFI_LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< efi/relocs-dummy.o \
$(BASEDIR)/common/symbols-dummy.o $(note_file) -o $(@D)/.$(@F).$(base).0 &&) :
$(guard) efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).0) >$(@D)/.$(@F).0r.S
$(guard) $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).0 \
| $(guard) $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).0s.S
$(guard) $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o
$(foreach base, $(VIRT_BASE) $(ALT_BASE), \
- $(guard) $(LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \
+ $(guard) $(EFI_LD) $(call EFI_LDFLAGS,$(base)) -T efi.lds -N $< \
$(@D)/.$(@F).0r.o $(@D)/.$(@F).0s.o $(note_file) -o $(@D)/.$(@F).$(base).1 &&) :
$(guard) efi/mkreloc $(foreach base,$(VIRT_BASE) $(ALT_BASE),$(@D)/.$(@F).$(base).1) >$(@D)/.$(@F).1r.S
$(guard) $(NM) -pa --format=sysv $(@D)/.$(@F).$(VIRT_BASE).1 \
| $(guard) $(BASEDIR)/tools/symbols $(all_symbols) --sysv --sort >$(@D)/.$(@F).1s.S
$(guard) $(MAKE) -f $(BASEDIR)/Rules.mk $(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o
- $(guard) $(LD) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \
+ $(guard) $(EFI_LD) $(call EFI_LDFLAGS,$(VIRT_BASE)) -T efi.lds -N $< \
$(@D)/.$(@F).1r.o $(@D)/.$(@F).1s.o $(note_file) -o $@
if $(guard) false; then rm -f $@; echo 'EFI support disabled'; \
else $(NM) -pa --format=sysv $(@D)/$(@F) \

35
pkgs/applications/virtualization/xen/0005-makefile-fix-efi-mountdir-use.patch Normal file
View file

@ -0,0 +1,35 @@
EFI_MOUNTPOINT is conventionally /boot/efi or /boot/EFI or something
like that, and (on my machine) has directories within that called
{Boot, nixos, gummiboot}.
This patch does two things:
1) Xen apparently wants to put files in
$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR) - we remove the duplicate 'efi' name
because I can't see why we have it
2) Ensures the said directory exists
--- a/xen/Makefile 2016-01-08 01:50:58.028045657 +0000
+++ b/xen/Makefile 2016-01-08 01:51:33.560268718 +0000
@@ -49,7 +49,9 @@
ln -sf $(T)-$(XEN_FULLVERSION).efi $(D)$(EFI_DIR)/$(T)-$(XEN_VERSION).efi; \
ln -sf $(T)-$(XEN_FULLVERSION).efi $(D)$(EFI_DIR)/$(T).efi; \
if [ -n '$(EFI_MOUNTPOINT)' -a -n '$(EFI_VENDOR)' ]; then \
- $(INSTALL_DATA) $(TARGET).efi $(D)$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi; \
+ [ -d $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR) ] || \
+ $(INSTALL_DIR) $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR) ;\
+ $(INSTALL_DATA) $(TARGET).efi $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi; \
elif [ "$(D)" = "$(patsubst $(shell cd $(XEN_ROOT) && pwd)/%,%,$(D))" ]; then \
echo 'EFI installation only partially done (EFI_VENDOR not set)' >&2; \
fi; \
@@ -69,7 +69,7 @@
rm -f $(D)$(EFI_DIR)/$(T)-$(XEN_VERSION).$(XEN_SUBVERSION).efi
rm -f $(D)$(EFI_DIR)/$(T)-$(XEN_VERSION).efi
rm -f $(D)$(EFI_DIR)/$(T).efi
- rm -f $(D)$(EFI_MOUNTPOINT)/efi/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi
+ rm -f $(D)$(EFI_MOUNTPOINT)/$(EFI_VENDOR)/$(T)-$(XEN_FULLVERSION).efi
.PHONY: _debug
_debug:

184
pkgs/applications/virtualization/xen/4.10.nix Normal file
View file

@ -0,0 +1,184 @@
{ lib, callPackage, fetchurl, fetchpatch, fetchgit
, ocaml-ng
, withInternalQemu ? true
, withInternalTraditionalQemu ? true
, withInternalSeabios ? true
, withSeabios ? !withInternalSeabios, seabios ? null
, withInternalOVMF ? false # FIXME: tricky to build
, withOVMF ? false, OVMF
, withLibHVM ? true
# qemu
, udev, pciutils, xorg, SDL, pixman, acl, glusterfs, spice-protocol, usbredir
, alsa-lib, glib, python2
, ... } @ args:
assert withInternalSeabios -> !withSeabios;
assert withInternalOVMF -> !withOVMF;
with lib;
# Patching XEN? Check the XSAs at
# https://xenbits.xen.org/xsa/
# and try applying all the ones we don't have yet.
let
xsa = import ./xsa-patches.nix { inherit fetchpatch; };
qemuMemfdBuildFix = fetchpatch {
name = "xen-4.8-memfd-build-fix.patch";
url = "https://github.com/qemu/qemu/commit/75e5b70e6b5dcc4f2219992d7cffa462aa406af0.patch";
sha256 = "0gaz93kb33qc0jx6iphvny0yrd17i8zhcl3a9ky5ylc2idz0wiwa";
};
qemuDeps = [
udev pciutils xorg.libX11 SDL pixman acl glusterfs spice-protocol usbredir
alsa-lib glib python2
];
in
callPackage (import ./generic.nix (rec {
version = "4.10.4";
src = fetchurl {
url = "https://downloads.xenproject.org/release/xen/${version}/xen-${version}.tar.gz";
sha256 = "0ipkr7b3v3y183n6nfmz7q3gnzxa20011df4jpvxi6pmr8cpnkwh";
};
# Sources needed to build tools and firmwares.
xenfiles = optionalAttrs withInternalQemu {
qemu-xen = {
src = fetchgit {
url = "https://xenbits.xen.org/git-http/qemu-xen.git";
# rev = "refs/tags/qemu-xen-${version}";
# use revision hash - reproducible but must be updated with each new version
rev = "qemu-xen-${version}";
sha256 = "0laxvhdjz1njxjvq3jzw2yqvdr9gdn188kqjf2gcrfzgih7xv2ym";
};
buildInputs = qemuDeps;
postPatch = ''
# needed in build but /usr/bin/env is not available in sandbox
substituteInPlace scripts/tracetool.py \
--replace "/usr/bin/env python" "${python2}/bin/python"
'';
meta.description = "Xen's fork of upstream Qemu";
};
} // optionalAttrs withInternalTraditionalQemu {
qemu-xen-traditional = {
src = fetchgit {
url = "https://xenbits.xen.org/git-http/qemu-xen-traditional.git";
# rev = "refs/tags/xen-${version}";
# use revision hash - reproducible but must be updated with each new version
rev = "c8ea0457495342c417c3dc033bba25148b279f60";
sha256 = "0v5nl3c08kpjg57fb8l191h1y57ykp786kz6l525jgplif28vx13";
};
buildInputs = qemuDeps;
patches = [
];
postPatch = ''
substituteInPlace xen-hooks.mak \
--replace /usr/include/pci ${pciutils}/include/pci
'';
meta.description = "Xen's fork of upstream Qemu that uses old device model";
};
} // optionalAttrs withInternalSeabios {
"firmware/seabios-dir-remote" = {
src = fetchgit {
url = "https://xenbits.xen.org/git-http/seabios.git";
rev = "f0cdc36d2f2424f6b40438f7ee7cc502c0eff4df";
sha256 = "1wq5pjkjrfzqnq3wyr15mcn1l4c563m65gdyf8jm97kgb13pwwfm";
};
patches = [ ./0000-qemu-seabios-enable-ATA_DMA.patch ];
meta.description = "Xen's fork of Seabios";
};
} // optionalAttrs withInternalOVMF {
"firmware/ovmf-dir-remote" = {
src = fetchgit {
url = "https://xenbits.xen.org/git-http/ovmf.git";
rev = "173bf5c847e3ca8b42c11796ce048d8e2e916ff8";
sha256 = "07zmdj90zjrzip74fvd4ss8n8njk6cim85s58mc6snxmqqv7gmcr";
};
meta.description = "Xen's fork of OVMF";
};
} // {
# TODO: patch Xen to make this optional?
"firmware/etherboot/ipxe.git" = {
src = fetchgit {
url = "https://git.ipxe.org/ipxe.git";
rev = "356f6c1b64d7a97746d1816cef8ca22bdd8d0b5d";
sha256 = "15n400vm3id5r8y3k6lrp9ab2911a9vh9856f5gvphkazfnmns09";
};
meta.description = "Xen's fork of iPXE";
};
} // optionalAttrs withLibHVM {
xen-libhvm-dir-remote = {
src = fetchgit {
name = "xen-libhvm";
url = "https://github.com/michalpalka/xen-libhvm";
rev = "83065d36b36d6d527c2a4e0f5aaf0a09ee83122c";
sha256 = "1jzv479wvgjkazprqdzcdjy199azmx2xl3pnxli39kc5mvjz3lzd";
};
buildPhase = ''
make
cd biospt
cc -Wall -g -D_LINUX -Wstrict-prototypes biospt.c -o biospt -I../libhvm -L../libhvm -lxenhvm
'';
installPhase = ''
make install
cp biospt/biospt $out/bin/
'';
meta = {
description = ''
Helper library for reading ACPI and SMBIOS firmware values
from the host system for use with the HVM guest firmware
pass-through feature in Xen'';
license = licenses.bsd2;
};
};
};
configureFlags = []
++ optional (!withInternalQemu) "--with-system-qemu" # use qemu from PATH
++ optional (withInternalTraditionalQemu) "--enable-qemu-traditional"
++ optional (!withInternalTraditionalQemu) "--disable-qemu-traditional"
++ optional (withSeabios) "--with-system-seabios=${seabios}"
++ optional (!withInternalSeabios && !withSeabios) "--disable-seabios"
++ optional (withOVMF) "--with-system-ovmf=${OVMF.fd}/FV/OVMF.fd"
++ optional (withInternalOVMF) "--enable-ovmf";
NIX_CFLAGS_COMPILE = toString [
# Fix build on Glibc 2.24.
"-Wno-error=deprecated-declarations"
# Fix build with GCC 8
"-Wno-error=maybe-uninitialized"
"-Wno-error=stringop-truncation"
"-Wno-error=format-truncation"
"-Wno-error=array-bounds"
# Fix build with GCC 9
"-Wno-error=address-of-packed-member"
"-Wno-error=format-overflow"
"-Wno-error=absolute-value"
# Fix build with GCC 10
"-Wno-error=enum-conversion"
"-Wno-error=zero-length-bounds"
];
postPatch = ''
# Avoid a glibc >= 2.25 deprecation warnings that get fatal via -Werror.
sed 1i'#include <sys/sysmacros.h>' \
-i tools/blktap2/control/tap-ctl-allocate.c \
-i tools/libxl/libxl_device.c
# Makefile didn't include previous PKG_CONFIG_PATH so glib wasn't found
substituteInPlace tools/Makefile \
--replace 'PKG_CONFIG_PATH=$(XEN_ROOT)/tools/pkg-config' 'PKG_CONFIG_PATH=$(XEN_ROOT)/tools/pkg-config:$(PKG_CONFIG_PATH)'
'';
passthru = {
qemu-system-i386 = if withInternalQemu
then "lib/xen/bin/qemu-system-i386"
else throw "this xen has no qemu builtin";
};
})) ({ ocamlPackages = ocaml-ng.ocamlPackages_4_05; } // args)

262
pkgs/applications/virtualization/xen/generic.nix Normal file
View file

@ -0,0 +1,262 @@
config:
{ lib, stdenv, cmake, pkg-config, which
# Xen
, bison, bzip2, checkpolicy, dev86, figlet, flex, gettext, glib
, acpica-tools, libaio, libiconv, libuuid, ncurses, openssl, perl
, python2Packages
# python2Packages.python
, xz, yajl, zlib
# Xen Optional
, ocamlPackages
# Scripts
, coreutils, gawk, gnused, gnugrep, diffutils, multipath-tools
, iproute2, inetutils, iptables, bridge-utils, openvswitch, nbd, drbd
, lvm2, util-linux, procps, systemd
# Documentation
# python2Packages.markdown
, fig2dev, ghostscript, texinfo, pandoc
, binutils-unwrapped
, ...} @ args:
with lib;
let
#TODO: fix paths instead
scriptEnvPath = concatMapStringsSep ":" (x: "${x}/bin") [
which perl
coreutils gawk gnused gnugrep diffutils util-linux multipath-tools
iproute2 inetutils iptables bridge-utils openvswitch nbd drbd
];
withXenfiles = f: concatStringsSep "\n" (mapAttrsToList f config.xenfiles);
withTools = a: f: withXenfiles (name: x: optionalString (hasAttr a x) ''
echo "processing ${name}"
__do() {
cd "tools/${name}"
${f name x}
}
( __do )
'');
# We don't want to use the wrapped version, because this version of ld is
# only used for linking the Xen EFI binary, and the build process really
# needs control over the LDFLAGS used
efiBinutils = binutils-unwrapped.overrideAttrs (oldAttrs: {
name = "efi-binutils";
configureFlags = oldAttrs.configureFlags ++ [
"--enable-targets=x86_64-pep"
];
doInstallCheck = false; # We get a spurious failure otherwise, due to host/target mis-match
});
in
stdenv.mkDerivation (rec {
inherit (config) version;
name = "xen-${version}";
dontUseCmakeConfigure = true;
hardeningDisable = [ "stackprotector" "fortify" "pic" ];
nativeBuildInputs = [ pkg-config ];
buildInputs = [
cmake which
# Xen
bison bzip2 checkpolicy dev86 figlet flex gettext glib acpica-tools libaio
libiconv libuuid ncurses openssl perl python2Packages.python xz yajl zlib
# oxenstored
ocamlPackages.findlib ocamlPackages.ocaml systemd
# Python fixes
python2Packages.wrapPython
# Documentation
python2Packages.markdown fig2dev ghostscript texinfo pandoc
# Others
] ++ (concatMap (x: x.buildInputs or []) (attrValues config.xenfiles))
++ (config.buildInputs or []);
prePatch = ''
### Generic fixes
# Xen's stubdoms, tools and firmwares need various sources that
# are usually fetched at build time using wget and git. We can't
# have that, so we prefetch them in nix-expression and setup
# fake wget and git for debugging purposes.
mkdir fake-bin
# Fake git: just print what it wants and die
cat > fake-bin/wget << EOF
#!${stdenv.shell} -e
echo ===== FAKE WGET: Not fetching \$*
[ -e \$3 ]
EOF
# Fake git: just print what it wants and die
cat > fake-bin/git << EOF
#!${stdenv.shell}
echo ===== FAKE GIT: Not cloning \$*
[ -e \$3 ]
EOF
chmod +x fake-bin/*
export PATH=$PATH:$PWD/fake-bin
# Remove in-tree qemu stuff in case we build from a tar-ball
rm -rf tools/qemu-xen tools/qemu-xen-traditional
# Fix shebangs, mainly for build-scipts
# We want to do this before getting prefetched stuff to speed things up
# (prefetched stuff has lots of files)
find . -type f | xargs sed -i 's@/usr/bin/\(python\|perl\)@/usr/bin/env \1@g'
find . -type f -not -path "./tools/hotplug/Linux/xendomains.in" \
| xargs sed -i 's@/bin/bash@${stdenv.shell}@g'
# Get prefetched stuff
${withXenfiles (name: x: ''
echo "${x.src} -> tools/${name}"
cp -r ${x.src} tools/${name}
chmod -R +w tools/${name}
'')}
'';
patches = [
./0000-fix-ipxe-src.patch
./0000-fix-install-python.patch
./0004-makefile-use-efi-ld.patch
./0005-makefile-fix-efi-mountdir-use.patch
] ++ (config.patches or []);
postPatch = ''
### Hacks
# Work around a bug in our GCC wrapper: `gcc -MF foo -v' doesn't
# print the GCC version number properly.
substituteInPlace xen/Makefile \
--replace '$(CC) $(CFLAGS) -v' '$(CC) -v'
# Hack to get `gcc -m32' to work without having 32-bit Glibc headers.
mkdir -p tools/include/gnu
touch tools/include/gnu/stubs-32.h
### Fixing everything else
substituteInPlace tools/libfsimage/common/fsimage_plugin.c \
--replace /usr $out
substituteInPlace tools/blktap2/lvm/lvm-util.c \
--replace /usr/sbin/vgs ${lvm2}/bin/vgs \
--replace /usr/sbin/lvs ${lvm2}/bin/lvs
substituteInPlace tools/misc/xenpvnetboot \
--replace /usr/sbin/mount ${util-linux}/bin/mount \
--replace /usr/sbin/umount ${util-linux}/bin/umount
substituteInPlace tools/xenmon/xenmon.py \
--replace /usr/bin/pkill ${procps}/bin/pkill
substituteInPlace tools/xenstat/Makefile \
--replace /usr/include/curses.h ${ncurses.dev}/include/curses.h
${optionalString (builtins.compareVersions config.version "4.8" >= 0) ''
substituteInPlace tools/hotplug/Linux/launch-xenstore.in \
--replace /bin/mkdir mkdir
''}
${optionalString (builtins.compareVersions config.version "4.6" < 0) ''
# TODO: use this as a template and support our own if-up scripts instead?
substituteInPlace tools/hotplug/Linux/xen-backend.rules.in \
--replace "@XEN_SCRIPT_DIR@" $out/etc/xen/scripts
# blktap is not provided by xen, but by xapi
sed -i '/blktap/d' tools/hotplug/Linux/xen-backend.rules.in
''}
${withTools "patches" (name: x: ''
${concatMapStringsSep "\n" (p: ''
echo "# Patching with ${p}"
patch -p1 < ${p}
'') x.patches}
'')}
${withTools "postPatch" (name: x: x.postPatch)}
${config.postPatch or ""}
'';
postConfigure = ''
substituteInPlace tools/hotplug/Linux/xendomains \
--replace /bin/ls ls
'';
EFI_LD = "${efiBinutils}/bin/ld";
EFI_VENDOR = "nixos";
# TODO: Flask needs more testing before enabling it by default.
#makeFlags = [ "XSM_ENABLE=y" "FLASK_ENABLE=y" "PREFIX=$(out)" "CONFIG_DIR=/etc" "XEN_EXTFILES_URL=\\$(XEN_ROOT)/xen_ext_files" ];
makeFlags = [ "PREFIX=$(out) CONFIG_DIR=/etc" "XEN_SCRIPT_DIR=/etc/xen/scripts" ]
++ (config.makeFlags or []);
buildFlags = [ "xen" "tools" ];
postBuild = ''
make -C docs man-pages
${withTools "buildPhase" (name: x: x.buildPhase)}
'';
installPhase = ''
mkdir -p $out $out/share $out/share/man
cp -prvd dist/install/nix/store/*/* $out/
cp -prvd dist/install/boot $out/boot
cp -prvd dist/install/etc $out
cp -dR docs/man1 docs/man5 $out/share/man/
${withTools "installPhase" (name: x: x.installPhase)}
# Hack
substituteInPlace $out/etc/xen/scripts/hotplugpath.sh \
--replace SBINDIR=\"$out/sbin\" SBINDIR=\"$out/bin\"
wrapPythonPrograms
# We also need to wrap pygrub, which lies in lib
wrapPythonProgramsIn "$out/lib" "$out $pythonPath"
shopt -s extglob
for i in $out/etc/xen/scripts/!(*.sh); do
sed -i "2s@^@export PATH=$out/bin:${scriptEnvPath}\n@" $i
done
'';
enableParallelBuilding = true;
# TODO(@oxij): Stop referencing args here
meta = {
homepage = "http://www.xen.org/";
description = "Xen hypervisor and related components"
+ optionalString (args ? meta && args.meta ? description)
" (${args.meta.description})";
longDescription = (args.meta.longDescription or "")
+ "\nIncludes:\n"
+ withXenfiles (name: x: "* ${name}: ${x.meta.description or "(No description)"}.");
platforms = [ "x86_64-linux" ];
maintainers = with lib.maintainers; [ eelco tstrobel oxij ];
license = lib.licenses.gpl2;
# https://xenbits.xen.org/docs/unstable/support-matrix.html
knownVulnerabilities = lib.optionals (lib.versionOlder version "4.13") [
"This version of Xen has reached its end of life. See https://xenbits.xen.org/docs/unstable/support-matrix.html"
];
} // (config.meta or {});
} // removeAttrs config [ "xenfiles" "buildInputs" "patches" "postPatch" "meta" ])

59
pkgs/applications/virtualization/xen/packages.nix Normal file
View file

@ -0,0 +1,59 @@
{ callPackage
}:
# TODO(@oxij) on new Xen version: generalize this to generate [vanilla slim
# light] for each ./<version>.nix.
rec {
xen_4_10-vanilla = callPackage ./4.10.nix {
meta = {
description = "vanilla";
longDescription = ''
Vanilla version of Xen. Uses forks of Qemu and Seabios bundled
with Xen. This gives vanilla experince, but wastes space and
build time: typical NixOS setup that runs lots of VMs will
build three different versions of Qemu when using this (two
forks and upstream).
'';
};
};
xen_4_10-slim = xen_4_10-vanilla.override {
withInternalQemu = false;
withInternalTraditionalQemu = true;
withInternalSeabios = false;
withSeabios = true;
meta = {
description = "slim";
longDescription = ''
Slimmed-down version of Xen that reuses nixpkgs packages as
much as possible. Different parts may get out of sync, but
this builds faster and uses less space than vanilla. Use with
`qemu_xen` from nixpkgs.
'';
};
};
xen_4_10-light = xen_4_10-vanilla.override {
withInternalQemu = false;
withInternalTraditionalQemu = false;
withInternalSeabios = false;
withSeabios = true;
meta = {
description = "light";
longDescription = ''
Slimmed-down version of Xen without `qemu-traditional` (you
don't need it if you don't know what it is). Use with
`qemu_xen-light` from nixpkgs.
'';
};
};
xen-vanilla = xen_4_10-vanilla;
xen-slim = xen_4_10-slim;
xen-light = xen_4_10-light;
}

488
pkgs/applications/virtualization/xen/xsa-patches.nix Normal file
View file

@ -0,0 +1,488 @@
{ fetchpatch }:
let
xsaPatch = { name , sha256 }: (fetchpatch {
url = "https://xenbits.xen.org/xsa/xsa${name}.patch";
inherit sha256;
});
in {
# 4.5
XSA_190 = (xsaPatch {
name = "190-4.5";
sha256 = "0f8pw38kkxky89ny3ic5h26v9zsjj9id89lygx896zc3w1klafqm";
});
# 4.5
XSA_191 = (xsaPatch {
name = "191-4.6";
sha256 = "1wl1ndli8rflmc44pkp8cw4642gi8z7j7gipac8mmlavmn3wdqhg";
});
# 4.5
XSA_192 = (xsaPatch {
name = "192-4.5";
sha256 = "0m8cv0xqvx5pdk7fcmaw2vv43xhl62plyx33xqj48y66x5z9lxpm";
});
# 4.5
XSA_193 = (xsaPatch {
name = "193-4.5";
sha256 = "0k9mykhrpm4rbjkhv067f6s05lqmgnldcyb3vi8cl0ndlyh66lvr";
});
# 4.5
XSA_195 = (xsaPatch {
name = "195";
sha256 = "0m0g953qnjy2knd9qnkdagpvkkgjbk3ydgajia6kzs499dyqpdl7";
});
# 4.5
XSA_196 = [
(xsaPatch {
name = "196-0001-x86-emul-Correct-the-IDT-entry-calculation-in-inject";
sha256 = "0z53nzrjvc745y26z1qc8jlg3blxp7brawvji1hx3s74n346ssl6";
})
(xsaPatch {
name = "196-0002-x86-svm-Fix-injection-of-software-interrupts";
sha256 = "11cqvr5jn2s92wsshpilx9qnfczrd9hnyb5aim6qwmz3fq3hrrkz";
})
];
# 4.5
XSA_198 = (xsaPatch {
name = "198";
sha256 = "0d1nndn4p520c9xa87ixnyks3mrvzcri7c702d6mm22m8ansx6d9";
});
# 4.5
XSA_200 = (xsaPatch {
name = "200-4.6";
sha256 = "0k918ja83470iz5k4vqi15293zjvz2dipdhgc9sy9rrhg4mqncl7";
});
# 4.5
XSA_202_45 = (xsaPatch {
name = "202-4.6";
sha256 = "0nnznkrvfbbc8z64dr9wvbdijd4qbpc0wz2j5vpmx6b32sm7932f";
});
# 4.5
XSA_204_45 = (xsaPatch {
name = "204-4.5";
sha256 = "083z9pbdz3f532fnzg7n2d5wzv6rmqc0f4mvc3mnmkd0rzqw8vcp";
});
# 4.5
XSA_206_45 = [
(xsaPatch {
name = "206-4.5/0001-xenstored-apply-a-write-transaction-rate-limit";
sha256 = "07vsm8mlbxh2s01ny2xywnm1bqhhxas1az31fzwb6f1g14vkzwm4";
})
(xsaPatch {
name = "206-4.5/0002-xenstored-Log-when-the-write-transaction-rate-limit-";
sha256 = "17pnvxjmhny22abwwivacfig4vfsy5bqlki07z236whc2y7yzbsx";
})
(xsaPatch {
name = "206-4.5/0003-oxenstored-refactor-putting-response-on-wire";
sha256 = "0xf566yicnisliy82cydb2s9k27l3bxc43qgmv6yr2ir3ixxlw5s";
})
(xsaPatch {
name = "206-4.5/0004-oxenstored-remove-some-unused-parameters";
sha256 = "16cqx9i0w4w3x06qqdk9rbw4z96yhm0kbc32j40spfgxl82d1zlk";
})
(xsaPatch {
name = "206-4.5/0005-oxenstored-refactor-request-processing";
sha256 = "1g2hzlv7w03sqnifbzda85mwlz3bw37rk80l248180sv3k7k6bgv";
})
(xsaPatch {
name = "206-4.5/0006-oxenstored-keep-track-of-each-transaction-s-operatio";
sha256 = "0n65yfxvpfd4cz95dpbwqj3nablyzq5g7a0klvi2y9zybhch9cmg";
})
(xsaPatch {
name = "206-4.5/0007-oxenstored-move-functions-that-process-simple-operat";
sha256 = "0qllvbc9rnj7jhhlslxxs35gvphvih0ywz52jszj4irm23ka5vnz";
})
(xsaPatch {
name = "206-4.5/0008-oxenstored-replay-transaction-upon-conflict";
sha256 = "0lixkxjfzciy9l0f980cmkr8mcsx14c289kg0mn5w1cscg0hb46g";
})
(xsaPatch {
name = "206-4.5/0009-oxenstored-log-request-and-response-during-transacti";
sha256 = "09ph8ddcx0k7rndd6hx6kszxh3fhxnvdjsq13p97n996xrpl1x7b";
})
(xsaPatch {
name = "206-4.5/0010-oxenstored-allow-compilation-prior-to-OCaml-3.12.0";
sha256 = "1y0m7sqdz89z2vs4dfr45cyvxxas323rxar0xdvvvivgkgxawvxj";
})
(xsaPatch {
name = "206-4.5/0011-oxenstored-comments-explaining-some-variables";
sha256 = "1d3n0y9syya4kaavrvqn01d3wsn85gmw7qrbylkclznqgkwdsr2p";
})
(xsaPatch {
name = "206-4.5/0012-oxenstored-handling-of-domain-conflict-credit";
sha256 = "12zgid5y9vrhhpk2syxp0x01lzzr6447fa76n6rjmzi1xgdzpaf8";
})
(xsaPatch {
name = "206-4.5/0013-oxenstored-ignore-domains-with-no-conflict-credit";
sha256 = "0v3g9pm60w6qi360hdqjcw838s0qcyywz9qpl8gzmhrg7a35avxl";
})
(xsaPatch {
name = "206-4.5/0014-oxenstored-add-transaction-info-relevant-to-history-";
sha256 = "0vv3w0h5xh554i9v2vbc8gzm8wabjf2vzya3dyv5yzvly6ygv0sb";
})
(xsaPatch {
name = "206-4.5/0015-oxenstored-support-commit-history-tracking";
sha256 = "1iv2vy29g437vj73x9p33rdcr5ln2q0kx1b3pgxq202ghbc1x1zj";
})
(xsaPatch {
name = "206-4.5/0016-oxenstored-only-record-operations-with-side-effects-";
sha256 = "1cjkw5ganbg6lq78qsg0igjqvbgph3j349faxgk1p5d6nr492zzy";
})
(xsaPatch {
name = "206-4.5/0017-oxenstored-discard-old-commit-history-on-txn-end";
sha256 = "0lm15lq77403qqwpwcqvxlzgirp6ffh301any9g401hs98f9y4ps";
})
(xsaPatch {
name = "206-4.5/0018-oxenstored-track-commit-history";
sha256 = "1jh92p6vjhkm3bn5vz260npvsjji63g2imsxflxs4f3r69sz1nkd";
})
(xsaPatch {
name = "206-4.5/0019-oxenstored-blame-the-connection-that-caused-a-transa";
sha256 = "17k264pk0fvsamj85578msgpx97mw63nmj0j9v5hbj4bgfazvj4h";
})
(xsaPatch {
name = "206-4.5/0020-oxenstored-allow-self-conflicts";
sha256 = "15z3rd49q0pa72si0s8wjsy2zvbm613d0hjswp4ikc6nzsnsh4qy";
})
(xsaPatch {
name = "206-4.5/0021-oxenstored-do-not-commit-read-only-transactions";
sha256 = "04wpzazhv90lg3228z5i6vnh1z4lzd08z0d0fvc4br6pkd0w4va8";
})
(xsaPatch {
name = "206-4.5/0022-oxenstored-don-t-wake-to-issue-no-conflict-credit";
sha256 = "1shbrn0w68rlywcc633zcgykfccck1a77igmg8ydzwjsbwxsmsjy";
})
(xsaPatch {
name = "206-4.5/0023-oxenstored-transaction-conflicts-improve-logging";
sha256 = "1086y268yh8047k1vxnxs2nhp6izp7lfmq01f1gq5n7jiy1sxcq7";
})
(xsaPatch {
name = "206-4.5/0024-oxenstored-trim-history-in-the-frequent_ops-function";
sha256 = "014zs6i4gzrimn814k5i7gz66vbb0adkzr2qyai7i4fxc9h9r7w8";
})
];
# 4.5 - 4.8
XSA_207 = (xsaPatch {
name = "207";
sha256 = "0wdlhijmw9mdj6a82pyw1rwwiz605dwzjc392zr3fpb2jklrvibc";
});
# 4.5 - 4.8
XSA_212 = (xsaPatch {
name = "212";
sha256 = "1ggjbbym5irq534a3zc86md9jg8imlpc9wx8xsadb9akgjrr1r8d";
});
# 4.5
XSA_213_45 = (xsaPatch {
name = "213-4.5";
sha256 = "1vnqf89ydacr5bq3d6z2r33xb2sn5vsd934rncyc28ybc9rvj6wm";
});
# 4.5 - 4.8
XSA_214 = (xsaPatch {
name = "214";
sha256 = "0qapzx63z0yl84phnpnglpkxp6b9sy1y7cilhwjhxyigpfnm2rrk";
});
# 4.5
XSA_215 = (xsaPatch {
name = "215";
sha256 = "0sv8ccc5xp09f1w1gj5a9n3mlsdsh96sdb1n560vh31f4kkd61xs";
});
# 4.5
XSA_217_45 = (xsaPatch {
name = "217-4.5";
sha256 = "067pgsfrb9py2dhm1pk9g8f6fs40vyfrcxhj8c12vzamb6svzmn4";
});
# 4.5
XSA_218_45 = [
(xsaPatch {
name = "218-4.5/0001-IOMMU-handle-IOMMU-mapping-and-unmapping-failures";
sha256 = "00y6j3yjxw0igpldsavikmhlxw711k2jsj1qx0s05w2k608gadkq";
})
(xsaPatch {
name = "218-4.5/0002-gnttab-fix-unmap-pin-accounting-race";
sha256 = "0qbbfnnjlpdcd29mzmacfmi859k92c213l91q7w1rg2k6pzx928k";
})
(xsaPatch {
name = "218-4.5/0003-gnttab-Avoid-potential-double-put-of-maptrack-entry";
sha256 = "1cndzvyhf41mk4my6vh3bk9jvh2y4gpmqdhvl9zhxhmppszslqkc";
})
(xsaPatch {
name = "218-4.5/0004-gnttab-correct-maptrack-table-accesses";
sha256 = "02zpb0ffigijacqvyyjylwx3qpgibwslrka7mbxwnclf4s9c03a2";
})
];
# 4.5
XSA_219_45 = (xsaPatch {
name = "219-4.5";
sha256 = "003msr5vhsc66scmdpgn0lp3p01g4zfw5vj86y5lw9ajkbaywdsm";
});
# 4.5
XSA_220_45 = (xsaPatch {
name = "220-4.5";
sha256 = "1dj9nn6lzxlipjb3nb7b9m4337fl6yn2bd7ap1lqrjn8h9zkk1pp";
});
# 4.5 - 4.8
XSA_221 = (xsaPatch {
name = "221";
sha256 = "1mcr1nqgxyjrkywdg7qhlfwgz7vj2if1dhic425vgd41p9cdgl26";
});
# 4.5
XSA_222_45 = [
(xsaPatch {
name = "222-1-4.6";
sha256 = "1g4dqm5qx4wqlv1520jpfiscph95vllcp4gqp1rdfailk8xi0mcf";
})
(xsaPatch {
name = "222-2-4.5";
sha256 = "1hw8rhc7q4v309f4w11gxfsn5x1pirvxkg7s4kr711fnmvp9hkzd";
})
];
# 4.5 - 4.8
XSA_223 = (xsaPatch {
name = "223";
sha256 = "0803gjgcbq9vaz2mq0v5finf1fq8iik1g4hqsjqhjxvspn8l70c5";
});
# 4.5
XSA_224_45 = [
(xsaPatch {
name = "224-4.5/0001-gnttab-Fix-handling-of-dev_bus_addr-during-unmap";
sha256 = "1aislj66ss4cb3v2bh12mrqsyrf288d4h54rj94jjq7h1hnycw7h";
})
(xsaPatch {
name = "224-4.5/0002-gnttab-never-create-host-mapping-unless-asked-to";
sha256 = "1j6fgm1ccb07gg0mi5qmdr0vqwwc3n12z433g1jrija2gbk1x8aq";
})
(xsaPatch {
name = "224-4.5/0003-gnttab-correct-logic-to-get-page-references-during-m";
sha256 = "166kmicwx280fjqjvgigbmhabjksa0hhvqx5h4v6kjlcjpmxqy08";
})
(xsaPatch {
name = "224-4.5/0004-gnttab-__gnttab_unmap_common_complete-is-all-or-noth";
sha256 = "1skc0yj1zsn8xgyq1y57bdc0scvvlmd0ynrjwwf1zkias1wlilav";
})
];
# 4.5
XSA_226_45 = [
(xsaPatch {
name = "226-4.5/0001-gnttab-dont-use-possibly-unbounded-tail-calls";
sha256 = "1hx47ppv5q33cw4dwp82lgvv4fp28gx7rxijw0iaczsv8bvb8vcg";
})
(xsaPatch {
name = "226-4.5/0002-gnttab-fix-transitive-grant-handling";
sha256 = "1gzp8m2zfihwlk71c3lqyd0ajh9h11pvkhzhw0mawckxy0qksvlc";
})
];
# 4.5
XSA_227_45 = (xsaPatch {
name = "227-4.5";
sha256 = "1qfjfisgqm4x98qw54x2qrvgjnvvzizx9p1pjhcnsps9q6g1y3x8";
});
# 4.5 - 4.9
XSA_230 = (xsaPatch {
name = "230";
sha256 = "10x0j7wmzkrwycs1ng89fgjzvzh8vsdd4c5nb68b3j1azdx4ld83";
});
# 4.5
XSA_231_45 = (xsaPatch {
name = "231-4.5";
sha256 = "06gwx2f1lg51dfk2b4zxp7wv9c4pxdi87pg2asvmxqc78ir7l5s6";
});
# 4.5 - 4.9
XSA_232 = (xsaPatch {
name = "232";
sha256 = "0n6irjpmraa3hbxxm64a1cplc6y6g07x7v2fmlpvn70ql3fs0220";
});
# 4.5 - 4.9
XSA_233 = (xsaPatch {
name = "233";
sha256 = "1w3m8349cqav56av63w6jzvlsv4jw5rimwvskr9pq2rcbk2dx8kf";
});
# 4.5
XSA_234_45 = (xsaPatch {
name = "234-4.5";
sha256 = "1ji6hbgybb4gbgz5l5fis9midnvjbddzam8d63377rkzdyb3yz9f";
});
# 4.5
XSA_235_45 = (xsaPatch {
name = "235-4.5";
sha256 = "0hhgnql2gji111020z4wiyzg23wqs6ymanb67rg11p4qad1fp3ff";
});
# 4.5
XSA_236_45 = (xsaPatch {
name = "236-4.5";
sha256 = "0hcla86x81wykssd2967gblp7fzx61290p4ls4v0hcyxdg2bs2yz";
});
# 4.5
XSA_237_45 = [
(xsaPatch {
name = "237-4.5/0001-x86-dont-allow-MSI-pIRQ-mapping-on-unowned-device";
sha256 = "0hjxs20jhls4i0iph45a0qpw4znkm04gv74jmwhw84gy4hrhzq3b";
})
(xsaPatch {
name = "237-4.5/0002-x86-enforce-proper-privilege-when-mapping-pIRQ-s";
sha256 = "0ki8nmbc2g1l9wnqsph45a2k4c6dk5s7jvdlxg3zznyiyxjcv8yn";
})
(xsaPatch {
name = "237-4.5/0003-x86-MSI-disallow-redundant-enabling";
sha256 = "1hdz83qrjaqnihz8ji186dypxiblbfpgyb01j9m5alhk4whjqvp1";
})
(xsaPatch {
name = "237-4.5/0004-x86-IRQ-conditionally-preserve-irq-pirq-mapping-on-error";
sha256 = "0csdfn9kzn1k94pg3fcwsgqw14wcd4myi1jkcq5alj1fmkhw4wmk";
})
(xsaPatch {
name = "237-4.5/0005-x86-FLASK-fix-unmap-domain-IRQ-XSM-hook";
sha256 = "14b73rkvbkd1a2gh9kp0zrvv2d3kfwkiv24fg9agh4hrf2w3nx7y";
})
];
# 4.5
XSA_238_45 = (xsaPatch {
name = "238-4.5";
sha256 = "1x2fg5vfv5jc084h5gjm6fq0nxjpzvi96px3sqzz4pvsvy4y4i1z";
});
# 4.5
XSA_239_45 = (xsaPatch {
name = "239-4.5";
sha256 = "06bi8q3973yajxsdj7pcqarvb56q2gisxdiy0cpbyffbmpkfv3h6";
});
# 4.5
XSA_240_45 = [
(xsaPatch {
name = "240-4.5/0001-x86-limit-linear-page-table-use-to-a-single-level";
sha256 = "0pmf10mbnmb88y7mly8s2l0j88cg0ayhkcnmj1zbjrkjmpccv395";
})
(xsaPatch {
name = "240-4.5/0002-x86-mm-Disable-PV-linear-pagetables-by-default";
sha256 = "19f096ra3xndvzkjjasx73p2g25hfkm905px0p3yakwll0qzd029";
})
];
# 4.5 - 4.8
XSA_241 = (xsaPatch {
name = "241-4.8";
sha256 = "16zb75kzs98f4mdxhbyczk5mbh9dvn6j3yhfafki34x1dfdnq4pj";
});
# 4.5 - 4.9
XSA_242 = (xsaPatch {
name = "242-4.9";
sha256 = "0yx3x0i2wybsm7lzdffxa2mm866bjl4ipbb9vipnw77dyg705zpr";
});
# 4.5
XSA_243_45 = [
(xsaPatch {
name = "243-4.6-1";
sha256 = "1cqanpyysa7px0j645z4jw9yqsvv6cbh7yq1b86ap134axfifcan";
})
(xsaPatch {
name = "243-4.5-2";
sha256 = "0wbcgw4m0nzm2902jnda2020l7bd5adkq8j5myi1zmsfzbq03hwn";
})
];
# 4.5
XSA_244_45 = (xsaPatch {
name = "244-4.5";
sha256 = "05ci3vdl1ywfjpzcvsy1k52whxjk8pxzj7dh3r94yqasr56i5v2l";
});
# 4.5 - 4.9
XSA_245 = [
(xsaPatch {
name = "245/0001-xen-page_alloc-Cover-memory-unreserved-after-boot-in";
sha256 = "12brsgbn7xwakalsn10afykgqmx119mqg6vjj3v2b1pnmf4ss0w8";
})
(xsaPatch {
name = "245/0002-xen-arm-Correctly-report-the-memory-region-in-the-du";
sha256 = "1k6z5r7wnrswsczn2j3a1mc4nvxqm4ydj6n6rvgqizk2pszdkqg8";
})
];
# 4.5 - 4.7
XSA_246_45 = [
(xsaPatch {
name = "246-4.7";
sha256 = "13rad4k8z3bq15d67dhgy96kdbrjiq9sy8px0jskbpx9ygjdahkn";
})
];
# 4.5
XSA_247_45 = [
(xsaPatch {
name = "247-4.5/0001-p2m-Always-check-to-see-if-removing-a-p2m-entry-actu";
sha256 = "0h1mp5s9si8aw2gipds317f27h9pi7bgnhj0bcmw11p0ch98sg1m";
})
(xsaPatch {
name = "247-4.5/0002-p2m-Check-return-value-of-p2m_set_entry-when-decreas";
sha256 = "0vjjybxbcm4xl26wbqvcqfiyvvlayswm4f98i1fr5a9abmljn5sb";
})
];
# 4.5
XSA_248_45 = [
(xsaPatch {
name = "248-4.5";
sha256 = "0csxg6h492ddsa210b45av28iqf7cn2dfdqk4zx10zwf1pv2shyn";
})
];
# 4.5 .. 4.9
XSA_249 = [
(xsaPatch {
name = "249";
sha256 = "0v6ngzqhkz7yv4n83xlpxfbkr2qyg5b1cds7ikkinm86hiqy6agl";
})
];
# 4.5
XSA_250_45 = [
(xsaPatch {
name = "250-4.5";
sha256 = "0pqldl6qnl834gvfp90z247q9xcjh3835s2iffnajz7jhjb2145d";
})
];
# 4.5
XSA_251_45 = [
(xsaPatch {
name = "251-4.5";
sha256 = "0lc94cx271z09r0mhxaypyd9d4740051p28idf5calx5228dqjgm";
})
];
}