b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

virtualbox: 7.0.6 -> 7.0.8

Browse source
This commit is contained in:
Alexandre Iooss 2023-05-19 08:48:51 +02:00
parent c84fbf1f2d
commit 38bca18244
5 changed files with 112 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
pkgs/applications/virtualization/virtualbox/default.nix
View file

@ -1,5 +1,5 @@
{ config, stdenv, fetchurl, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook
, libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL, libcap, libGL
, libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL2, libcap, libGL, libGLU
, libpng, glib, lvm2, libXrandr, libXinerama, libopus, qtbase, qtx11extras
, qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43
, alsa-lib, curl, libvpx, nettools, dbus, substituteAll, gsoap, zlib
@ -24,14 +24,14 @@ let
buildType = "release";
# Use maintainers/scripts/update.nix to update the version and all related hashes or
# change the hashes in extpack.nix and guest-additions/default.nix as well manually.
version = "7.0.6";
version = "7.0.8";
in stdenv.mkDerivation {
pname = "virtualbox";
inherit version;
src = fetchurl {
url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
sha256 = "f146d9a86a35af0abb010e628636fd800cb476cc2ce82f95b0c0ca876e1756ff";
url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}a.tar.bz2";
sha256 = "7de37359518d467b7f888235175cd388f66e9f16bd9359dd6265fbc95933c1e6";
};
outputs = [ "out" "modsrc" ];
@ -45,12 +45,12 @@ in stdenv.mkDerivation {
buildInputs = [
acpica-tools dev86 libxslt libxml2 xorgproto libX11 libXext libXcursor libIDL
libcap glib lvm2 alsa-lib curl libvpx pam makeself perl
libXmu libpng libopus python3 ]
libXmu libXrandr libpng libopus python3 ]
++ optional javaBindings jdk
++ optional pythonBindings python3 # Python is needed even when not building bindings
++ optional pulseSupport libpulseaudio
++ optionals headless [ libXrandr libGL ]
++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL ]
++ optionals headless [ libGL ]
++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL2 libGLU ]
++ optionals enableWebService [ gsoap zlib ];
hardeningDisable = [ "format" "fortify" "pic" "stackprotector" ];
@ -82,6 +82,8 @@ in stdenv.mkDerivation {
patches =
optional enableHardening ./hardened.patch
# Since VirtualBox 7.0.8, VBoxSDL requires SDL2, but the build framework uses SDL1
++ optional (!headless) ./fix-sdl.patch
++ [ ./extra_symbols.patch ]
# When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees
# the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH.

2
pkgs/applications/virtualization/virtualbox/extpack.nix
View file

@ -12,7 +12,7 @@ fetchurl rec {
# Manually sha256sum the extensionPack file, must be hex!
# Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`.
# Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS
let value = "292961aa8723b54f96f89f6d8abf7d8e29259d94b7de831dbffb9ae15d346434";
let value = "452320f3b1da42b30c32ea5ab5887983b575638ceb4e3beacfefbbb3b0510a48";
in assert (builtins.stringLength value) == 64; value;
meta = {

72
pkgs/applications/virtualization/virtualbox/fix-sdl.patch Normal file
View file

@ -0,0 +1,72 @@
diff --git a/configure b/configure
index 5edefba..a17e8c5 100755
--- a/configure
+++ b/configure
@@ -1184,10 +1184,10 @@ check_sdl()
fail
fi
else
- if which_wrapper sdl-config > /dev/null; then
- FLGSDL=`sdl-config --cflags`
+ if which_wrapper sdl2-config > /dev/null; then
+ FLGSDL=`sdl2-config --cflags`
INCSDL=`strip_I "$FLGSDL"`
- LIBSDL=`sdl-config --libs`
+ LIBSDL=`sdl2-config --libs`
LIBSDLMAIN="-lSDLmain"
FLDSDL=
foundsdl=1
diff --git a/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp b/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
index 16dc282..4889865 100644
--- a/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
+++ b/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
@@ -56,7 +56,7 @@ using namespace com;
# pragma warning(push)
# pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
# endif
-# include <SDL_syswm.h> /* for SDL_GetWMInfo() */
+# include <SDL2/SDL_syswm.h> /* for SDL_GetWMInfo() */
# ifdef _MSC_VER
# pragma warning(pop)
# endif
diff --git a/src/VBox/Frontends/VBoxSDL/Makefile.kmk b/src/VBox/Frontends/VBoxSDL/Makefile.kmk
index da43153..2aa8cd7 100644
--- a/src/VBox/Frontends/VBoxSDL/Makefile.kmk
+++ b/src/VBox/Frontends/VBoxSDL/Makefile.kmk
@@ -79,10 +79,6 @@ if !defined(VBOX_WITH_HARDENING) || "$(KBUILD_TARGET)" != "darwin" # No hardened
VBoxSDL_INCS += \
$(VBOX_XCURSOR_INCS)
endif
- ifn1of ($(KBUILD_TARGET), solaris) # Probably wrong with SDL2
- VBoxSDL_LIBS = \
- $(LIB_SDK_LIBSDL2_SDLMAIN)
- endif
if1of ($(KBUILD_TARGET), freebsd linux netbsd openbsd solaris) # X11
VBoxSDL_LIBS += \
$(PATH_STAGE_DLL)/VBoxKeyboard$(VBOX_SUFF_DLL) \
diff --git a/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp b/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
index 065c391..22788e1 100644
--- a/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
+++ b/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
@@ -64,7 +64,7 @@ using namespace com;
# pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
#endif
#ifndef RT_OS_DARWIN
-# include <SDL_syswm.h> /* for SDL_GetWMInfo() */
+# include <SDL2/SDL_syswm.h> /* for SDL_GetWMInfo() */
#endif
#ifdef _MSC_VER
# pragma warning(pop)
diff --git a/src/VBox/Frontends/VBoxSDL/VBoxSDL.h b/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
index dde548f..8fc9fb3 100644
--- a/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
+++ b/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
@@ -45,7 +45,7 @@
# pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
# pragma warning(disable: 4668) /* warning C4668: '__GNUC__' is not defined as a preprocessor macro, replacing with '0' for '#if/#elif' */
#endif
-#include <SDL.h>
+#include <SDL2/SDL.h>
#ifdef _MSC_VER
# pragma warning(pop)
#endif

2
pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
View file

@ -23,7 +23,7 @@ in stdenv.mkDerivation rec {
src = fetchurl {
url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso";
sha256 = "21e0f407d2a4f5c286084a70718aa20235ea75969eca0cab6cfab43a3499a010";
sha256 = "8d73e2361afbf696e6128ffa5e96d9f6a78ff32cb2cb54c727a5be7992be0b31";
};
KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";

58
pkgs/applications/virtualization/virtualbox/hardened.patch
View file

@ -1,8 +1,8 @@
diff --git a/include/iprt/mangling.h b/include/iprt/mangling.h
index 25b918d1..1420ff1d 100644
index 991dd9e..defc781 100644
--- a/include/iprt/mangling.h
+++ b/include/iprt/mangling.h
@@ -1695,6 +1695,7 @@
@@ -1802,6 +1802,7 @@
# define RTPathStripSuffix RT_MANGLER(RTPathStripSuffix)
# define RTPathStripFilename RT_MANGLER(RTPathStripFilename)
# define RTPathStripTrailingSlash RT_MANGLER(RTPathStripTrailingSlash)
@ -10,7 +10,7 @@ index 25b918d1..1420ff1d 100644
# define RTPathTemp RT_MANGLER(RTPathTemp)
# define RTPathTraverseList RT_MANGLER(RTPathTraverseList)
# define RTPathUnlink RT_MANGLER(RTPathUnlink)
@@ -1734,6 +1735,7 @@
@@ -1842,6 +1843,7 @@
# define RTProcGetAffinityMask RT_MANGLER(RTProcGetAffinityMask)
# define RTProcGetExecutablePath RT_MANGLER(RTProcGetExecutablePath)
# define RTProcGetPriority RT_MANGLER(RTProcGetPriority)
@ -19,10 +19,10 @@ index 25b918d1..1420ff1d 100644
# define RTProcQueryParent RT_MANGLER(RTProcQueryParent)
# define RTProcQueryUsername RT_MANGLER(RTProcQueryUsername)
diff --git a/include/iprt/path.h b/include/iprt/path.h
index 99060e35..ccfbeb76 100644
index 89bf8f6..5caa578 100644
--- a/include/iprt/path.h
+++ b/include/iprt/path.h
@@ -1221,6 +1221,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, const char *p
@@ -1235,6 +1235,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, const char *p
*/
RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath);
@ -39,10 +39,10 @@ index 99060e35..ccfbeb76 100644
* Gets the user home directory.
*
diff --git a/include/iprt/process.h b/include/iprt/process.h
index f4f67dd4..ab882a19 100644
index 4ca981e..058ae7a 100644
--- a/include/iprt/process.h
+++ b/include/iprt/process.h
@@ -352,6 +352,16 @@ RTR3DECL(const char *) RTProcExecutablePath(void);
@@ -384,6 +384,16 @@ RTR3DECL(const char *) RTProcExecutablePath(void);
*/
RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath);
@ -60,10 +60,10 @@ index f4f67dd4..ab882a19 100644
* Daemonize the current process, making it a background process.
*
diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
index 75ff8572..18a077b7 100644
index e78a397..ff5b541 100644
--- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
+++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
@@ -1531,9 +1531,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
@@ -1541,9 +1541,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
bool fBad = !fRelaxed || pFsObjState->Stat.st_gid != 2 /*bin*/ || suplibHardenedStrCmp(pszPath, "/usr/lib/iconv");
# else
NOREF(fRelaxed);
@ -76,10 +76,10 @@ index 75ff8572..18a077b7 100644
"An unknown (and thus untrusted) group has write access to '", pszPath,
"' and we therefore cannot trust the directory content or that of any subdirectory");
diff --git a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
index 2991d3a7..d042a08b 100644
index 01d7a9f..e52a291 100644
--- a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
+++ b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
@@ -90,7 +90,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
@@ -100,7 +100,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
/* Get the path to the executable directory w/ trailing slash: */
char szPath[RTPATH_MAX];
@ -89,10 +89,10 @@ index 2991d3a7..d042a08b 100644
size_t cbBufLeft = RTPathEnsureTrailingSeparator(szPath, sizeof(szPath));
AssertReturn(cbBufLeft > 0, VERR_FILENAME_TOO_LONG);
diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
index 2e57690a..3272c840 100644
index 773d27f..874ec2d 100644
--- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp
+++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
@@ -188,7 +188,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
@@ -198,7 +198,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
* ASSUME it is relative to the directory that holds VBoxSVC.
*/
char szExePath[RTPATH_MAX];
@ -102,28 +102,28 @@ index 2e57690a..3272c840 100644
int vrc = RTPathAppend(szExePath, sizeof(szExePath), m->pszProcName);
AssertLogRelRCReturn(vrc, vrc);
diff --git a/src/VBox/Main/src-server/generic/NetIf-generic.cpp b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
index af155966..3b8e793d 100644
index 1e2eb61..893344c 100644
--- a/src/VBox/Main/src-server/generic/NetIf-generic.cpp
+++ b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
@@ -48,7 +48,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
@@ -62,7 +62,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
const char *args[] = { NULL, pcszIfName, pszAddr, pszOption, pszMask, NULL };
char szAdpCtl[RTPATH_MAX];
- int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
+ int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
if (RT_FAILURE(rc))
- int vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
+ int vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
if (RT_FAILURE(vrc))
{
LogRel(("NetIfAdpCtl: failed to get program path, rc=%Rrc.\n", rc));
@@ -95,7 +95,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
LogRel(("NetIfAdpCtl: failed to get program path, vrc=%Rrc.\n", vrc));
@@ -109,7 +109,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
int NetIfAdpCtlOut(const char * pcszName, const char * pcszCmd, char *pszBuffer, size_t cBufSize)
{
char szAdpCtl[RTPATH_MAX];
- int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
+ int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
if (RT_FAILURE(rc))
- int vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
+ int vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
if (RT_FAILURE(vrc))
{
LogRel(("NetIfAdpCtlOut: Failed to get program path, rc=%Rrc\n", rc));
@@ -210,7 +210,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
LogRel(("NetIfAdpCtlOut: Failed to get program path, vrc=%Rrc\n", vrc));
@@ -224,7 +224,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
progress.queryInterfaceTo(aProgress);
char szAdpCtl[RTPATH_MAX];
@ -133,10 +133,10 @@ index af155966..3b8e793d 100644
{
progress->i_notifyComplete(E_FAIL,
diff --git a/src/VBox/Runtime/r3/path.cpp b/src/VBox/Runtime/r3/path.cpp
index 4b1a0ada..7f6dd707 100644
index bcd8deb..46ecd1e 100644
--- a/src/VBox/Runtime/r3/path.cpp
+++ b/src/VBox/Runtime/r3/path.cpp
@@ -81,6 +81,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath)
@@ -91,6 +91,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath)
}
@ -150,10 +150,10 @@ index 4b1a0ada..7f6dd707 100644
{
#if !defined(RT_OS_WINDOWS) && defined(RTPATH_APP_PRIVATE)
diff --git a/src/VBox/Runtime/r3/process.cpp b/src/VBox/Runtime/r3/process.cpp
index 5f7c7a87..59461cfa 100644
index f9d1ecf..042e599 100644
--- a/src/VBox/Runtime/r3/process.cpp
+++ b/src/VBox/Runtime/r3/process.cpp
@@ -117,6 +117,25 @@ RTR3DECL(const char *) RTProcExecutablePath(void)
@@ -127,6 +127,25 @@ RTR3DECL(const char *) RTProcExecutablePath(void)
return g_szrtProcExePath;
}