diff options
Diffstat (limited to 'pkgs/applications/virtualization/crosvm/default.nix')
-rw-r--r-- | pkgs/applications/virtualization/crosvm/default.nix | 56 |
1 files changed, 26 insertions, 30 deletions
diff --git a/pkgs/applications/virtualization/crosvm/default.nix b/pkgs/applications/virtualization/crosvm/default.nix index a4de1433ae735..11d8f2223656f 100644 --- a/pkgs/applications/virtualization/crosvm/default.nix +++ b/pkgs/applications/virtualization/crosvm/default.nix @@ -1,60 +1,56 @@ -{ stdenv, lib, rustPlatform, fetchgit -, minijail-tools, pkg-config, protobuf, wayland-scanner +{ stdenv, lib, rust, rustPlatform, fetchgit, fetchpatch +, clang, pkg-config, protobuf, python3, wayland-scanner , libcap, libdrm, libepoxy, minijail, virglrenderer, wayland, wayland-protocols }: rustPlatform.buildRustPackage rec { pname = "crosvm"; - version = "104.0"; + version = "107.1"; src = fetchgit { - url = "https://chromium.googlesource.com/crosvm/crosvm"; - rev = "265aab613b1eb31598ea0826f04810d9f010a2c6"; - sha256 = "OzbtPHs6BWK83RZ/6eCQHA61X6SY8FoBkaN70a37pvc="; + url = "https://chromium.googlesource.com/chromiumos/platform/crosvm"; + rev = "5a49a836e63aa6e9ae38b80daa09a013a57bfb7f"; + sha256 = "F+5i3R7Tbd9xF63Olnyavzg/hD+8HId1duWm8bvAmLA="; fetchSubmodules = true; }; separateDebugInfo = true; patches = [ - ./default-seccomp-policy-dir.diff + # Backport seccomp sandbox update for recent Glibc. + # fetchpatch is not currently gerrit/gitiles-compatible, so we + # have to use the mirror. + # https://github.com/NixOS/nixpkgs/pull/133604 + (fetchpatch { + url = "https://github.com/google/crosvm/commit/aae01416807e7c15270b3d44162610bcd73952ff.patch"; + sha256 = "nQuOMOwBu8QvfwDSuTz64SQhr2dF9qXt2NarbIU55tU="; + }) ]; - cargoLock.lockFile = ./Cargo.lock; + cargoSha256 = "1jg9x5adz1lbqdwnzld4xg4igzmh90nd9xm287cgkvh5fbmsjfjv"; - nativeBuildInputs = [ minijail-tools pkg-config protobuf wayland-scanner ]; + nativeBuildInputs = [ clang pkg-config protobuf python3 wayland-scanner ]; buildInputs = [ libcap libdrm libepoxy minijail virglrenderer wayland wayland-protocols ]; - arch = stdenv.hostPlatform.parsed.cpu.name; - - postPatch = '' - cp ${cargoLock.lockFile} Cargo.lock - sed -i "s|/usr/share/policy/crosvm/|$PWD/seccomp/$arch/|g" \ - seccomp/$arch/*.policy + preConfigure = '' + patchShebangs third_party/minijail/tools/*.py + substituteInPlace build.rs --replace '"clang"' '"${stdenv.cc.targetPrefix}clang"' ''; - preBuild = '' - export DEFAULT_SECCOMP_POLICY_DIR=$out/share/policy - - for policy in seccomp/$arch/*.policy; do - compile_seccomp_policy \ - --default-action trap $policy ''${policy%.policy}.bpf - done + "CARGO_TARGET_${lib.toUpper (builtins.replaceStrings ["-"] ["_"] (rust.toRustTarget stdenv.hostPlatform))}_LINKER" = + "${stdenv.cc.targetPrefix}cc"; - substituteInPlace seccomp/$arch/*.policy \ - --replace "@include $(pwd)/seccomp/$arch/" "@include $out/share/policy/" - ''; + # crosvm mistakenly expects the stable protocols to be in the root + # of the pkgdatadir path, rather than under the "stable" + # subdirectory. + PKG_CONFIG_WAYLAND_PROTOCOLS_PKGDATADIR = + "${wayland-protocols}/share/wayland-protocols/stable"; buildFeatures = [ "default" "virgl_renderer" "virgl_renderer_next" ]; - postInstall = '' - mkdir -p $out/share/policy/ - cp -v seccomp/$arch/*.{policy,bpf} $out/share/policy/ - ''; - passthru.updateScript = ./update.py; meta = with lib; { |