diff options
Diffstat (limited to 'pkgs/os-specific/linux')
185 files changed, 1496 insertions, 2542 deletions
diff --git a/pkgs/os-specific/linux/alsa-project/alsa-firmware/cross.patch b/pkgs/os-specific/linux/alsa-project/alsa-firmware/cross.patch deleted file mode 100644 index 989ccea2b9844..0000000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-firmware/cross.patch +++ /dev/null @@ -1,347 +0,0 @@ ---- a/hdsploader/Makefile.am 2015-02-26 20:36:03.000000000 +0800 -+++ b/hdsploader/Makefile.am 2019-06-28 00:43:41.557803832 +0800 -@@ -32,5 +32,14 @@ - tobin.c - CLEANFILES = $(dsp_hex_files) - --$(dsp_hex_files): tobin -- ./tobin -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(tobin_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(tobin_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(tobin_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+tobin$(BUILD_EXEEXT): $(tobin_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+$(dsp_hex_files): tobin$(BUILD_EXEEXT) -+ ./$< ---- a/m4/ax_prog_cc_for_build.m4 2019-06-27 15:50:02.274134717 +0800 -+++ b/m4/ax_prog_cc_for_build.m4 2019-06-28 01:32:45.088117432 +0800 -@@ -0,0 +1,125 @@ -+# =========================================================================== -+# https://www.gnu.org/software/autoconf-archive/ax_prog_cc_for_build.html -+# =========================================================================== -+# -+# SYNOPSIS -+# -+# AX_PROG_CC_FOR_BUILD -+# -+# DESCRIPTION -+# -+# This macro searches for a C compiler that generates native executables, -+# that is a C compiler that surely is not a cross-compiler. This can be -+# useful if you have to generate source code at compile-time like for -+# example GCC does. -+# -+# The macro sets the CC_FOR_BUILD and CPP_FOR_BUILD macros to anything -+# needed to compile or link (CC_FOR_BUILD) and preprocess (CPP_FOR_BUILD). -+# The value of these variables can be overridden by the user by specifying -+# a compiler with an environment variable (like you do for standard CC). -+# -+# It also sets BUILD_EXEEXT and BUILD_OBJEXT to the executable and object -+# file extensions for the build platform, and GCC_FOR_BUILD to `yes' if -+# the compiler we found is GCC. All these variables but GCC_FOR_BUILD are -+# substituted in the Makefile. -+# -+# LICENSE -+# -+# Copyright (c) 2008 Paolo Bonzini <bonzini@gnu.org> -+# -+# Copying and distribution of this file, with or without modification, are -+# permitted in any medium without royalty provided the copyright notice -+# and this notice are preserved. This file is offered as-is, without any -+# warranty. -+ -+#serial 9 -+ -+AU_ALIAS([AC_PROG_CC_FOR_BUILD], [AX_PROG_CC_FOR_BUILD]) -+AC_DEFUN([AX_PROG_CC_FOR_BUILD], [dnl -+AC_REQUIRE([AC_PROG_CC])dnl -+AC_REQUIRE([AC_PROG_CPP])dnl -+AC_REQUIRE([AC_EXEEXT])dnl -+AC_REQUIRE([AC_CANONICAL_HOST])dnl -+ -+dnl Use the standard macros, but make them use other variable names -+dnl -+pushdef([ac_cv_prog_CPP], ac_cv_build_prog_CPP)dnl -+pushdef([ac_cv_prog_gcc], ac_cv_build_prog_gcc)dnl -+pushdef([ac_cv_prog_cc_works], ac_cv_build_prog_cc_works)dnl -+pushdef([ac_cv_prog_cc_cross], ac_cv_build_prog_cc_cross)dnl -+pushdef([ac_cv_prog_cc_g], ac_cv_build_prog_cc_g)dnl -+pushdef([ac_cv_exeext], ac_cv_build_exeext)dnl -+pushdef([ac_cv_objext], ac_cv_build_objext)dnl -+pushdef([ac_exeext], ac_build_exeext)dnl -+pushdef([ac_objext], ac_build_objext)dnl -+pushdef([CC], CC_FOR_BUILD)dnl -+pushdef([CPP], CPP_FOR_BUILD)dnl -+pushdef([CFLAGS], CFLAGS_FOR_BUILD)dnl -+pushdef([CPPFLAGS], CPPFLAGS_FOR_BUILD)dnl -+pushdef([LDFLAGS], LDFLAGS_FOR_BUILD)dnl -+pushdef([host], build)dnl -+pushdef([host_alias], build_alias)dnl -+pushdef([host_cpu], build_cpu)dnl -+pushdef([host_vendor], build_vendor)dnl -+pushdef([host_os], build_os)dnl -+pushdef([ac_cv_host], ac_cv_build)dnl -+pushdef([ac_cv_host_alias], ac_cv_build_alias)dnl -+pushdef([ac_cv_host_cpu], ac_cv_build_cpu)dnl -+pushdef([ac_cv_host_vendor], ac_cv_build_vendor)dnl -+pushdef([ac_cv_host_os], ac_cv_build_os)dnl -+pushdef([ac_cpp], ac_build_cpp)dnl -+pushdef([ac_compile], ac_build_compile)dnl -+pushdef([ac_link], ac_build_link)dnl -+ -+save_cross_compiling=$cross_compiling -+save_ac_tool_prefix=$ac_tool_prefix -+cross_compiling=no -+ac_tool_prefix= -+ -+AC_PROG_CC -+AC_PROG_CPP -+AC_EXEEXT -+ -+ac_tool_prefix=$save_ac_tool_prefix -+cross_compiling=$save_cross_compiling -+ -+dnl Restore the old definitions -+dnl -+popdef([ac_link])dnl -+popdef([ac_compile])dnl -+popdef([ac_cpp])dnl -+popdef([ac_cv_host_os])dnl -+popdef([ac_cv_host_vendor])dnl -+popdef([ac_cv_host_cpu])dnl -+popdef([ac_cv_host_alias])dnl -+popdef([ac_cv_host])dnl -+popdef([host_os])dnl -+popdef([host_vendor])dnl -+popdef([host_cpu])dnl -+popdef([host_alias])dnl -+popdef([host])dnl -+popdef([LDFLAGS])dnl -+popdef([CPPFLAGS])dnl -+popdef([CFLAGS])dnl -+popdef([CPP])dnl -+popdef([CC])dnl -+popdef([ac_objext])dnl -+popdef([ac_exeext])dnl -+popdef([ac_cv_objext])dnl -+popdef([ac_cv_exeext])dnl -+popdef([ac_cv_prog_cc_g])dnl -+popdef([ac_cv_prog_cc_cross])dnl -+popdef([ac_cv_prog_cc_works])dnl -+popdef([ac_cv_prog_gcc])dnl -+popdef([ac_cv_prog_CPP])dnl -+ -+dnl Finally, set Makefile variables -+dnl -+BUILD_EXEEXT=$ac_build_exeext -+BUILD_OBJEXT=$ac_build_objext -+AC_SUBST(BUILD_EXEEXT)dnl -+AC_SUBST(BUILD_OBJEXT)dnl -+AC_SUBST([CFLAGS_FOR_BUILD])dnl -+AC_SUBST([CPPFLAGS_FOR_BUILD])dnl -+AC_SUBST([LDFLAGS_FOR_BUILD])dnl -+]) ---- a/configure.ac 2019-06-27 23:58:31.045413144 +0800 -+++ b/configure.ac 2019-06-28 01:45:36.511771656 +0800 -@@ -1,6 +1,8 @@ - AC_PREREQ(2.59) - AC_INIT(alsa-firmware, 1.0.29) -+AC_CONFIG_MACRO_DIR([m4]) - AC_PROG_CC -+AC_PROG_CC_FOR_BUILD - AC_PROG_INSTALL - AC_PROG_LN_S - AC_HEADER_STDC ---- a/vxloader/Makefile.am 2015-02-26 20:36:03.000000000 +0800 -+++ b/vxloader/Makefile.am 2019-06-28 01:55:19.525947146 +0800 -@@ -43,5 +43,14 @@ - hotplugfw_DATA = - endif - --%.xlx: %.rbt toxlx -- ./toxlx < $< > $@ -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(toxlx_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(toxlx_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(toxlx_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+toxlx$(BUILD_EXEEXT): $(toxlx_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+%.xlx: %.rbt toxlx$(BUILD_EXEEXT) -+ ./toxlx$(BUILD_EXEEXT) < $< > $@ ---- a/echoaudio/Makefile.am 2015-02-26 20:36:03.000000000 +0800 -+++ b/echoaudio/Makefile.am 2019-06-28 02:00:00.579426080 +0800 -@@ -74,33 +74,42 @@ - hotplugfw_DATA = - endif - --$(firmware_files): fw_writer -- ./fw_writer DSP/LoaderDSP.c loader_dsp.fw -- ./fw_writer DSP/Darla20DSP.c darla20_dsp.fw -- ./fw_writer DSP/Gina20DSP.c gina20_dsp.fw -- ./fw_writer DSP/Layla20DSP.c layla20_dsp.fw -- ./fw_writer ASIC/LaylaASIC.c layla20_asic.fw -- ./fw_writer DSP/Darla24DSP.c darla24_dsp.fw -- ./fw_writer DSP/Gina24DSP.c gina24_301_dsp.fw -- ./fw_writer ASIC/Gina24ASIC.c gina24_301_asic.fw -- ./fw_writer DSP/Gina24_361DSP.c gina24_361_dsp.fw -- ./fw_writer ASIC/Gina24ASIC_361.c gina24_361_asic.fw -- ./fw_writer DSP/Layla24DSP.c layla24_dsp.fw -- ./fw_writer ASIC/Layla24_1ASIC.c layla24_1_asic.fw -- ./fw_writer ASIC/Layla24_2A_ASIC.c layla24_2A_asic.fw -- ./fw_writer ASIC/Layla24_2S_ASIC.c layla24_2S_asic.fw -- ./fw_writer DSP/MonaDSP.c mona_301_dsp.fw -- ./fw_writer ASIC/Mona1ASIC48.c mona_301_1_asic_48.fw -- ./fw_writer ASIC/Mona1ASIC96.c mona_301_1_asic_96.fw -- ./fw_writer DSP/Mona361DSP.c mona_361_dsp.fw -- ./fw_writer ASIC/Mona1ASIC48_361.c mona_361_1_asic_48.fw -- ./fw_writer ASIC/Mona1ASIC96_361.c mona_361_1_asic_96.fw -- ./fw_writer ASIC/Mona2ASIC.c mona_2_asic.fw -- ./fw_writer DSP/MiaDSP.c mia_dsp.fw -- ./fw_writer DSP/Echo3gDSP.c echo3g_dsp.fw -- ./fw_writer ASIC/3G_ASIC.c 3g_asic.fw -- ./fw_writer DSP/IndigoDSP.c indigo_dsp.fw -- ./fw_writer DSP/IndigoIODSP.c indigo_io_dsp.fw -- ./fw_writer DSP/IndigoIOxDSP.c indigo_iox_dsp.fw -- ./fw_writer DSP/IndigoDJDSP.c indigo_dj_dsp.fw -- ./fw_writer DSP/IndigoDJxDSP.c indigo_djx_dsp.fw -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(fw_writer_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(fw_writer_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(fw_writer_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+fw_writer$(BUILD_EXEEXT): $(tobin_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+$(firmware_files): fw_writer$(BUILD_EXEEXT) -+ ./fw_writer$(BUILD_EXEEXT) DSP/LoaderDSP.c loader_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Darla20DSP.c darla20_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Gina20DSP.c gina20_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Layla20DSP.c layla20_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/LaylaASIC.c layla20_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Darla24DSP.c darla24_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Gina24DSP.c gina24_301_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Gina24ASIC.c gina24_301_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Gina24_361DSP.c gina24_361_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Gina24ASIC_361.c gina24_361_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Layla24DSP.c layla24_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Layla24_1ASIC.c layla24_1_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Layla24_2A_ASIC.c layla24_2A_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Layla24_2S_ASIC.c layla24_2S_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/MonaDSP.c mona_301_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Mona1ASIC48.c mona_301_1_asic_48.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Mona1ASIC96.c mona_301_1_asic_96.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Mona361DSP.c mona_361_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Mona1ASIC48_361.c mona_361_1_asic_48.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Mona1ASIC96_361.c mona_361_1_asic_96.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/Mona2ASIC.c mona_2_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/MiaDSP.c mia_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/Echo3gDSP.c echo3g_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) ASIC/3G_ASIC.c 3g_asic.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/IndigoDSP.c indigo_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/IndigoIODSP.c indigo_io_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/IndigoIOxDSP.c indigo_iox_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/IndigoDJDSP.c indigo_dj_dsp.fw -+ ./fw_writer$(BUILD_EXEEXT) DSP/IndigoDJxDSP.c indigo_djx_dsp.fw ---- a/emu/Makefile.am 2015-02-26 20:36:03.000000000 +0800 -+++ b/emu/Makefile.am 2019-06-28 02:01:37.856710042 +0800 -@@ -22,5 +22,14 @@ - hotplugfw_DATA = - endif - --$(firmware_files): fw_writer -- ./fw_writer -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(fw_writer_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(fw_writer_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(fw_writer_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+fw_writer$(BUILD_EXEEXT): $(tobin_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+$(firmware_files): fw_writer$(BUILD_EXEEXT) -+ ./fw_writer$(BUILD_EXEEXT) ---- a/maestro3/Makefile.am 2015-02-26 20:36:03.000000000 +0800 -+++ b/maestro3/Makefile.am 2019-06-28 02:03:13.704828106 +0800 -@@ -17,5 +17,14 @@ - hotplugfw_DATA = - endif - --$(firmware_files): fw_writer -- ./fw_writer -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(fw_writer_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(fw_writer_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(fw_writer_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+fw_writer$(BUILD_EXEEXT): $(tobin_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+$(firmware_files): fw_writer$(BUILD_EXEEXT) -+ ./fw_writer$(BUILD_EXEEXT) ---- a/sb16/Makefile.am 2015-02-26 20:36:03.000000000 +0800 -+++ b/sb16/Makefile.am 2019-06-28 02:04:37.121743871 +0800 -@@ -18,5 +18,14 @@ - hotplugfw_DATA = - endif - --$(firmware_files): fw_writer -- ./fw_writer -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(fw_writer_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(fw_writer_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(fw_writer_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+fw_writer$(BUILD_EXEEXT): $(tobin_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+$(firmware_files): fw_writer$(BUILD_EXEEXT) -+ ./fw_writer$(BUILD_EXEEXT) ---- a/wavefront/Makefile.am 2019-06-28 02:07:27.003727160 +0800 -+++ b/wavefront/Makefile.am 2019-06-28 02:07:46.477947626 +0800 -@@ -17,5 +17,14 @@ - hotplugfw_DATA = - endif - --$(firmware_files): fw_writer -- ./fw_writer -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(fw_writer_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(fw_writer_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(fw_writer_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+fw_writer$(BUILD_EXEEXT): $(tobin_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+$(firmware_files): fw_writer$(BUILD_EXEEXT) -+ ./fw_writer$(BUILD_EXEEXT) ---- a/ymfpci/Makefile.am 2015-02-26 20:36:03.000000000 +0800 -+++ b/ymfpci/Makefile.am 2019-06-28 02:09:02.487797826 +0800 -@@ -17,5 +17,14 @@ - hotplugfw_DATA = - endif - --$(firmware_files): fw_writer -- ./fw_writer -+LINK_FOR_BUILD.c = $(CC_FOR_BUILD) $(CFLAGS_FOR_BUILD) $(CPPFLAGS_FOR_BUILD) $(LDFLAGS_FOR_BUILD) $(TARGET_ARCH_FOR_BUILD) -+ -+$(fw_writer_OBJECTS) : CC=$(CC_FOR_BUILD) -+$(fw_writer_OBJECTS) : CFLAGS=$(CFLAGS_FOR_BUILD) -+$(fw_writer_OBJECTS) : CPPFLAGS=$(CPPFLAGS_FOR_BUILD) -+ -+fw_writer$(BUILD_EXEEXT): $(tobin_OBJECTS) -+ $(LINK_FOR_BUILD.c) $^ $(LOADLIBES_FOR_BUILD) $(LDLIBS_FOR_BUILD) -o $@ -+ -+$(firmware_files): fw_writer$(BUILD_EXEEXT) -+ ./fw_writer$(BUILD_EXEEXT) diff --git a/pkgs/os-specific/linux/alsa-project/alsa-firmware/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-firmware/default.nix index 8ad48c41408bd..2ef971a8cf7f0 100644 --- a/pkgs/os-specific/linux/alsa-project/alsa-firmware/default.nix +++ b/pkgs/os-specific/linux/alsa-project/alsa-firmware/default.nix @@ -1,20 +1,16 @@ -{ lib, stdenv, buildPackages, autoreconfHook, fetchurl, fetchpatch }: +{ lib, buildPackages, stdenv, autoreconfHook, fetchurl }: stdenv.mkDerivation rec { pname = "alsa-firmware"; - version = "1.2.1"; + version = "1.2.4"; src = fetchurl { url = "mirror://alsa/firmware/alsa-firmware-${version}.tar.bz2"; - sha256 = "1aq8z8ajpjvcx7bwhwp36bh5idzximyn77ygk3ifs0my3mbpr8mf"; + sha256 = "sha256-tnttfQi8/CR+9v8KuIqZwYgwWjz1euLf0LzZpbNs1bs="; }; - patches = [ (fetchpatch { - url = "https://github.com/alsa-project/alsa-firmware/commit/a8a478485a999ff9e4a8d8098107d3b946b70288.patch"; - sha256 = "0zd7vrgz00hn02va5bkv7qj2395a1rl6f8jq1mwbryxs7hiysb78"; - }) ]; - - nativeBuildInputs = [ autoreconfHook buildPackages.stdenv.cc ]; + depsBuildBuild = [ buildPackages.stdenv.cc ]; + nativeBuildInputs = [ autoreconfHook ]; configureFlags = [ "--with-hotplug-dir=$(out)/lib/firmware" @@ -32,10 +28,11 @@ stdenv.mkDerivation rec { rm -rf $out/bin ''; - meta = { + meta = with lib; { homepage = "http://www.alsa-project.org/"; description = "Soundcard firmwares from the alsa project"; - license = lib.licenses.gpl2Plus; - platforms = lib.platforms.linux; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ l-as ]; }; } diff --git a/pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix index a23502714827d..58e5990ae0a6c 100644 --- a/pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix +++ b/pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix @@ -7,24 +7,23 @@ stdenv.mkDerivation rec { pname = "alsa-lib"; - version = "1.2.5.1"; + version = "1.2.6.1"; src = fetchurl { url = "mirror://alsa/lib/${pname}-${version}.tar.bz2"; - sha256 = "sha256-YoQh2VDOyvI03j+JnVIMCmkjMTyWStdR/6wIHfMxQ44="; + hash = "sha256-rVgpk9Us21+xWaC+q2CmrFfqsMwb34XcTbbWGX8CMz8="; }; patches = [ + # Add a "libs" field to the syntax recognized in the /etc/asound.conf file. + # The nixos modules for pulseaudio, jack, and pipewire are leveraging this + # "libs" field to declare locations for both native and 32bit plugins, in + # order to support apps with 32bit sound running on x86_64 architecture. ./alsa-plugin-conf-multilib.patch ]; enableParallelBuilding = true; - # Fix pcm.h file in order to prevent some compilation bugs - postPatch = '' - sed -i -e 's|//int snd_pcm_mixer_element(snd_pcm_t \*pcm, snd_mixer_t \*mixer, snd_mixer_elem_t \*\*elem);|/\*int snd_pcm_mixer_element(snd_pcm_t \*pcm, snd_mixer_t \*mixer, snd_mixer_elem_t \*\*elem);\*/|' include/pcm.h - ''; - postInstall = '' ln -s ${alsa-ucm-conf}/share/alsa/{ucm,ucm2} $out/share/alsa ln -s ${alsa-topology-conf}/share/alsa/topology $out/share/alsa @@ -43,5 +42,6 @@ stdenv.mkDerivation rec { license = licenses.lgpl21Plus; platforms = platforms.linux; + maintainers = with maintainers; [ l-as ]; }; } diff --git a/pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix index 747979b1037cf..86ff7ff5d2197 100644 --- a/pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix +++ b/pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "alsa-plugins"; - version = "1.2.5"; + version = "1.2.6"; src = fetchurl { url = "mirror://alsa/plugins/${pname}-${version}.tar.bz2"; - sha256 = "086z2g2f95570vfvp9d5bakib4k18fb4bszf3lgx3j6j6f2gkvj2"; + sha256 = "sha256-BogYpLVdjAKdqgABXYU9RRE/VrIkt8ZOHhF5iMglsqA="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix index 0666f3f479394..e1474e02ed5b5 100644 --- a/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix +++ b/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix @@ -1,12 +1,12 @@ { lib, stdenv, fetchurl }: stdenv.mkDerivation rec { - name = "alsa-ucm-conf-${version}"; - version = "1.2.5.1"; + pname = "alsa-ucm-conf"; + version = "1.2.6.3"; src = fetchurl { - url = "mirror://alsa/lib/${name}.tar.bz2"; - sha256 = "sha256-WEGkRBZty/R523UTA9vDVW9oUIWsfgDwyed1VnYZXZc="; + url = "mirror://alsa/lib/${pname}-${version}.tar.bz2"; + sha256 = "sha256-uKA6o4emJKL2XtwgG/d3QhGQtgUpqSCHZGgjr72Wxc0="; }; dontBuild = true; diff --git a/pkgs/os-specific/linux/amdgpu-pro/default.nix b/pkgs/os-specific/linux/amdgpu-pro/default.nix index 0f65d1c0c484b..241145a24843c 100644 --- a/pkgs/os-specific/linux/amdgpu-pro/default.nix +++ b/pkgs/os-specific/linux/amdgpu-pro/default.nix @@ -1,18 +1,25 @@ -{ lib, stdenv, fetchurl, elfutils -, xorg, patchelf, openssl, libdrm, udev -, libxcb, libxshmfence, libepoxy, perl, zlib -, ncurses -, libsOnly ? false, kernel ? null +{ lib +, stdenv +, fetchurl +, elfutils +, xorg +, patchelf +, libxcb +, libxshmfence +, perl +, zlib +, expat +, libffi +, libselinux +, libdrm +, udev +, kernel ? null }: -assert (!libsOnly) -> kernel != null; - with lib; let - kernelDir = if libsOnly then null else kernel.dev; - bitness = if stdenv.is64bit then "64" else "32"; libArch = @@ -20,151 +27,185 @@ let "i386-linux-gnu" else if stdenv.hostPlatform.system == "x86_64-linux" then "x86_64-linux-gnu" - else throw "amdgpu-pro is Linux only. Sorry. The build was stopped."; - - libReplaceDir = "/usr/lib/${libArch}"; - - ncurses5 = ncurses.override { abiVersion = "5"; }; + else throw "amdgpu-pro is Linux only. Sorry."; in stdenv.mkDerivation rec { - version = "17.40"; + version = "21.30"; pname = "amdgpu-pro"; - build = "${version}-492261"; - - libCompatDir = "/run/lib/${libArch}"; - - name = pname + "-" + version + (optionalString (!libsOnly) "-${kernelDir.version}"); + build = "${version}-1290604"; src = fetchurl { - url = - "https://www2.ati.com/drivers/linux/ubuntu/amdgpu-pro-${build}.tar.xz"; - sha256 = "1c073lp9cq1rc2mddky2r0j2dv9dd167qj02visz37vwaxbm2r5h"; - curlOpts = "--referer http://support.amd.com/en-us/kb-articles/Pages/AMD-Radeon-GPU-PRO-Linux-Beta-Driver%e2%80%93Release-Notes.aspx"; + url = "https://drivers.amd.com/drivers/linux/amdgpu-pro-${build}-ubuntu-20.04.tar.xz"; + sha256 = "sha256-WECqxjo2WLP3kMWeVyJgYufkvHTzwGaj57yeMGXiQ4I="; + curlOpts = "--referer https://www.amd.com/en/support/kb/release-notes/rn-amdgpu-unified-linux-21-30"; }; - hardeningDisable = [ "pic" "format" ]; - - inherit libsOnly; - postUnpack = '' - cd $sourceRoot mkdir root - cd root - for deb in ../*_all.deb ../*_i386.deb '' + optionalString stdenv.is64bit "../*_amd64.deb" + ''; do echo $deb; ar p $deb data.tar.xz | tar -xJ; done - sourceRoot=. - ''; - - modulePatches = optionals (!libsOnly) ([ - ./patches/0001-fix-warnings-for-Werror.patch - ./patches/0002-fix-sketchy-int-ptr-warning.patch - ./patches/0003-disable-firmware-copy.patch - ]); - - patchPhase = optionalString (!libsOnly) '' - pushd usr/src/amdgpu-${build} - for patch in $modulePatches + pushd $sourceRoot + for deb in *_all.deb *_${if stdenv.is64bit then "amd64" else "i386"}.deb do - echo $patch - patch -f -p1 < $patch || true + ar p $deb data.tar.xz | tar -C ../root -xJ done popd + # if we don't use a short sourceRoot, compilation can fail due to command + # line length + sourceRoot=root ''; - xreallocarray = ./xreallocarray.c; + passthru = optionalAttrs (kernel != null) { + kmod = stdenv.mkDerivation rec { + inherit version src postUnpack; + name = "${pname}-${version}-kmod-${kernel.dev.version}"; - preBuild = optionalString (!libsOnly) '' - pushd usr/src/amdgpu-${build} - makeFlags="$makeFlags M=$(pwd)" - patchShebangs pre-build.sh - ./pre-build.sh ${kernel.version} - popd - pushd lib - $CC -fPIC -shared -o libhack-xreallocarray.so $xreallocarray - strip libhack-xreallocarray.so - popd - ''; + postPatch = '' + pushd usr/src/amdgpu-* + patchShebangs amd/dkms/*.sh + substituteInPlace amd/dkms/pre-build.sh --replace "./configure" "./configure --with-linux=${kernel.dev}/lib/modules/${kernel.modDirVersion}/source --with-linux-obj=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + popd + ''; - modules = [ - "amd/amdgpu/amdgpu.ko" - "amd/amdkcl/amdkcl.ko" - "ttm/amdttm.ko" - ]; + preConfigure = '' + pushd usr/src/amdgpu-* + makeFlags="$makeFlags M=$(pwd)" + amd/dkms/pre-build.sh ${kernel.version} + popd + ''; + + postBuild = '' + pushd usr/src/amdgpu-* + find -name \*.ko -exec xz {} \; + popd + ''; + + makeFlags = optionalString (kernel != null) "-C ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build modules"; + + installPhase = '' + runHook preInstall + + pushd usr/src/amdgpu-* + find -name \*.ko.xz -exec install -Dm444 {} $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/gpu/drm/{} \; + popd + + runHook postInstall + ''; - postBuild = optionalString (!libsOnly) - (concatMapStrings (m: "xz usr/src/amdgpu-${build}/${m}\n") modules); + # without this we get a collision with the ttm module from linux + meta.priority = 4; + }; - NIX_CFLAGS_COMPILE = "-Werror"; + fw = stdenv.mkDerivation rec { + inherit version src postUnpack; + name = "${pname}-${version}-fw"; - makeFlags = optionalString (!libsOnly) - "-C ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build modules"; + installPhase = '' + runHook preInstall + + mkdir -p $out/lib + cp -r usr/src/amdgpu-*/firmware $out/lib/firmware + + runHook postInstall + ''; + }; + }; + + outputs = [ "out" "vulkan" ]; depLibPath = makeLibraryPath [ - stdenv.cc.cc.lib xorg.libXext xorg.libX11 xorg.libXdamage xorg.libXfixes zlib - xorg.libXxf86vm libxcb libxshmfence libepoxy openssl libdrm elfutils udev ncurses5 + stdenv.cc.cc.lib + zlib + libxcb + libxshmfence + elfutils + expat + libffi + libselinux + # libudev is not listed in any dependencies, but is loaded dynamically + udev + xorg.libXext + xorg.libX11 + xorg.libXfixes + xorg.libXdamage + xorg.libXxf86vm ]; installPhase = '' + runHook preInstall + mkdir -p $out - cp -r etc $out/etc - cp -r lib $out/lib + cp -r usr/lib/${libArch} $out/lib + cp -r usr/share $out/share - pushd usr - cp -r lib/${libArch}/* $out/lib - '' + optionalString (!libsOnly) '' - cp -r src/amdgpu-${build}/firmware $out/lib/firmware - '' + '' - cp -r share $out/share + mkdir -p $out/opt/amdgpu{,-pro} + cp -r opt/amdgpu-pro/lib/${libArch} $out/opt/amdgpu-pro/lib + cp -r opt/amdgpu/lib/${libArch} $out/opt/amdgpu/lib + + pushd $out/lib + ln -s ../opt/amdgpu-pro/lib/libGL.so* . + ln -s ../opt/amdgpu-pro/lib/libEGL.so* . popd - pushd opt/amdgpu-pro - '' + optionalString (!libsOnly && stdenv.is64bit) '' - cp -r bin $out/bin - '' + '' - cp -r include $out/include - cp -r share/* $out/share - cp -r lib/${libArch}/* $out/lib - '' + optionalString (!libsOnly) '' - mv lib/xorg $out/lib/xorg - '' + '' + # short name to allow replacement below + ln -s lib/dri $out/dri + + '' + optionalString (stdenv.is64bit) '' + mkdir -p $out/etc + pushd etc + cp -r modprobe.d udev amd $out/etc popd - '' + optionalString (!libsOnly) - (concatMapStrings (m: - "install -Dm444 usr/src/amdgpu-${build}/${m}.xz $out/lib/modules/${kernel.modDirVersion}/kernel/drivers/gpu/drm/${m}.xz\n") modules) - + '' - mv $out/etc/vulkan $out/share - interpreter="$(cat $NIX_CC/nix-support/dynamic-linker)" - libPath="$out/lib:$out/lib/gbm:$depLibPath" - '' + optionalString (!libsOnly && stdenv.is64bit) '' - for prog in clinfo modetest vbltest kms-universal-planes kms-steal-crtc modeprint amdgpu_test kmstest proptest; do - patchelf --interpreter "$interpreter" --set-rpath "$libPath" "$out/bin/$prog" - done + cp -r lib/udev/rules.d/* $out/etc/udev/rules.d + cp -r opt/amdgpu/lib/xorg $out/lib/xorg + cp -r opt/amdgpu-pro/lib/xorg/* $out/lib/xorg + cp -r opt/amdgpu/share $out/opt/amdgpu/share '' + '' - ln -s ${makeLibraryPath [ncurses5]}/libncursesw.so.5 $out/lib/libtinfo.so.5 + + mkdir -p $vulkan/share/vulkan/icd.d + install opt/amdgpu-pro/etc/vulkan/icd.d/amd_icd${bitness}.json $vulkan/share/vulkan/icd.d + + runHook postInstall ''; - # we'll just set the full rpath on everything to avoid having to track down dlopen problems - postFixup = assert (stringLength libReplaceDir == stringLength libCompatDir); '' - libPath="$out/lib:$out/lib/gbm:$depLibPath" - for lib in `find "$out/lib/" -name '*.so*' -type f`; do - patchelf --set-rpath "$libPath" "$lib" - done - for lib in libEGL.so.1 libGL.so.1.2 ${optionalString (!libsOnly) "xorg/modules/extensions/libglx.so"} dri/amdgpu_dri.so libamdocl${bitness}.so; do - perl -pi -e 's:${libReplaceDir}:${libCompatDir}:g' "$out/lib/$lib" - done - for lib in dri/amdgpu_dri.so libdrm_amdgpu.so.1.0.0 libgbm_amdgpu.so.1.0.0 libkms_amdgpu.so.1.0.0 libamdocl${bitness}.so; do - perl -pi -e 's:/opt/amdgpu-pro/:/run/amdgpu-pro/:g' "$out/lib/$lib" - done - substituteInPlace "$out/share/vulkan/icd.d/amd_icd${bitness}.json" --replace "/opt/amdgpu-pro/lib/${libArch}" "$out/lib" - '' + optionalString (!libsOnly) '' - for lib in drivers/modesetting_drv.so libglamoregl.so; do - patchelf --add-needed $out/lib/libhack-xreallocarray.so $out/lib/xorg/modules/$lib - done + preFixup = (if stdenv.is64bit + # this could also be done with LIBGL_DRIVERS_PATH, but it would need to be + # set in the user session and for Xorg + then '' + expr1='s:/opt/amdgpu/lib/x86_64-linux-gnu/dri\0:/run/opengl-driver/lib/dri\0\0\0\0\0\0\0\0\0\0\0:g' + expr2='s:/usr/lib/x86_64-linux-gnu/dri[\0\:]:/run/opengl-driver/lib/dri\0\0\0\0:g' + perl -pi -e "$expr2" $out/lib/xorg/modules/extensions/libglx.so + '' + else '' + expr1='s:/opt/amdgpu/lib/i386-linux-gnu/dri\0:/run/opengl-driver-32/lib/dri\0\0\0\0\0\0:g' + # we replace a different path on 32-bit because it's the only one long + # enough to fit the target path :( + expr2='s:/usr/lib/i386-linux-gnu/dri[\0\:]:/run/opengl-driver-32/dri\0\0\0:g' + '') + '' + perl -pi -e "$expr1" \ + $out/opt/amdgpu/lib/libEGL.so.1.0.0 \ + $out/opt/amdgpu/lib/libgbm.so.1.0.0 \ + $out/opt/amdgpu/lib/libGL.so.1.2.0 + + perl -pi -e "$expr2" \ + $out/opt/amdgpu-pro/lib/libEGL.so.1 \ + $out/opt/amdgpu-pro/lib/libGL.so.1.2 \ + $out/opt/amdgpu-pro/lib/libGLX_amd.so.0 + + find $out -type f -exec perl -pi -e 's:/opt/amdgpu-pro/:/run/amdgpu-pro/:g' {} \; + find $out -type f -exec perl -pi -e 's:/opt/amdgpu/:/run/amdgpu/:g' {} \; + + substituteInPlace $vulkan/share/vulkan/icd.d/*.json --replace /opt/amdgpu-pro/lib/${libArch} "$out/opt/amdgpu-pro/lib" + ''; + + # doing this in post because shrinking breaks things that dynamically load + postFixup = '' + libPath="$out/opt/amdgpu/lib:$out/opt/amdgpu-pro/lib:$depLibPath" + find "$out" -name '*.so*' -type f -exec patchelf --set-rpath "$libPath" {} \; ''; buildInputs = [ + libdrm patchelf perl ]; @@ -177,7 +218,5 @@ in stdenv.mkDerivation rec { license = licenses.unfree; platforms = platforms.linux; maintainers = with maintainers; [ corngood ]; - # Copied from the nvidia default.nix to prevent a store collision. - priority = 4; }; } diff --git a/pkgs/os-specific/linux/amdgpu-pro/patches/0001-fix-warnings-for-Werror.patch b/pkgs/os-specific/linux/amdgpu-pro/patches/0001-fix-warnings-for-Werror.patch deleted file mode 100644 index ecde6401ac18d..0000000000000 --- a/pkgs/os-specific/linux/amdgpu-pro/patches/0001-fix-warnings-for-Werror.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 9167d76c435a7c1df7954f0fbe5cc6d083f8ed2f Mon Sep 17 00:00:00 2001 -From: David McFarland <corngood@gmail.com> -Date: Mon, 6 Feb 2017 22:13:49 -0400 -Subject: [PATCH 1/3] fix warnings for Werror - ---- - amd/amdgpu/amdgpu_device.c | 4 ++-- - amd/amdgpu/amdgpu_sa.c | 2 +- - amd/display/dc/bios/bios_parser2.c | 8 ++++---- - 3 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/amd/amdgpu/amdgpu_device.c b/amd/amdgpu/amdgpu_device.c -index fc1c543..186e06d 100644 ---- a/amd/amdgpu/amdgpu_device.c -+++ b/amd/amdgpu/amdgpu_device.c -@@ -3164,7 +3164,7 @@ void amdgpu_debugfs_cleanup(struct drm_minor *minor) - struct drm_info_node *node, *tmp; - - if (!&minor->debugfs_root) -- return 0; -+ return; - - mutex_lock(&minor->debugfs_lock); - list_for_each_entry_safe(node, tmp, -@@ -3175,7 +3175,7 @@ void amdgpu_debugfs_cleanup(struct drm_minor *minor) - } - mutex_unlock(&minor->debugfs_lock); - -- return 0; -+ return; - } - #endif - -diff --git a/amd/amdgpu/amdgpu_sa.c b/amd/amdgpu/amdgpu_sa.c -index 7206b34..8b7123c 100644 ---- a/amd/amdgpu/amdgpu_sa.c -+++ b/amd/amdgpu/amdgpu_sa.c -@@ -430,7 +430,7 @@ void amdgpu_sa_bo_dump_debug_info(struct amdgpu_sa_manager *sa_manager, - if (i->fence) - #if defined(BUILD_AS_DKMS) - seq_printf(m, " protected by 0x%08x on context %d", -- i->fence->seqno, i->fence->context); -+ i->fence->seqno, (int)i->fence->context); - #else - seq_printf(m, " protected by 0x%08x on context %llu", - i->fence->seqno, i->fence->context); -diff --git a/amd/display/dc/bios/bios_parser2.c b/amd/display/dc/bios/bios_parser2.c -index 86fce5a..99681c5 100644 ---- a/amd/display/dc/bios/bios_parser2.c -+++ b/amd/display/dc/bios/bios_parser2.c -@@ -1326,13 +1326,13 @@ static enum bp_result get_embedded_panel_info_v2_1( - info->lcd_timing.misc_info.VERTICAL_CUT_OFF = 0; - - info->lcd_timing.misc_info.H_REPLICATION_BY2 = -- lvds->lcd_timing.miscinfo & ATOM_H_REPLICATIONBY2; -+ (lvds->lcd_timing.miscinfo & ATOM_H_REPLICATIONBY2) != 0; - info->lcd_timing.misc_info.V_REPLICATION_BY2 = -- lvds->lcd_timing.miscinfo & ATOM_V_REPLICATIONBY2; -+ (lvds->lcd_timing.miscinfo & ATOM_V_REPLICATIONBY2) != 0; - info->lcd_timing.misc_info.COMPOSITE_SYNC = -- lvds->lcd_timing.miscinfo & ATOM_COMPOSITESYNC; -+ (lvds->lcd_timing.miscinfo & ATOM_COMPOSITESYNC) != 0; - info->lcd_timing.misc_info.INTERLACE = -- lvds->lcd_timing.miscinfo & ATOM_INTERLACE; -+ (lvds->lcd_timing.miscinfo & ATOM_INTERLACE) != 0; - - /* not provided by VBIOS*/ - info->lcd_timing.misc_info.DOUBLE_CLOCK = 0; --- -2.15.1 - diff --git a/pkgs/os-specific/linux/amdgpu-pro/patches/0002-fix-sketchy-int-ptr-warning.patch b/pkgs/os-specific/linux/amdgpu-pro/patches/0002-fix-sketchy-int-ptr-warning.patch deleted file mode 100644 index 20f429757a519..0000000000000 --- a/pkgs/os-specific/linux/amdgpu-pro/patches/0002-fix-sketchy-int-ptr-warning.patch +++ /dev/null @@ -1,25 +0,0 @@ -From a07ee5dec35ca24a013a6638543ef5030b2bab40 Mon Sep 17 00:00:00 2001 -From: David McFarland <corngood@gmail.com> -Date: Tue, 9 Jan 2018 21:45:33 -0400 -Subject: [PATCH 2/3] fix sketchy int->ptr warning - ---- - amd/display/amdgpu_dm/amdgpu_dm_helpers.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/amd/display/amdgpu_dm/amdgpu_dm_helpers.c b/amd/display/amdgpu_dm/amdgpu_dm_helpers.c -index d0f091b..707815a 100644 ---- a/amd/display/amdgpu_dm/amdgpu_dm_helpers.c -+++ b/amd/display/amdgpu_dm/amdgpu_dm_helpers.c -@@ -236,7 +236,7 @@ bool dm_helpers_dp_mst_write_payload_allocation_table( - pbn = drm_dp_calc_pbn_mode(clock, bpp); - - slots = drm_dp_find_vcpi_slots(mst_mgr, pbn); -- ret = drm_dp_mst_allocate_vcpi(mst_mgr, mst_port, pbn, slots); -+ ret = drm_dp_mst_allocate_vcpi(mst_mgr, mst_port, pbn, &slots); - - if (!ret) - return false; --- -2.15.1 - diff --git a/pkgs/os-specific/linux/amdgpu-pro/patches/0003-disable-firmware-copy.patch b/pkgs/os-specific/linux/amdgpu-pro/patches/0003-disable-firmware-copy.patch deleted file mode 100644 index 0091c471680cf..0000000000000 --- a/pkgs/os-specific/linux/amdgpu-pro/patches/0003-disable-firmware-copy.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 7a3062acbbabdb29239bbc8c984e62589a88576e Mon Sep 17 00:00:00 2001 -From: David McFarland <corngood@gmail.com> -Date: Tue, 9 Jan 2018 21:49:55 -0400 -Subject: [PATCH 3/3] disable firmware copy - ---- - pre-build.sh | 5 ----- - 1 file changed, 5 deletions(-) - -diff --git a/pre-build.sh b/pre-build.sh -index e7b8a32..bad8f25 100755 ---- a/pre-build.sh -+++ b/pre-build.sh -@@ -38,8 +38,3 @@ find ttm -name '*.c' -exec grep EXPORT_SYMBOL {} + \ - | sort -u \ - | awk -F'[()]' '{print "#define "$2" amd"$2" //"$0}'\ - >> include/rename_symbol.h -- --FW_DIR="/lib/firmware/$KERNELVER" --mkdir -p $FW_DIR --cp -ar /usr/src/amdgpu-17.40-492261/firmware/radeon $FW_DIR --cp -ar /usr/src/amdgpu-17.40-492261/firmware/amdgpu $FW_DIR --- -2.15.1 - diff --git a/pkgs/os-specific/linux/amdgpu-pro/xreallocarray.c b/pkgs/os-specific/linux/amdgpu-pro/xreallocarray.c deleted file mode 100644 index ab47bacb82281..0000000000000 --- a/pkgs/os-specific/linux/amdgpu-pro/xreallocarray.c +++ /dev/null @@ -1,5 +0,0 @@ -#include <malloc.h> - -void *xreallocarray(void *ptr, size_t nmemb, size_t size) { - return reallocarray(ptr, nmemb, size); -} diff --git a/pkgs/os-specific/linux/anbox/default.nix b/pkgs/os-specific/linux/anbox/default.nix index d684e24db9148..2a98aa82ebbd5 100644 --- a/pkgs/os-specific/linux/anbox/default.nix +++ b/pkgs/os-specific/linux/anbox/default.nix @@ -49,13 +49,13 @@ in stdenv.mkDerivation rec { pname = "anbox"; - version = "unstable-2020-11-29"; + version = "unstable-2021-10-20"; src = fetchFromGitHub { owner = pname; repo = pname; - rev = "6c10125a7f13908d2cbe56d2d9ab09872755f265"; - sha256 = "00bqssh4zcs0jj6w07b91719xkrpdw75vpcplwrvlhwsvl55f901"; + rev = "84f0268012cbe322ad858d76613f4182074510ac"; + sha256 = "sha256-QXWhatewiUDQ93cH1UZsYgbjUxpgB1ajtGFYZnKmabc="; fetchSubmodules = true; }; diff --git a/pkgs/os-specific/linux/android-udev-rules/default.nix b/pkgs/os-specific/linux/android-udev-rules/default.nix index fbe02d69f1a86..530292fe86293 100644 --- a/pkgs/os-specific/linux/android-udev-rules/default.nix +++ b/pkgs/os-specific/linux/android-udev-rules/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "android-udev-rules"; - version = "20210501"; + version = "20220102"; src = fetchFromGitHub { owner = "M0Rf30"; repo = "android-udev-rules"; rev = version; - sha256 = "sha256-rlTulWclPqMl9LdHdcAtLARXGItiSeF3RX+neZrjgV4="; + sha256 = "sha256-D2dPFvuFcZtosfTfsW0lmK5y8zqHdIxJBlvmP/R91CE="; }; installPhase = '' diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index 8e95c44f95cd8..5c1cf272e0e79 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -304,10 +304,10 @@ let meta = apparmor-meta "kernel patches"; }; - # Generate generic AppArmor rules in a file, - # from the closure of given rootPaths. - # To be included in an AppArmor profile like so: - # include "$(apparmorRulesFromClosure {} [pkgs.hello]}" + # Generate generic AppArmor rules in a file, from the closure of given + # rootPaths. To be included in an AppArmor profile like so: + # + # include "${apparmorRulesFromClosure { } [ pkgs.hello ]}" apparmorRulesFromClosure = { # The store path of the derivation is given in $path additionalRules ? [] diff --git a/pkgs/os-specific/linux/atop/default.upstream b/pkgs/os-specific/linux/atop/default.upstream deleted file mode 100644 index 46099d9c95954..0000000000000 --- a/pkgs/os-specific/linux/atop/default.upstream +++ /dev/null @@ -1,4 +0,0 @@ -url http://atoptool.nl/downloadatop.php -version_link '[.]tar[.]' -version '[^0-9]*[-.]([0-9]([-0-9.]*[0-9])?)[.].*' '\1' -minimize_overwrite diff --git a/pkgs/os-specific/linux/autosuspend/default.nix b/pkgs/os-specific/linux/autosuspend/default.nix index f25568f5a7ccf..4283230f7ad78 100644 --- a/pkgs/os-specific/linux/autosuspend/default.nix +++ b/pkgs/os-specific/linux/autosuspend/default.nix @@ -5,13 +5,13 @@ python3.pkgs.buildPythonApplication rec { pname = "autosuspend"; - version = "4.0.1"; + version = "4.1.0"; src = fetchFromGitHub { owner = "languitar"; repo = pname; rev = "v${version}"; - sha256 = "149b4qn3nmz48ydnlcgks3as3zzzzn3f5cvj3kdxqxjy4c052lpz"; + sha256 = "0vn1qhsmjlgd7gn11w938kraz55xyixpzrgq06dar066hcsn1x8w"; }; postPatch = '' diff --git a/pkgs/os-specific/linux/batman-adv/version.nix b/pkgs/os-specific/linux/batman-adv/version.nix index 71c7863cfa858..048318e3e33a1 100644 --- a/pkgs/os-specific/linux/batman-adv/version.nix +++ b/pkgs/os-specific/linux/batman-adv/version.nix @@ -1,9 +1,9 @@ { - version = "2021.1"; + version = "2021.4"; sha256 = { - batman-adv = "1l1lk41h4chymrb41ihqrr3p80xdwhhp1kkksr157mzailyq8xxz"; - alfred = "122y92vqrpp3g6dbjfv8hkhwjlfa3skr91lbzicr0pw8mm6wzqll"; - batctl = "0xp1cqcw0g0irgw9yhkch01rbn39gzvfxv8b2yya32vbnkmqrcj4"; + batman-adv = "06zbyf8s7njn6wdm1fdq3kl8kx1vx4spxkgiy7dx0pq4c3qs5xyg"; + alfred = "15fbw80ix95zy8i4c6acm1631vxlz2hakjv4zv5wig74bp2bcyac"; + batctl = "1ryqz90av2p5pgmmpi1afmycd18zhpwz1i4f7r0s359jis86xndn"; }; } diff --git a/pkgs/os-specific/linux/bcc/default.nix b/pkgs/os-specific/linux/bcc/default.nix index caeaed455f7e8..d6e4b059088dc 100644 --- a/pkgs/os-specific/linux/bcc/default.nix +++ b/pkgs/os-specific/linux/bcc/default.nix @@ -7,7 +7,7 @@ python.pkgs.buildPythonApplication rec { pname = "bcc"; - version = "0.23.0"; + version = "0.24.0"; disabled = !stdenv.isLinux; @@ -15,7 +15,7 @@ python.pkgs.buildPythonApplication rec { owner = "iovisor"; repo = "bcc"; rev = "v${version}"; - sha256 = "sha256-iLVUwJTDQ8Bn38sgHOcIR8TYxIB+gIlfTgr9+gPU0gE="; + sha256 = "sha256-5Nq6LmphiyiiIyru/P2rCCmA25cwJIWn08oK1+eM3cQ="; }; format = "other"; diff --git a/pkgs/os-specific/linux/bionic-prebuilt/default.nix b/pkgs/os-specific/linux/bionic-prebuilt/default.nix index 920732a2020d2..8fa17036c4adf 100644 --- a/pkgs/os-specific/linux/bionic-prebuilt/default.nix +++ b/pkgs/os-specific/linux/bionic-prebuilt/default.nix @@ -1,4 +1,6 @@ -{ stdenvNoCC, lib, fetchzip, pkgs +{ stdenv, stdenvNoCC, lib, fetchzip, pkgs +, enableStatic ? stdenv.hostPlatform.isStatic +, enableShared ? !stdenv.hostPlatform.isStatic }: let @@ -92,10 +94,17 @@ stdenvNoCC.mkDerivation rec { cp -v ${prebuilt_crt.out}/*.o $out/lib/ cp -v ${prebuilt_crt.out}/libgcc.a $out/lib/ cp -v ${prebuilt_ndk_crt.out}/*.o $out/lib/ + '' + lib.optionalString enableShared '' for i in libc.so libm.so libdl.so liblog.so; do cp -v ${prebuilt_libs.out}/$i $out/lib/ done - + '' + lib.optionalString enableStatic '' + # no liblog.a; while it's also part of the base libraries, + # it's only available as shared object in the prebuilts. + for i in libc.a libm.a libdl.a; do + cp -v ${prebuilt_ndk_crt.out}/$i $out/lib/ + done + '' + '' mkdir -p $dev/include cp -v $out/include/*.h $dev/include/ ''; diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index 2c05a4aa271e9..5e81cf6b2c1d1 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -13,6 +13,7 @@ , readline , systemd , udev +, withExperimental ? false }: let pythonPath = with python3.pkgs; [ dbus-python @@ -84,7 +85,8 @@ in stdenv.mkDerivation rec { # To provide ciptool, sdptool, and rfcomm (unmaintained) # superseded by new D-Bus APIs "--enable-deprecated" - ]; + ] ++ lib.optional withExperimental "--enable-experimental"; + # Work around `make install' trying to create /var/lib/bluetooth. installFlags = [ "statedir=$(TMPDIR)/var/lib/bluetooth" ]; diff --git a/pkgs/os-specific/linux/bpftrace/default.nix b/pkgs/os-specific/linux/bpftrace/default.nix index 9a197b4c78c8d..abf8fb63bc354 100644 --- a/pkgs/os-specific/linux/bpftrace/default.nix +++ b/pkgs/os-specific/linux/bpftrace/default.nix @@ -8,13 +8,13 @@ stdenv.mkDerivation rec { pname = "bpftrace"; - version = "0.14.0"; + version = "0.14.1"; src = fetchFromGitHub { owner = "iovisor"; repo = "bpftrace"; rev = "v${version}"; - sha256 = "sha256-rlaajNfpoiMtU/4aNAnbQ0VixPz9/302TZMarGzsb58="; + sha256 = "sha256-QDqHAEVM/XHCFMS0jMLdKJfDUOpkUqONOf8+Fbd5dCY="; }; # libbpf 0.6.0 relies on typeof in bpf/btf.h to pick the right version of diff --git a/pkgs/os-specific/linux/busybox/default.nix b/pkgs/os-specific/linux/busybox/default.nix index b8a017adcf42c..9e21955808f86 100644 --- a/pkgs/os-specific/linux/busybox/default.nix +++ b/pkgs/os-specific/linux/busybox/default.nix @@ -66,6 +66,8 @@ stdenv.mkDerivation rec { ./busybox-in-store.patch ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) ./clang-cross.patch; + separateDebugInfo = true; + postPatch = "patchShebangs ."; configurePhase = '' @@ -120,6 +122,8 @@ stdenv.mkDerivation rec { makeFlagsArray+=("CC=${stdenv.cc.targetPrefix}cc -isystem ${musl.dev}/include -B${musl}/lib -L${musl}/lib") ''; + makeFlags = [ "SKIP_STRIP=y" ]; + postInstall = '' sed -e ' 1 a busybox() { '$out'/bin/busybox "$@"; }\ diff --git a/pkgs/os-specific/linux/cpuset/default.nix b/pkgs/os-specific/linux/cpuset/default.nix index e82e3f5901c18..bb7a953c11952 100644 --- a/pkgs/os-specific/linux/cpuset/default.nix +++ b/pkgs/os-specific/linux/cpuset/default.nix @@ -40,5 +40,6 @@ pythonPackages.buildPythonApplication rec { homepage = "https://github.com/lpechacek/cpuset"; license = licenses.gpl2; maintainers = with maintainers; [ thiagokokada wykurz ]; + mainProgram = "cset"; }; } diff --git a/pkgs/os-specific/linux/crda/default.nix b/pkgs/os-specific/linux/crda/default.nix index d12bba4e1645f..ffed5fc36a78a 100644 --- a/pkgs/os-specific/linux/crda/default.nix +++ b/pkgs/os-specific/linux/crda/default.nix @@ -71,7 +71,7 @@ stdenv.mkDerivation rec { to the system configuration. ''; - homepage = "http://drvbp1.linux-foundation.org/~mcgrof/rel-html/crda/"; + homepage = "https://wireless.wiki.kernel.org/en/developers/regulatory/crda"; license = licenses.free; # "copyleft-next 0.3.0", as yet without a web site platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix index 150547367a345..27f32c6481311 100644 --- a/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/pkgs/os-specific/linux/cryptsetup/default.nix @@ -3,13 +3,14 @@ stdenv.mkDerivation rec { pname = "cryptsetup"; - version = "2.4.1"; + version = "2.4.3"; outputs = [ "out" "dev" "man" ]; + separateDebugInfo = true; src = fetchurl { url = "mirror://kernel/linux/utils/cryptsetup/v2.4/${pname}-${version}.tar.xz"; - sha256 = "sha256-o1anJ6g6RkreVm6VI5Yioi2+Tg9IKxmP2wSrDTpanF8="; + sha256 = "sha256-/A35RRiBciZOxb8dC9oIJk+tyKP4VtR+upHzH+NUtQc="; }; # Disable 4 test cases that fail in a sandbox @@ -24,12 +25,14 @@ stdenv.mkDerivation rec { substituteInPlace tests/unit-utils-io.c --replace "| O_DIRECT" "" ''; - NIX_LDFLAGS = "-lgcc_s"; + NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) "-lgcc_s"; configureFlags = [ "--enable-cryptsetup-reencrypt" "--with-crypto_backend=openssl" "--disable-ssh-token" + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ + "--enable-static-cryptsetup" ]; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/device-tree/raspberrypi.nix b/pkgs/os-specific/linux/device-tree/raspberrypi.nix index b4b40f8331f96..d9ccb70f1f037 100644 --- a/pkgs/os-specific/linux/device-tree/raspberrypi.nix +++ b/pkgs/os-specific/linux/device-tree/raspberrypi.nix @@ -1,7 +1,8 @@ { lib, stdenvNoCC, raspberrypifw }: stdenvNoCC.mkDerivation { - name = "raspberrypi-dtbs-${raspberrypifw.version}"; + pname = "raspberrypi-dtbs"; + version = raspberrypifw.version; nativeBuildInputs = [ raspberrypifw ]; # Rename DTBs so u-boot finds them, like linux-rpi.nix diff --git a/pkgs/os-specific/linux/displaylink/default.nix b/pkgs/os-specific/linux/displaylink/default.nix index 6cc22c25602b7..f1e942a439938 100644 --- a/pkgs/os-specific/linux/displaylink/default.nix +++ b/pkgs/os-specific/linux/displaylink/default.nix @@ -20,22 +20,22 @@ let in stdenv.mkDerivation rec { pname = "displaylink"; - version = "5.4.1-55.174"; + version = "5.5.0-beta-59.118"; src = requireFile rec { - name = "displaylink.zip"; - sha256 = "1biswvjz91gmx7xf9g05h3ra463hf2yv9mr2nkxclyrd283iiiqc"; + name = "displaylink-55.zip"; + sha256 = "0mid6p1mnkhbl96cr763ngdwrlgnpgs6c137rwc2sjf4v33g59ma"; message = '' In order to install the DisplayLink drivers, you must first comply with DisplayLink's EULA and download the binaries and sources from here: - https://www.synaptics.com/products/displaylink-graphics/downloads/ubuntu-5.4.1 + https://www.synaptics.com/products/displaylink-graphics/downloads/ubuntu-5.5-Beta Once you have downloaded the file, please use the following commands and re-run the installation: - mv \$PWD/"DisplayLink USB Graphics Software for Ubuntu ${lib.versions.majorMinor version}.zip" \$PWD/${name} + mv \$PWD/"DisplayLink USB Graphics Software for Ubuntu (Beta)5.5 Beta-EXE.zip" \$PWD/${name} nix-prefetch-url file://\$PWD/${name} ''; }; @@ -51,7 +51,7 @@ stdenv.mkDerivation rec { installPhase = '' install -Dt $out/lib/displaylink *.spkg install -Dm755 ${bins}/DisplayLinkManager $out/bin/DisplayLinkManager - mkdir -p $out/lib/udev/rules.d + mkdir -p $out/lib/udev/rules.d $out/share cp ${./99-displaylink.rules} $out/lib/udev/rules.d/99-displaylink.rules patchelf \ --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \ @@ -59,6 +59,9 @@ stdenv.mkDerivation rec { $out/bin/DisplayLinkManager wrapProgram $out/bin/DisplayLinkManager \ --run "cd $out/lib/displaylink" + + # We introduce a dependency on the source file so that it need not be redownloaded everytime + echo $src >> "$out/share/workspace_dependencies.pin" ''; dontStrip = true; diff --git a/pkgs/os-specific/linux/dpdk/default.nix b/pkgs/os-specific/linux/dpdk/default.nix index 7592be483f532..1e4f50e42df38 100644 --- a/pkgs/os-specific/linux/dpdk/default.nix +++ b/pkgs/os-specific/linux/dpdk/default.nix @@ -1,9 +1,9 @@ { stdenv, lib , kernel , fetchurl -, pkg-config, meson, ninja +, pkg-config, meson, ninja, makeWrapper , libbsd, numactl, libbpf, zlib, libelf, jansson, openssl, libpcap, rdma-core -, doxygen, python3 +, doxygen, python3, pciutils , withExamples ? [] , shared ? false }: @@ -20,6 +20,7 @@ in stdenv.mkDerivation rec { }; nativeBuildInputs = [ + makeWrapper doxygen meson ninja @@ -31,22 +32,27 @@ in stdenv.mkDerivation rec { buildInputs = [ jansson libbpf - libbsd libelf libpcap numactl openssl.dev zlib + python3 ] ++ lib.optionals mod kernel.moduleBuildDependencies; - # Propagated to support current DPDK users in nixpkgs which statically link - # with the framework (e.g. odp-dpdk). propagatedBuildInputs = [ + # Propagated to support current DPDK users in nixpkgs which statically link + # with the framework (e.g. odp-dpdk). rdma-core + # Requested by pkg-config. + libbsd ]; postPatch = '' patchShebangs config/arm buildtools + '' + lib.optionalString mod '' + # kernel_install_dir is hardcoded to `/lib/modules`; patch that. + sed -i "s,kernel_install_dir *= *['\"].*,kernel_install_dir = '$kmod/lib/modules/${kernel.modDirVersion}'," kernel/linux/meson.build ''; mesonFlags = [ @@ -59,30 +65,25 @@ in stdenv.mkDerivation rec { ++ lib.optional (!shared) "-Ddefault_library=static" ++ lib.optional stdenv.isx86_64 "-Dmachine=nehalem" ++ lib.optional stdenv.isAarch64 "-Dmachine=generic" - ++ lib.optional mod "-Dkernel_dir=${placeholder "kmod"}/lib/modules/${kernel.modDirVersion}" + ++ lib.optional mod "-Dkernel_dir=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ++ lib.optional (withExamples != []) "-Dexamples=${builtins.concatStringsSep "," withExamples}"; - # dpdk meson script does not support separate kernel source and installion - # dirs (except via destdir), so we temporarily link the former into the latter. - preConfigure = lib.optionalString mod '' - mkdir -p $kmod/lib/modules/${kernel.modDirVersion} - ln -sf ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build \ - $kmod/lib/modules/${kernel.modDirVersion} - ''; - - postBuild = lib.optionalString mod '' - rm -f $kmod/lib/modules/${kernel.modDirVersion}/build - ''; - postInstall = '' # Remove Sphinx cache files. Not only are they not useful, but they also # contain store paths causing spurious dependencies. rm -rf $out/share/doc/dpdk/html/.doctrees + + wrapProgram $out/bin/dpdk-devbind.py \ + --prefix PATH : "${lib.makeBinPath [ pciutils ]}" '' + lib.optionalString (withExamples != []) '' - find examples -type f -executable -exec install {} $out/bin \; + mkdir -p $examples/bin + find examples -type f -executable -exec install {} $examples/bin \; ''; - outputs = [ "out" ] ++ lib.optional mod "kmod"; + outputs = + [ "out" "doc" ] + ++ lib.optional mod "kmod" + ++ lib.optional (withExamples != []) "examples"; meta = with lib; { description = "Set of libraries and drivers for fast packet processing"; diff --git a/pkgs/os-specific/linux/eudev/default.nix b/pkgs/os-specific/linux/eudev/default.nix index b642314737c9c..7807f475e9b17 100644 --- a/pkgs/os-specific/linux/eudev/default.nix +++ b/pkgs/os-specific/linux/eudev/default.nix @@ -1,60 +1,68 @@ -{lib, stdenv, fetchurl, pkg-config, glib, gperf, util-linux, kmod}: -let - s = # Generated upstream information - rec { - baseName="eudev"; - version = "3.2.10"; - name="${baseName}-${version}"; - url="http://dev.gentoo.org/~blueness/eudev/eudev-${version}.tar.gz"; - sha256 = "sha256-h7sCjUcP0bhRaTSbRMVdW3M3M9wtUN3xGW4CZyXq0DQ="; +{ lib +, stdenv +, fetchFromGitHub +, autoreconfHook +, glib +, gperf +, kmod +, pkg-config +, util-linux +}: + +stdenv.mkDerivation rec { + pname = "eudev"; + version = "3.2.11"; + + src = fetchFromGitHub { + owner = "eudev-project"; + repo = pname; + rev = "v${version}"; + hash = "sha256-W5nL4hicQ4fxz5rqoP+hhkE1tVn8lJZjMq4UaiXH6jc="; }; - nativeBuildInputs = [ pkg-config gperf ]; - buildInputs = [ - glib util-linux kmod + nativeBuildInputs = [ + autoreconfHook + gperf + pkg-config ]; -in -stdenv.mkDerivation { - inherit (s) name version; - inherit nativeBuildInputs buildInputs; - src = fetchurl { - inherit (s) url sha256; - }; - patches = [ + + buildInputs = [ + glib + kmod + util-linux ]; configureFlags = [ "--localstatedir=/var" "--sysconfdir=/etc" ]; + makeFlags = [ "hwdb_bin=/var/lib/udev/hwdb.bin" "udevrulesdir=/etc/udev/rules.d" ]; preInstall = '' - # Disable install-exec-hook target as it conflicts with our move-sbin setup-hook + # Disable install-exec-hook target, + # as it conflicts with our move-sbin setup-hook + sed -i 's;$(MAKE) $(AM_MAKEFLAGS) install-exec-hook;$(MAKE) $(AM_MAKEFLAGS);g' src/udev/Makefile ''; - installFlags = - [ + installFlags = [ "localstatedir=$(TMPDIR)/var" "sysconfdir=$(out)/etc" "udevconfdir=$(out)/etc/udev" "udevhwdbbin=$(out)/var/lib/udev/hwdb.bin" "udevhwdbdir=$(out)/var/lib/udev/hwdb.d" "udevrulesdir=$(out)/var/lib/udev/rules.d" - ]; - enableParallelBuilding = true; - meta = { - inherit (s) version; - description = "An udev fork by Gentoo"; - license = lib.licenses.gpl2Plus ; - maintainers = [lib.maintainers.raskin]; - platforms = lib.platforms.linux; - homepage = "https://wiki.gentoo.org/wiki/Project:Eudev"; - downloadPage = "http://dev.gentoo.org/~blueness/eudev/"; - updateWalker = true; + ]; + + meta = with lib; { + homepage = "https://github.com/eudev-project/eudev"; + description = "A fork of udev with the aim of isolating it from init"; + license = licenses.gpl2Plus ; + maintainers = with maintainers; [ raskin AndersonTorres ]; + platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/evdi/default.nix b/pkgs/os-specific/linux/evdi/default.nix index e0d1c46d64ad1..e40448be4353f 100644 --- a/pkgs/os-specific/linux/evdi/default.nix +++ b/pkgs/os-specific/linux/evdi/default.nix @@ -2,15 +2,17 @@ stdenv.mkDerivation rec { pname = "evdi"; - version = "unstable-2021-07-07"; + version = "1.10.0"; src = fetchFromGitHub { owner = "DisplayLink"; repo = pname; - rev = "b0b2c80eb63f9b858b71afa772135f434aea192a"; - sha256 = "sha256-io+CbZovGjEJjwtmARFH23Djt933ONoHMDoea+i6xFo="; + rev = "v${version}"; + sha256 = "sha256-vMcmUWdnO9JmImxz4vO3/UONlsrCGc8VH/o38YwCIzg="; }; + NIX_CFLAGS_COMPILE = "-Wno-error -Wno-error=sign-compare"; + nativeBuildInputs = kernel.moduleBuildDependencies; buildInputs = [ kernel libdrm ]; @@ -33,6 +35,6 @@ stdenv.mkDerivation rec { platforms = platforms.linux; license = with licenses; [ lgpl21Only gpl2Only ]; homepage = "https://www.displaylink.com/"; - broken = kernel.kernelOlder "4.19" || kernel.kernelAtLeast "5.15" || stdenv.isAarch64; + broken = kernel.kernelOlder "4.19" || stdenv.isAarch64; }; } diff --git a/pkgs/os-specific/linux/exfat/default.nix b/pkgs/os-specific/linux/exfat/default.nix index 958bcdb9f16ed..d459d24084427 100644 --- a/pkgs/os-specific/linux/exfat/default.nix +++ b/pkgs/os-specific/linux/exfat/default.nix @@ -1,9 +1,5 @@ { stdenv, lib, fetchFromGitHub, fetchpatch, kernel }: - -# Upstream build for kernel 4.1 is broken, 3.12 and below seems to be working -assert lib.versionAtLeast kernel.version "4.2" || lib.versionOlder kernel.version "4.0"; - stdenv.mkDerivation rec { # linux kernel above 5.7 comes with its own exfat implementation https://github.com/arter97/exfat-linux/issues/27 # Assertion moved here due to some tests unintenionally triggering it, @@ -41,5 +37,6 @@ stdenv.mkDerivation rec { license = lib.licenses.gpl2; maintainers = with lib.maintainers; [ makefu ]; platforms = lib.platforms.linux; + broken = true; }; } diff --git a/pkgs/os-specific/linux/extrace/default.nix b/pkgs/os-specific/linux/extrace/default.nix index 1eac5997bf3bd..e4afe6f850399 100644 --- a/pkgs/os-specific/linux/extrace/default.nix +++ b/pkgs/os-specific/linux/extrace/default.nix @@ -2,16 +2,16 @@ stdenv.mkDerivation rec { pname = "extrace"; - version = "0.8"; + version = "0.9"; src = fetchFromGitHub { owner = "leahneukirchen"; repo = "extrace"; rev = "v${version}"; - sha256 = "sha256-Kg5yzVg9sqlOCzAq/HeFUPZ89Enfkt/r7EunCfOqdA0="; + hash = "sha256-Jy/Ac3NcqBkW0kHyypMAVUGAQ41qWM96BbLAym06ogM="; }; - makeFlags = [ "PREFIX=$(out)" ]; + makeFlags = [ "PREFIX=${placeholder "out"}" ]; postInstall = '' install -dm755 "$out/share/licenses/extrace/" @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://github.com/leahneukirchen/extrace"; description = "Trace exec() calls system-wide"; - license = with licenses; [ gpl2 bsd2 ]; + license = with licenses; [ gpl2Plus bsd2 ]; platforms = platforms.linux; maintainers = [ maintainers.leahneukirchen ]; }; diff --git a/pkgs/os-specific/linux/fbterm/default.nix b/pkgs/os-specific/linux/fbterm/default.nix index ecf1b5e2b3142..cbea00ae184dd 100644 --- a/pkgs/os-specific/linux/fbterm/default.nix +++ b/pkgs/os-specific/linux/fbterm/default.nix @@ -1,24 +1,17 @@ { stdenv, lib, fetchurl, gpm, freetype, fontconfig, pkg-config, ncurses, libx86 }: -let - s = # Generated upstream information - { - version = "1.7.0"; - pname = "fbterm"; - hash = "0pciv5by989vzvjxsv1jsv4bdp4m8j0nfbl29jm5fwi12w4603vj"; - url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/fbterm/fbterm-1.7.0.tar.gz"; - sha256 = "0pciv5by989vzvjxsv1jsv4bdp4m8j0nfbl29jm5fwi12w4603vj"; - }; - buildInputs = [ gpm freetype fontconfig ncurses ] - ++ lib.optional stdenv.hostPlatform.isx86 libx86; -in -stdenv.mkDerivation { - inherit (s) pname version; + +stdenv.mkDerivation rec { + version = "1.7.0"; + pname = "fbterm"; + src = fetchurl { - inherit (s) url sha256; + url = "https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/fbterm/fbterm-${version}.tar.gz"; + sha256 = "0pciv5by989vzvjxsv1jsv4bdp4m8j0nfbl29jm5fwi12w4603vj"; }; nativeBuildInputs = [ pkg-config ncurses ]; - inherit buildInputs; + buildInputs = [ gpm freetype fontconfig ncurses ] + ++ lib.optional stdenv.hostPlatform.isx86 libx86; preConfigure = '' sed -e '/ifdef SYS_signalfd/atypedef long long loff_t;' -i src/fbterm.cpp @@ -51,10 +44,9 @@ stdenv.mkDerivation { ]; meta = with lib; { - inherit (s) version; description = "Framebuffer terminal emulator"; homepage = "https://code.google.com/archive/p/fbterm/"; - maintainers = [ maintainers.raskin ]; + maintainers = with maintainers; [ raskin ]; license = licenses.gpl2; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/ffado/default.nix b/pkgs/os-specific/linux/ffado/default.nix index e23591168f6ee..8f58f1c2d0456 100644 --- a/pkgs/os-specific/linux/ffado/default.nix +++ b/pkgs/os-specific/linux/ffado/default.nix @@ -13,7 +13,7 @@ , libxmlxx3 , pkg-config , python3 -, sconsPackages +, scons , which , wrapQtAppsHook }: @@ -45,7 +45,7 @@ mkDerivation rec { nativeBuildInputs = [ desktop-file-utils - sconsPackages.scons_3_1_2 + scons pkg-config which python diff --git a/pkgs/os-specific/linux/firejail/default.nix b/pkgs/os-specific/linux/firejail/default.nix index 47fce3df53326..c3dc819b5bcff 100644 --- a/pkgs/os-specific/linux/firejail/default.nix +++ b/pkgs/os-specific/linux/firejail/default.nix @@ -1,17 +1,37 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch, which, xdg-dbus-proxy, nixosTests }: +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, pkg-config +, libapparmor +, which +, xdg-dbus-proxy +, nixosTests +}: stdenv.mkDerivation rec { pname = "firejail"; - version = "0.9.66"; + version = "0.9.68"; src = fetchFromGitHub { owner = "netblue30"; repo = "firejail"; rev = version; - sha256 = "sha256-oKstTiGt0r4wePaZ9u1o78GZ1XWJ27aS0BdLxmfYk9Q="; + sha256 = "18yy1mykx7h78yj7sz729i3dlsrgi25m17m5x9gbrvsx7f87rw7j"; }; - buildInputs = [ which ]; + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + libapparmor + which + ]; + + configureFlags = [ + "--enable-apparmor" + ]; patches = [ # Adds the /nix directory when using an overlay. @@ -20,17 +40,9 @@ stdenv.mkDerivation rec { # By default fbuilder hardcodes the firejail binary to the install path. # On NixOS the firejail binary is a setuid wrapper available in $PATH. ./fbuilder-call-firejail-on-path.patch - # Disable symlink check on /etc/hosts, see - # https://github.com/netblue30/firejail/issues/2758#issuecomment-805174951 - ./remove-link-check.patch ]; prePatch = '' - # Allow whitelisting ~/.nix-profile - substituteInPlace etc/firejail.config --replace \ - '# follow-symlink-as-user yes' \ - 'follow-symlink-as-user no' - # Fix the path to 'xdg-dbus-proxy' hardcoded in the 'common.h' file substituteInPlace src/include/common.h \ --replace '/usr/bin/xdg-dbus-proxy' '${xdg-dbus-proxy}/bin/xdg-dbus-proxy' @@ -62,7 +74,7 @@ stdenv.mkDerivation rec { # See https://github.com/netblue30/firejail/blob/e4cb6b42743ad18bd11d07fd32b51e8576239318/src/firejail/profile.c#L68-L83 # for the profile file lookup implementation. postInstall = '' - for local in $(grep -Eh '^include.*local$' $out/etc/firejail/*.profile | awk '{print $2}' | sort | uniq) + for local in $(grep -Eh '^include.*local$' $out/etc/firejail/*{.inc,.profile} | awk '{print $2}' | sort | uniq) do echo "include /etc/firejail/$local" >$out/etc/firejail/$local done diff --git a/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch b/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch index 6016891655b12..548bb80e7bf71 100644 --- a/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch +++ b/pkgs/os-specific/linux/firejail/fbuilder-call-firejail-on-path.patch @@ -1,11 +1,11 @@ --- a/src/fbuilder/build_profile.c +++ b/src/fbuilder/build_profile.c -@@ -67,7 +67,7 @@ - errExit("asprintf"); - - char *cmdlist[] = { -- BINDIR "/firejail", -+ "firejail", - "--quiet", - "--noprofile", - "--caps.drop=all", +@@ -48,7 +48,7 @@ + // build command + char *cmd[len]; + unsigned curr_len = 0; +- cmd[curr_len++] = BINDIR "/firejail"; ++ cmd[curr_len++] = "firejail"; + cmd[curr_len++] = "--quiet"; + cmd[curr_len++] = "--noprofile"; + cmd[curr_len++] = "--caps.drop=all"; diff --git a/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch b/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch index 685314f907588..6493eb4fdf265 100644 --- a/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch +++ b/pkgs/os-specific/linux/firejail/mount-nix-dir-on-overlay.patch @@ -1,6 +1,6 @@ ---- a/src/firejail/fs.c -+++ b/src/firejail/fs.c -@@ -1143,6 +1143,16 @@ +--- a/src/firejail/fs_overlayfs.c ++++ b/src/firejail/fs_overlayfs.c +@@ -327,6 +327,16 @@ errExit("mounting /dev"); fs_logger("whitelist /dev"); @@ -17,7 +17,7 @@ // mount-bind run directory if (arg_debug) printf("Mounting /run\n"); -@@ -1201,6 +1211,7 @@ +@@ -384,6 +394,7 @@ free(odiff); free(owork); free(dev); diff --git a/pkgs/os-specific/linux/firejail/remove-link-check.patch b/pkgs/os-specific/linux/firejail/remove-link-check.patch deleted file mode 100644 index 477df57a24118..0000000000000 --- a/pkgs/os-specific/linux/firejail/remove-link-check.patch +++ /dev/null @@ -1,48 +0,0 @@ -From ccc726f8ec877d8cda720daa2498e43629b6dd48 Mon Sep 17 00:00:00 2001 -From: Jonas Heinrich <onny@project-insanity.org> -Date: Sun, 19 Sep 2021 11:48:06 +0200 -Subject: [PATCH 1/2] remove hosts file link check - ---- - src/firejail/fs_hostname.c | 4 ---- - 1 file changed, 4 deletions(-) - -diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c -index 42255070c4..97ce70f9c1 100644 ---- a/src/firejail/fs_hostname.c -+++ b/src/firejail/fs_hostname.c -@@ -132,10 +132,6 @@ char *fs_check_hosts_file(const char *fname) { - invalid_filename(fname); - char *rv = expand_home(fname, cfg.homedir); - -- // no a link -- if (is_link(rv)) -- goto errexit; -- - // the user has read access to the file - if (access(rv, R_OK)) - goto errexit; - -From c2c51e7ca56075e7388b4f50922b148615d1b125 Mon Sep 17 00:00:00 2001 -From: Jonas Heinrich <onny@project-insanity.org> -Date: Sun, 19 Sep 2021 11:49:08 +0200 -Subject: [PATCH 2/2] remove hosts file link check - ---- - src/firejail/fs_hostname.c | 3 --- - 1 file changed, 3 deletions(-) - -diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c -index 97ce70f9c1..b228707131 100644 ---- a/src/firejail/fs_hostname.c -+++ b/src/firejail/fs_hostname.c -@@ -154,9 +154,6 @@ void fs_mount_hosts_file(void) { - struct stat s; - if (stat("/etc/hosts", &s) == -1) - goto errexit; -- // not a link -- if (is_link("/etc/hosts")) -- goto errexit; - // owned by root - if (s.st_uid != 0) - goto errexit; diff --git a/pkgs/os-specific/linux/firmware/firmware-updater/default.nix b/pkgs/os-specific/linux/firmware/firmware-updater/default.nix new file mode 100644 index 0000000000000..69cd829049cac --- /dev/null +++ b/pkgs/os-specific/linux/firmware/firmware-updater/default.nix @@ -0,0 +1,27 @@ +{ lib +, flutter +, fetchFromGitHub +}: + +flutter.mkFlutterApp { + pname = "firmware-updater"; + version = "unstable"; + + vendorHash = "sha256-QgeRCFbd3AcFekJunFTwu2nDOQpAOMJUxZhgY4stJJc="; + + src = fetchFromGitHub { + owner = "canonical"; + repo = "firmware-updater"; + rev = "a51817a2551e29895352618a91df9cf93d944af1"; + sha256 = "6uhks6a9JcyIC5o0VssqfBlE4pqKiQ7d3KOb6feNTvU="; + fetchSubmodules = true; + }; + + meta = with lib; { + description = "Firmware Updater for Linux"; + homepage = "https://github.com/canonical/firmware-updater"; + license = licenses.free; + maintainers = with maintainers; [ mkg20001 ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/firmware/fwupd-efi/default.nix b/pkgs/os-specific/linux/firmware/fwupd-efi/default.nix index 0e74b32b3b6b2..bd9f0d2474e4f 100644 --- a/pkgs/os-specific/linux/firmware/fwupd-efi/default.nix +++ b/pkgs/os-specific/linux/firmware/fwupd-efi/default.nix @@ -12,11 +12,11 @@ stdenv.mkDerivation rec { pname = "fwupd-efi"; - version = "1.1"; + version = "1.2"; src = fetchurl { url = "https://people.freedesktop.org/~hughsient/releases/${pname}-${version}.tar.xz"; - sha256 = "1w879qxlnsaz5xyp168a08f2p8yrgfpkfycls28jw8qxmz6g20aw"; + sha256 = "sha256-aRx38RwhAQSNjauvY8bQ/iLPrQ5dQyIEHJurzrr86z8="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/firmware/fwupd/default.nix b/pkgs/os-specific/linux/firmware/fwupd/default.nix index 71f6da0d13b1b..077c37a72cb3c 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -214,7 +214,7 @@ let "-Dc_link_args=-Wl,-rpath,${placeholder "out"}/lib" ] ++ lib.optionals (!haveDell) [ "-Dplugin_dell=false" - "-Dplugin_synaptics=false" + "-Dplugin_synaptics_mst=false" ] ++ lib.optionals (!haveRedfish) [ "-Dplugin_redfish=false" ] ++ lib.optionals haveFlashrom [ diff --git a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix b/pkgs/os-specific/linux/firmware/linux-firmware/default.nix index ebe9b733e3d0a..4aff785b855e6 100644 --- a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix +++ b/pkgs/os-specific/linux/firmware/linux-firmware/default.nix @@ -1,13 +1,13 @@ { stdenvNoCC, fetchgit, lib }: stdenvNoCC.mkDerivation rec { - pname = "firmware-linux-nonfree"; - version = "20211216"; + pname = "linux-firmware"; + version = "20220209"; src = fetchgit { url = "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git"; rev = "refs/tags/${version}"; - sha256 = "sha256-Q5TPtSbETDDRVKFfwQOp+GGsTGpTpGU5PQ5QkJCtWcM="; + sha256 = "sha256-QWGnaGQrDUQeYUIBq0/63YdHZgyaF4s9fdyLA9bb6qs="; }; installFlags = [ "DESTDIR=$(out)" ]; @@ -17,7 +17,7 @@ stdenvNoCC.mkDerivation rec { outputHashMode = "recursive"; outputHashAlgo = "sha256"; - outputHash = "sha256-nyhxyDVO7tWkCD7fMjwiFNuMSh5e/z5w71CIZw3SJH8="; + outputHash = "sha256-ahXZK13wrcZW/8ZCgUTHU6N4QKsL3NV98eRbYGBp3jw="; meta = with lib; { description = "Binary firmware collection packaged by kernel.org"; diff --git a/pkgs/os-specific/linux/firmware/rtl8723bs-firmware/default.nix b/pkgs/os-specific/linux/firmware/rtl8723bs-firmware/default.nix index c587994ccecb0..f3ea80348b3ba 100644 --- a/pkgs/os-specific/linux/firmware/rtl8723bs-firmware/default.nix +++ b/pkgs/os-specific/linux/firmware/rtl8723bs-firmware/default.nix @@ -1,7 +1,8 @@ { lib, stdenv, linuxPackages }: with lib; stdenv.mkDerivation { - name = "rtl8723bs-firmware-${linuxPackages.rtl8723bs.version}"; + pname = "rtl8723bs-firmware"; + version = linuxPackages.rtl8723bs.version; inherit (linuxPackages.rtl8723bs) src; dontBuild = true; diff --git a/pkgs/os-specific/linux/firmware/rtl8761b-firmware/default.nix b/pkgs/os-specific/linux/firmware/rtl8761b-firmware/default.nix index f2dd36a0e065a..925521696da9c 100644 --- a/pkgs/os-specific/linux/firmware/rtl8761b-firmware/default.nix +++ b/pkgs/os-specific/linux/firmware/rtl8761b-firmware/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation { meta = with lib; { description = "Firmware for Realtek RTL8761b"; license = licenses.unfreeRedistributableFirmware; - maintainers = with maintainers; [ edibopp ]; + maintainers = with maintainers; [ milibopp ]; platforms = with platforms; linux; }; } diff --git a/pkgs/os-specific/linux/firmware/system76-firmware/default.nix b/pkgs/os-specific/linux/firmware/system76-firmware/default.nix index 73b9cf08b8087..5ec2bd70fdb65 100644 --- a/pkgs/os-specific/linux/firmware/system76-firmware/default.nix +++ b/pkgs/os-specific/linux/firmware/system76-firmware/default.nix @@ -2,13 +2,13 @@ rustPlatform.buildRustPackage rec { pname = "system76-firmware"; # Check Makefile when updating, make sure postInstall matches make install - version = "1.0.31"; + version = "1.0.32"; src = fetchFromGitHub { owner = "pop-os"; repo = pname; rev = version; - sha256 = "sha256-agtaQ5Te4WcbIdCt8TDK4Y2y/9aHrDCUWuPRE5+aFjc="; + sha256 = "sha256-EV7byqfoz0sAIkf/hgZh+m7D2+54DEnE4td4CTX6c4s="; }; nativeBuildInputs = [ pkg-config makeWrapper ]; @@ -17,7 +17,7 @@ rustPlatform.buildRustPackage rec { cargoBuildFlags = [ "--workspace" ]; - cargoSha256 = "sha256-QFHyrvLR1v09RNlXiO/E+blvxPukKwPRRX+vQvlZSNQ="; + cargoSha256 = "sha256-/bf5JQgyFN8TH7o2TWHX5sv/NkxBLJ495iVW8c9Vqis="; # Purposefully don't install systemd unit file, that's for NixOS postInstall = '' diff --git a/pkgs/os-specific/linux/fnotifystat/default.nix b/pkgs/os-specific/linux/fnotifystat/default.nix index baa92decd9fc7..e600e163ad73f 100644 --- a/pkgs/os-specific/linux/fnotifystat/default.nix +++ b/pkgs/os-specific/linux/fnotifystat/default.nix @@ -1,22 +1,26 @@ -{ stdenv, lib, fetchurl }: +{ stdenv, lib, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "fnotifystat"; version = "0.02.07"; - src = fetchurl { - url = "https://kernel.ubuntu.com/~cking/tarballs/fnotifystat/fnotifystat-${version}.tar.gz"; - sha256 = "0ipfg2gymbgx7bqlx1sq5p2y89k5j18iqnb0wa27n5s3kh9sh8w0"; + src = fetchFromGitHub { + owner = "ColinIanKing"; + repo = pname; + rev = "V${version}"; + sha256 = "sha256-5oYM1t+vmWywYRbgXI2RGQlOuNJluj2gwCMf3pTpDC0="; }; - installFlags = [ "DESTDIR=$(out)" ]; - postInstall = '' - mv $out/usr/* $out - rm -r $out/usr - ''; + + installFlags = [ + "BINDIR=${placeholder "out"}/bin" + "MANDIR=${placeholder "out"}/share/man/man8" + "BASHDIR=${placeholder "out"}/share/bash-completion/completions" + ]; + meta = with lib; { description = "File activity monitoring tool"; - homepage = "https://kernel.ubuntu.com/~cking/fnotifystat/"; - license = licenses.gpl2; + homepage = "https://github.com/ColinIanKing/fnotifystat"; + license = licenses.gpl2Plus; platforms = platforms.linux; - maintainers = with maintainers; [ womfoo ]; + maintainers = with maintainers; [ womfoo dtzWill ]; }; } diff --git a/pkgs/os-specific/linux/gogoclient/config-paths.patch b/pkgs/os-specific/linux/gogoclient/config-paths.patch deleted file mode 100644 index 88358038bc7e7..0000000000000 --- a/pkgs/os-specific/linux/gogoclient/config-paths.patch +++ /dev/null @@ -1,39 +0,0 @@ -diff -urN gogoc-1_2-RELEASE/gogoc-tsp/conf/gogoc.conf.in gogoc-1_2-RELEASE-fix/gogoc-tsp/conf/gogoc.conf.in ---- gogoc-1_2-RELEASE/gogoc-tsp/conf/gogoc.conf.in 2009-11-20 17:53:12.000000000 +0100 -+++ gogoc-1_2-RELEASE-fix/gogoc-tsp/conf/gogoc.conf.in 2012-02-25 15:16:12.758849219 +0100 -@@ -224,7 +224,7 @@ - # - # broker_list=<file_name> - # --broker_list=tsp-broker-list.txt -+broker_list=/var/lib/gogoc/tsp-broker-list.txt - - # - # Last Server Used File Name: -@@ -234,7 +234,7 @@ - # - # last_server=<file_name> - # --last_server=tsp-last-server.txt -+last_server=/var/lib/gogoc/tsp-last-server.txt - - # - # Always Use Last Known Working Server: -@@ -294,7 +294,7 @@ - # - # log_filename=<file_name> - # --log_filename=gogoc.log -+log_filename=/var/log/gogoc.log - - # - # Log File Rotation: -@@ -313,7 +313,7 @@ - # - # log_rotation=<yes|no> - # --log_rotation=yes -+log_rotation=no - - # - # Log File Rotation Size: diff --git a/pkgs/os-specific/linux/gogoclient/default.nix b/pkgs/os-specific/linux/gogoclient/default.nix deleted file mode 100644 index 75c0f1c3d1bc1..0000000000000 --- a/pkgs/os-specific/linux/gogoclient/default.nix +++ /dev/null @@ -1,41 +0,0 @@ -{lib, stdenv, fetchurl, openssl, nettools, iproute2, sysctl}: - -stdenv.mkDerivation rec { - pname = "gogoclient"; - version = "1.2"; - - src = fetchurl { - #url = "http://gogo6.com/downloads/gogoc-1_2-RELEASE.tar.gz"; - url = "https://src.fedoraproject.org/repo/pkgs/gogoc/gogoc-1_2-RELEASE.tar.gz/41177ed683cf511cc206c7782c37baa9/gogoc-1_2-RELEASE.tar.gz"; - sha256 = "a0ef45c0bd1fc9964dc8ac059b7d78c12674bf67ef641740554e166fa99a2f49"; - }; - patches = [./gcc46-include-fix.patch ./config-paths.patch ]; - makeFlags = ["target=linux"]; - installFlags = ["installdir=$(out)"]; - - hardeningDisable = [ "format" ]; - - buildInputs = [openssl]; - - preFixup = '' - mkdir -p $out/share/gogoclient-${version} - chmod 444 $out/bin/gogoc.conf - mv $out/bin/gogoc.conf $out/share/gogoclient-${version}/gogoc.conf.sample - rm $out/bin/gogoc.conf.sample - - substituteInPlace "$out/template/linux.sh" \ - --replace "/sbin/ifconfig" "${nettools}/bin/ifconfig" \ - --replace "/sbin/route" "${nettools}/bin/route" \ - --replace "/sbin/ip" "${iproute2}/sbin/ip" \ - --replace "/sbin/sysctl" "${sysctl}/bin/sysctl" - sed -i -e 's/^.*Exec \$route -A.*$/& metric 128/' $out/template/linux.sh - ''; - - meta = with lib; { - homepage = "https://ipv6.ernet.in/Tunnel_broker"; - description = "Client to connect to the Freenet6 IPv6 tunnel broker service"; - maintainers = [ maintainers.bluescreen303 ]; - license = licenses.bsd3; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/gogoclient/gcc46-include-fix.patch b/pkgs/os-specific/linux/gogoclient/gcc46-include-fix.patch deleted file mode 100644 index 22ecad187d62c..0000000000000 --- a/pkgs/os-specific/linux/gogoclient/gcc46-include-fix.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -urN gogoc-1_2-RELEASE/gogoc-messaging/src/clientmsgsender.cc gogoc-1_2-RELEASE-fix/gogoc-messaging/src/clientmsgsender.cc ---- gogoc-1_2-RELEASE/gogoc-messaging/src/clientmsgsender.cc 2009-11-20 17:34:55.000000000 +0100 -+++ gogoc-1_2-RELEASE-fix/gogoc-messaging/src/clientmsgsender.cc 2012-02-25 15:06:20.764698284 +0100 -@@ -15,6 +15,7 @@ - // ************************************************************************** - #include <gogocmessaging/clientmsgsender.h> - #include <assert.h> -+#include <stddef.h> - - - namespace gogocmessaging -diff -urN gogoc-1_2-RELEASE/gogoc-messaging/src/servermsgsender.cc gogoc-1_2-RELEASE-fix/gogoc-messaging/src/servermsgsender.cc ---- gogoc-1_2-RELEASE/gogoc-messaging/src/servermsgsender.cc 2009-11-20 17:34:56.000000000 +0100 -+++ gogoc-1_2-RELEASE-fix/gogoc-messaging/src/servermsgsender.cc 2012-02-25 15:06:36.722740288 +0100 -@@ -15,6 +15,7 @@ - // ************************************************************************** - #include <gogocmessaging/servermsgsender.h> - #include <assert.h> -+#include <stddef.h> - - - namespace gogocmessaging diff --git a/pkgs/os-specific/linux/greetd/default.nix b/pkgs/os-specific/linux/greetd/default.nix index cfde703cd6744..744b43f6f8aa4 100644 --- a/pkgs/os-specific/linux/greetd/default.nix +++ b/pkgs/os-specific/linux/greetd/default.nix @@ -43,7 +43,7 @@ rustPlatform.buildRustPackage rec { that makes no assumptions about what you want to launch. Comes with agreety, a simple, text-based greeter. ''; - homepage = "https://kl.wtf/projects/greetd/"; + homepage = "https://sr.ht/~kennylevinsen/greetd/"; license = licenses.gpl3Plus; maintainers = with maintainers; [ luc65r ]; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/gt/default.nix b/pkgs/os-specific/linux/gt/default.nix new file mode 100644 index 0000000000000..a7e4c0750463f --- /dev/null +++ b/pkgs/os-specific/linux/gt/default.nix @@ -0,0 +1,29 @@ +{ stdenv, lib, fetchFromGitHub, cmake, bash-completion, pkg-config, libconfig +, asciidoc +, libusbgx +}: +stdenv.mkDerivation { + pname = "gt"; + version = "unstable-2021-09-30"; + + src = fetchFromGitHub { + owner = "linux-usb-gadgets"; + repo = "gt"; + rev = "7247547a14b2d092dc03fd83218ae65c2f7ff7d6"; + sha256 = "1has9q2sghd5vyi25l3h2hd4d315vvpld076iwwsg01fx4d9vjmg"; + }; + sourceRoot = "source"; + + preConfigure = '' + cmakeFlagsArray+=("-DBASH_COMPLETION_COMPLETIONSDIR=$out/share/bash-completions/completions") + ''; + nativeBuildInputs = [ cmake pkg-config asciidoc ]; + buildInputs = [ bash-completion libconfig libusbgx]; + + meta = { + description = "Linux command line tool for setting up USB gadgets using configfs"; + license = with lib.licenses; [ asl20 ]; + maintainers = with lib.maintainers; [ lheckemann ]; + platforms = lib.platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/hdapsd/default.nix b/pkgs/os-specific/linux/hdapsd/default.nix index 39f69ef01441a..959fa9ac6e8a4 100644 --- a/pkgs/os-specific/linux/hdapsd/default.nix +++ b/pkgs/os-specific/linux/hdapsd/default.nix @@ -1,8 +1,8 @@ { lib, stdenv, fetchurl }: -let version = "20141203"; in -stdenv.mkDerivation { - name = "hdapsd-"+version; +stdenv.mkDerivation rec { + pname = "hdapsd"; + version = "20141203"; src = fetchurl { url = "https://github.com/evgeni/hdapsd/releases/download/${version}/hdapsd-${version}.tar.gz"; diff --git a/pkgs/os-specific/linux/hdparm/default.nix b/pkgs/os-specific/linux/hdparm/default.nix index 300bb499f855a..2b112a9590b00 100644 --- a/pkgs/os-specific/linux/hdparm/default.nix +++ b/pkgs/os-specific/linux/hdparm/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "hdparm"; - version = "9.62"; + version = "9.63"; src = fetchurl { url = "mirror://sourceforge/hdparm/hdparm-${version}.tar.gz"; - sha256 = "sha256-LA+ddc2+2pKKJaEozT0LcSBEXsCRDAsp1MEDjtG+d38="; + sha256 = "sha256-cHhd6uu6WHeonBI1aLQd7pkNpV/FFCDxP2CaEHKJlpE="; }; preBuild = '' diff --git a/pkgs/os-specific/linux/hostapd/default.nix b/pkgs/os-specific/linux/hostapd/default.nix index 268e178aad08d..8124da489aee2 100644 --- a/pkgs/os-specific/linux/hostapd/default.nix +++ b/pkgs/os-specific/linux/hostapd/default.nix @@ -1,12 +1,12 @@ -{ lib, stdenv, fetchurl, fetchpatch, pkg-config, libnl, openssl, sqlite ? null }: +{ lib, stdenv, fetchurl, pkg-config, libnl, openssl, sqlite ? null }: stdenv.mkDerivation rec { pname = "hostapd"; - version = "2.9"; + version = "2.10"; src = fetchurl { url = "https://w1.fi/releases/${pname}-${version}.tar.gz"; - sha256 = "1mrbvg4v7vm7mknf0n29mf88k3s4a4qj6r4d51wq8hmjj1m7s7c8"; + sha256 = "sha256-IG58eZtnhXLC49EgMCOHhLxKn4IyOwFWtMlGbxSYkV0="; }; nativeBuildInputs = [ pkg-config ]; @@ -16,38 +16,8 @@ stdenv.mkDerivation rec { (fetchurl { # Note: fetchurl seems to be unhappy with openwrt git # server's URLs containing semicolons. Using the github mirror instead. - url = "https://raw.githubusercontent.com/openwrt/openwrt/master/package/network/services/hostapd/patches/300-noscan.patch"; - sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k"; - }) - # AP mode PMF disconnection protection bypass (CVE.2019-16275), can be removed >= 2.10 - # https://w1.fi/security/2019-7/ - (fetchurl { - name = "CVE-2019-16275.patch"; - url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch"; - sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz"; - }) - # Fixes for UPnP SUBSCRIBE misbehavior in hostapd WPS AP (CVE-2020-12695), can be removed >= 2.10 - # https://w1.fi/security/2020-1/ - (fetchurl { - name = "CVE-2020-12695_0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch"; - url = "https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch"; - sha256 = "1mrbhicqb34jlw1nid5hk2vnjbvfhvp7r5iblaj4l6vgc6fmp6id"; - }) - (fetchurl { - name = "CVE-2020-12695_0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch"; - url = "https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch"; - sha256 = "1pk08b06b24is50bis3rr56xjd3b5kxdcdk8bx39n9vna9db7zj9"; - }) - (fetchurl { - name = "CVE-2020-12695_0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"; - url = "https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"; - sha256 = "12npqp2skgrj934wwkqicgqksma0fxz09di29n1b5fm5i4njl8d8"; - }) - # In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. - (fetchpatch { - name = "CVE-2021-30004.patch"; - url = "https://w1.fi/cgit/hostap/patch/?id=a0541334a6394f8237a4393b7372693cd7e96f15"; - sha256 = "1gbhlz41x1ar1hppnb76pqxj6vimiypy7c4kq6h658637s4am3xg"; + url = "https://raw.githubusercontent.com/openwrt/openwrt/eefed841b05c3cd4c65a78b50ce0934d879e6acf/package/network/services/hostapd/patches/300-noscan.patch"; + sha256 = "08p5frxhpq1rp2nczkscapwwl8g9nc4fazhjpxic5bcbssc3sb00"; }) ]; diff --git a/pkgs/os-specific/linux/ima-evm-utils/default.nix b/pkgs/os-specific/linux/ima-evm-utils/default.nix index 14ddc21bb6b33..afd46f0d9e8f7 100644 --- a/pkgs/os-specific/linux/ima-evm-utils/default.nix +++ b/pkgs/os-specific/linux/ima-evm-utils/default.nix @@ -2,20 +2,18 @@ stdenv.mkDerivation rec { pname = "ima-evm-utils"; - version = "1.1"; + version = "1.4"; src = fetchgit { url = "git://git.code.sf.net/p/linux-ima/ima-evm-utils"; rev = "v${version}"; - sha256 = "1dhfw6d9z4dv82q9zg2g025hgr179kamz9chy7v5w9b71aam8jf8"; + sha256 = "1zmyv82232lzqk52m0s7fap9zb9hb1x6nsi5gznk0cbsnq2m67pc"; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; buildInputs = [ openssl attr keyutils asciidoc libxslt ]; - patches = [ ./xattr.patch ]; - - buildPhase = "make prefix=$out MANPAGE_DOCBOOK_XSL=${docbook_xsl}/xml/xsl/docbook/manpages/docbook.xsl"; + MANPAGE_DOCBOOK_XSL = "${docbook_xsl}/xml/xsl/docbook/manpages/docbook.xsl"; meta = { description = "evmctl utility to manage digital signatures of the Linux kernel integrity subsystem (IMA/EVM)"; diff --git a/pkgs/os-specific/linux/ima-evm-utils/xattr.patch b/pkgs/os-specific/linux/ima-evm-utils/xattr.patch deleted file mode 100644 index 2d27570a57868..0000000000000 --- a/pkgs/os-specific/linux/ima-evm-utils/xattr.patch +++ /dev/null @@ -1,73 +0,0 @@ -commit 6aea54d2ad2287b3e8894c262ee895f3d4a60516 -Author: André Draszik <git@andred.net> -Date: Mon Oct 17 12:45:32 2016 +0100 - - evmctl: use correct include for xattr.h - - The xattr API/ABI is provided by both the c-library, as well as by the - libattr package. The c-library's header file is sys/xattr.h, whereas - libattr's header file can be found in attr/xattr.h. - - Given none of the code here *links* against the libattr.so shared library, it - is wrong to *compile* against libattr's API (header file). - - Doing so avoids confusion as to which xattr.h is used as the least problem, - and potential ABI differences as the worst problem due the mismatching header - file used. - - So make sure we compile and link against the same thing, the c-library in - both cases. - - Signed-off-by: André Draszik <git@andred.net> - Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> - -diff --git a/configure.ac b/configure.ac -index 0497eb7..a5b4288 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -30,7 +30,7 @@ AC_SUBST(OPENSSL_LIBS) - AC_CHECK_HEADER(unistd.h) - AC_CHECK_HEADERS(openssl/conf.h) - --AC_CHECK_HEADERS(attr/xattr.h, , [AC_MSG_ERROR([attr/xattr.h header not found. You need the libattr development package.])]) -+AC_CHECK_HEADERS(sys/xattr.h, , [AC_MSG_ERROR([sys/xattr.h header not found. You need the c-library development package.])]) - AC_CHECK_HEADERS(keyutils.h, , [AC_MSG_ERROR([keyutils.h header not found. You need the libkeyutils development package.])]) - - #debug support - yes for a while -diff --git a/packaging/ima-evm-utils.spec b/packaging/ima-evm-utils.spec -index a11a27a..63388d2 100644 ---- a/packaging/ima-evm-utils.spec -+++ b/packaging/ima-evm-utils.spec -@@ -11,7 +11,6 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root - BuildRequires: autoconf - BuildRequires: automake - BuildRequires: openssl-devel --BuildRequires: libattr-devel - BuildRequires: keyutils-libs-devel - - %description -diff --git a/packaging/ima-evm-utils.spec.in b/packaging/ima-evm-utils.spec.in -index 7ca6c6f..65c32f9 100644 ---- a/packaging/ima-evm-utils.spec.in -+++ b/packaging/ima-evm-utils.spec.in -@@ -11,7 +11,6 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root - BuildRequires: autoconf - BuildRequires: automake - BuildRequires: openssl-devel --BuildRequires: libattr-devel - BuildRequires: keyutils-libs-devel - - %description -diff --git a/src/evmctl.c b/src/evmctl.c -index 2ffee78..3fbcd33 100644 ---- a/src/evmctl.c -+++ b/src/evmctl.c -@@ -49,7 +49,7 @@ - #include <stdint.h> - #include <string.h> - #include <dirent.h> --#include <attr/xattr.h> -+#include <sys/xattr.h> - #include <linux/xattr.h> - #include <getopt.h> - #include <keyutils.h> diff --git a/pkgs/os-specific/linux/iotop-c/default.nix b/pkgs/os-specific/linux/iotop-c/default.nix index 680bc53bd91bd..4ed45a99ce258 100644 --- a/pkgs/os-specific/linux/iotop-c/default.nix +++ b/pkgs/os-specific/linux/iotop-c/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "iotop-c"; - version = "1.20"; + version = "1.21"; src = fetchFromGitHub { owner = "Tomas-M"; repo = "iotop"; rev = "v${version}"; - sha256 = "sha256-6Pg2CLWzsD6EPRKD2xMMgKFkpbSheiMMkd0BvHh9onA="; + sha256 = "sha256-Zzm0EV6baQvKPOC762mnieYe1JM7ZfNovKqFQt20jQ8="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch b/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch deleted file mode 100644 index 00c23c6cac14c..0000000000000 --- a/pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: pkg-ipsec-tools/src/racoon/gssapi.c -=================================================================== ---- pkg-ipsec-tools.orig/src/racoon/gssapi.c -+++ pkg-ipsec-tools/src/racoon/gssapi.c -@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1) - gss_name_t princ, canon_princ; - OM_uint32 maj_stat, min_stat; - -+ if (iph1->rmconf == NULL) { -+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n"); -+ return -1; -+ } -+ - gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state)); - if (gps == NULL) { - plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n"); diff --git a/pkgs/os-specific/linux/ipsec-tools/CVE-2016-10396.patch b/pkgs/os-specific/linux/ipsec-tools/CVE-2016-10396.patch deleted file mode 100644 index b644d46f8c9d3..0000000000000 --- a/pkgs/os-specific/linux/ipsec-tools/CVE-2016-10396.patch +++ /dev/null @@ -1,193 +0,0 @@ -From: Antoine_Beaupre <anarcat@orangeseeds.org> -Acked-by: Jiri Bohac <jbohac@suse.cz> -Subject: PR/51682: Avoid DoS with fragment out of order insertion; keep fragments sorted in the list. -References: bsc#1047443, CVE-2016-10396 - - - -Index: a/src/racoon/handler.h -=================================================================== ---- a/src/racoon/handler.h.orig 2018-01-26 18:05:21.114764376 +0100 -+++ a/src/racoon/handler.h 2018-01-26 18:05:33.986741103 +0100 -@@ -141,6 +141,7 @@ struct ph1handle { - #endif - #ifdef ENABLE_FRAG - int frag; /* IKE phase 1 fragmentation */ -+ int frag_last_index; - struct isakmp_frag_item *frag_chain; /* Received fragments */ - #endif - -Index: a/src/racoon/isakmp.c -=================================================================== ---- a/src/racoon/isakmp.c.orig 2018-01-26 18:05:21.118764369 +0100 -+++ a/src/racoon/isakmp.c 2018-01-26 18:05:33.986741103 +0100 -@@ -1069,6 +1069,7 @@ isakmp_ph1begin_i(rmconf, remote, local) - iph1->frag = 1; - else - iph1->frag = 0; -+ iph1->frag_last_index = 0; - iph1->frag_chain = NULL; - #endif - iph1->approval = NULL; -@@ -1173,6 +1174,7 @@ isakmp_ph1begin_r(msg, remote, local, et - #endif - #ifdef ENABLE_FRAG - iph1->frag = 0; -+ iph1->frag_last_index = 0; - iph1->frag_chain = NULL; - #endif - iph1->approval = NULL; -Index: a/src/racoon/isakmp_frag.c -=================================================================== ---- a/src/racoon/isakmp_frag.c.orig 2018-01-26 18:05:21.118764369 +0100 -+++ a/src/racoon/isakmp_frag.c 2018-01-26 18:05:33.986741103 +0100 -@@ -173,6 +173,43 @@ vendorid_frag_cap(gen) - return ntohl(hp[MD5_DIGEST_LENGTH / sizeof(*hp)]); - } - -+static int -+isakmp_frag_insert(struct ph1handle *iph1, struct isakmp_frag_item *item) -+{ -+ struct isakmp_frag_item *pitem = NULL; -+ struct isakmp_frag_item *citem = iph1->frag_chain; -+ -+ /* no frag yet, just insert at beginning of list */ -+ if (iph1->frag_chain == NULL) { -+ iph1->frag_chain = item; -+ return 0; -+ } -+ -+ do { -+ /* duplicate fragment number, abort (CVE-2016-10396) */ -+ if (citem->frag_num == item->frag_num) -+ return -1; -+ -+ /* need to insert before current item */ -+ if (citem->frag_num > item->frag_num) { -+ if (pitem != NULL) -+ pitem->frag_next = item; -+ else -+ /* insert at the beginning of the list */ -+ iph1->frag_chain = item; -+ item->frag_next = citem; -+ return 0; -+ } -+ -+ pitem = citem; -+ citem = citem->frag_next; -+ } while (citem != NULL); -+ -+ /* we reached the end of the list, insert */ -+ pitem->frag_next = item; -+ return 0; -+} -+ - int - isakmp_frag_extract(iph1, msg) - struct ph1handle *iph1; -@@ -224,39 +261,43 @@ isakmp_frag_extract(iph1, msg) - item->frag_next = NULL; - item->frag_packet = buf; - -- /* Look for the last frag while inserting the new item in the chain */ -- if (item->frag_last) -- last_frag = item->frag_num; -+ /* Check for the last frag before inserting the new item in the chain */ -+ if (item->frag_last) { -+ /* if we have the last fragment, indices must match */ -+ if (iph1->frag_last_index != 0 && -+ item->frag_last != iph1->frag_last_index) { -+ plog(LLV_ERROR, LOCATION, NULL, -+ "Repeated last fragment index mismatch\n"); -+ racoon_free(item); -+ vfree(buf); -+ return -1; -+ } - -- if (iph1->frag_chain == NULL) { -- iph1->frag_chain = item; -- } else { -- struct isakmp_frag_item *current; -+ last_frag = iph1->frag_last_index = item->frag_num; -+ } - -- current = iph1->frag_chain; -- while (current->frag_next) { -- if (current->frag_last) -- last_frag = item->frag_num; -- current = current->frag_next; -- } -- current->frag_next = item; -+ /* insert fragment into chain */ -+ if (isakmp_frag_insert(iph1, item) == -1) { -+ plog(LLV_ERROR, LOCATION, NULL, -+ "Repeated fragment index mismatch\n"); -+ racoon_free(item); -+ vfree(buf); -+ return -1; - } - -- /* If we saw the last frag, check if the chain is complete */ -+ /* If we saw the last frag, check if the chain is complete -+ * we have a sorted list now, so just walk through */ - if (last_frag != 0) { -+ item = iph1->frag_chain; - for (i = 1; i <= last_frag; i++) { -- item = iph1->frag_chain; -- do { -- if (item->frag_num == i) -- break; -- item = item->frag_next; -- } while (item != NULL); -- -+ if (item->frag_num != i) -+ break; -+ item = item->frag_next; - if (item == NULL) /* Not found */ - break; - } - -- if (item != NULL) /* It is complete */ -+ if (i > last_frag) /* It is complete */ - return 1; - } - -@@ -291,15 +332,9 @@ isakmp_frag_reassembly(iph1) - } - data = buf->v; - -+ item = iph1->frag_chain; - for (i = 1; i <= frag_count; i++) { -- item = iph1->frag_chain; -- do { -- if (item->frag_num == i) -- break; -- item = item->frag_next; -- } while (item != NULL); -- -- if (item == NULL) { -+ if (item->frag_num != i) { - plog(LLV_ERROR, LOCATION, NULL, - "Missing fragment #%d\n", i); - vfree(buf); -@@ -308,6 +343,7 @@ isakmp_frag_reassembly(iph1) - } - memcpy(data, item->frag_packet->v, item->frag_packet->l); - data += item->frag_packet->l; -+ item = item->frag_next; - } - - out: - - -diff -u -p -r1.50 -r1.51 ---- a/src/racoon/isakmp_inf.c 2013/04/12 09:53:10 1.50 -+++ a/src/racoon/isakmp_inf.c 2017/01/24 19:23:56 1.51 -@@ -720,6 +720,7 @@ isakmp_info_send_nx(isakmp, remote, loca - #endif - #ifdef ENABLE_FRAG - iph1->frag = 0; -+ iph1->frag_last_index = 0; - iph1->frag_chain = NULL; - #endif - diff --git a/pkgs/os-specific/linux/ipsec-tools/default.nix b/pkgs/os-specific/linux/ipsec-tools/default.nix deleted file mode 100644 index f10364121a461..0000000000000 --- a/pkgs/os-specific/linux/ipsec-tools/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ lib, stdenv, fetchurl, fetchpatch, linuxHeaders, readline, openssl, flex, libkrb5, pam }: - -# TODO: These tools are supposed to work under NetBSD and FreeBSD as -# well, so I guess it's not appropriate to place this expression in -# "os-specific/linux/ipsec-tools". Since I cannot verify that the -# expression actually builds on those platforms, I'll leave it here for -# the time being. - -stdenv.mkDerivation rec { - pname = "ipsec-tools"; - version = "0.8.2"; - - src = fetchurl { - url = "mirror://sourceforge/ipsec-tools/ipsec-tools-${version}.tar.bz2"; - sha256 = "0b9gfbz78k2nj0k7jdlm5kajig628ja9qm0z5yksiwz22s3v7dlf"; - }; - - buildInputs = [ readline openssl flex libkrb5 pam ]; - - patches = [ - ./dont-create-localstatedir-during-install.patch - ./CVE-2015-4047.patch - ./CVE-2016-10396.patch - ]; - - # fix build with newer gcc versions - preConfigure = ''substituteInPlace configure --replace "-Werror" "" ''; - - configureFlags = [ - "--sysconfdir=/etc --localstatedir=/var" - "--with-kernel-headers=${linuxHeaders}/include" - "--disable-security-context" - "--enable-adminport" - "--enable-dpd" - "--enable-frag" - "--enable-gssapi" - "--enable-hybrid" - "--enable-natt" - "--enable-shared" - "--enable-stats" - ]; - - meta = with lib; { - homepage = "http://ipsec-tools.sourceforge.net/"; - description = "Port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation"; - license = licenses.bsd3; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/ipsec-tools/dont-create-localstatedir-during-install.patch b/pkgs/os-specific/linux/ipsec-tools/dont-create-localstatedir-during-install.patch deleted file mode 100644 index 16b80c36d6a5c..0000000000000 --- a/pkgs/os-specific/linux/ipsec-tools/dont-create-localstatedir-during-install.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -ubr ipsec-tools-0.8.0-orig/src/racoon/Makefile.in ipsec-tools-0.8.0/src/racoon/Makefile.in ---- ipsec-tools-0.8.0-orig/src/racoon/Makefile.in 2012-10-20 13:01:07.700903316 +0200 -+++ ipsec-tools-0.8.0/src/racoon/Makefile.in 2012-10-20 13:01:13.177832616 +0200 -@@ -1085,9 +1085,6 @@ - uninstall-sbinPROGRAMS - - --install-exec-local: -- ${mkinstalldirs} $(DESTDIR)${adminsockdir} -- - # special object rules - crypto_openssl_test.o: crypto_openssl.c - $(COMPILE) -DEAYDEBUG -o crypto_openssl_test.o -c $(srcdir)/crypto_openssl.c diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix index 50730597d9e6e..c6dc10f32bac8 100644 --- a/pkgs/os-specific/linux/iptables/default.nix +++ b/pkgs/os-specific/linux/iptables/default.nix @@ -49,6 +49,5 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ fpletz ]; license = licenses.gpl2; downloadPage = "https://www.netfilter.org/projects/iptables/files/"; - updateWalker = true; }; } diff --git a/pkgs/os-specific/linux/iputils/default.nix b/pkgs/os-specific/linux/iputils/default.nix index c949069885df4..0ca6d8aa187f3 100644 --- a/pkgs/os-specific/linux/iputils/default.nix +++ b/pkgs/os-specific/linux/iputils/default.nix @@ -6,7 +6,7 @@ }: let - version = "20210722"; + version = "20211215"; sunAsIsLicense = { fullName = "AS-IS, SUN MICROSYSTEMS license"; url = "https://github.com/iputils/iputils/blob/s${version}/rdisc.c"; @@ -19,14 +19,9 @@ in stdenv.mkDerivation rec { owner = pname; repo = pname; rev = version; - sha256 = "139fyifsjm0i012rhcx3ra3pxx2wxh77dfd551d8lgiv2mqd742j"; + sha256 = "1vzdch1xi2x2j8mvnsr4wwwh7kdkgf926xafw5kkb74yy1wac5qv"; }; - postPatch = lib.optionalString (!doCheck) '' - # There isn't a Meson option for this yet: - sed -i '/##### TESTS #####/q' ping/meson.build - ''; - outputs = ["out" "apparmor"]; # We don't have the required permissions inside the build sandbox: @@ -35,11 +30,10 @@ in stdenv.mkDerivation rec { mesonFlags = [ "-DBUILD_RARPD=true" - "-DBUILD_TRACEROUTE6=true" - "-DBUILD_TFTPD=true" "-DNO_SETCAP_OR_SUID=true" "-Dsystemdunitdir=etc/systemd/system" "-DINSTALL_SYSTEMD_UNITS=true" + "-DSKIP_TESTS=${lib.boolToString (!doCheck)}" ] # Disable idn usage w/musl (https://github.com/iputils/iputils/pull/111): ++ lib.optional stdenv.hostPlatform.isMusl "-DUSE_IDN=false"; @@ -87,9 +81,7 @@ in stdenv.mkDerivation rec { ping rarpd rdisc - tftpd tracepath - traceroute6 ''; }; } diff --git a/pkgs/os-specific/linux/ipvsadm/default.nix b/pkgs/os-specific/linux/ipvsadm/default.nix index fbd4d8efdac89..c988167469188 100644 --- a/pkgs/os-specific/linux/ipvsadm/default.nix +++ b/pkgs/os-specific/linux/ipvsadm/default.nix @@ -16,6 +16,10 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkg-config ]; buildInputs = [ libnl popt ]; + # Disable parallel build, errors: + # *** No rule to make target 'libipvs/libipvs.a', needed by 'ipvsadm'. Stop. + enableParallelBuilding = false; + preBuild = '' makeFlagsArray+=( INCLUDE=$(pkg-config --cflags libnl-genl-3.0) diff --git a/pkgs/os-specific/linux/jfbview/default.nix b/pkgs/os-specific/linux/jfbview/default.nix index da4135d8a8066..eb61ff9d51305 100644 --- a/pkgs/os-specific/linux/jfbview/default.nix +++ b/pkgs/os-specific/linux/jfbview/default.nix @@ -14,7 +14,7 @@ let in stdenv.mkDerivation rec { - name = "${package}-${version}"; + pname = package; version = "0.5.7"; src = fetchFromGitHub { diff --git a/pkgs/os-specific/linux/jool/cli.nix b/pkgs/os-specific/linux/jool/cli.nix index b1bce496614a1..4c18f478798ee 100644 --- a/pkgs/os-specific/linux/jool/cli.nix +++ b/pkgs/os-specific/linux/jool/cli.nix @@ -5,7 +5,8 @@ let in stdenv.mkDerivation { - name = "jool-cli-${sourceAttrs.version}"; + pname = "jool-cli"; + version = sourceAttrs.version; src = sourceAttrs.src; diff --git a/pkgs/os-specific/linux/jool/source.nix b/pkgs/os-specific/linux/jool/source.nix index a90482a58d31e..0517c50d4a982 100644 --- a/pkgs/os-specific/linux/jool/source.nix +++ b/pkgs/os-specific/linux/jool/source.nix @@ -1,11 +1,11 @@ { fetchFromGitHub }: rec { - version = "4.1.5"; + version = "4.1.6"; src = fetchFromGitHub { owner = "NICMx"; repo = "Jool"; rev = "v${version}"; - sha256 = "05dwz4q6v6azgpyj9dzwihnw1lalhhym116q2ya7spvgxzxi04ax"; + sha256 = "09avkiazpfxzrgr3av58jbina5x9jqvqhjkn39475pfhfhrlv9fv"; }; } diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index 3c7e899cba71a..833598448878f 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -81,12 +81,12 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "5.15.5"; in + linuxHeaders = let version = "5.16"; in makeLinuxHeaders { inherit version; src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "sha256-6VZaMBUlrIHBQs64MvkFPdVoXhB9vPdT0N5MWLyYhR8="; + sha256 = "1fq86dbx2p124vi4j8nan68gj4zyw4xnqh4jxq9aqsdvi24pwz82"; }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index b127ec9197cbb..34e1b10b32a8d 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -302,6 +302,9 @@ let # Enable Sound Open Firmware support } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" && versionAtLeast version "5.5") { + SND_SOC_INTEL_SOUNDWIRE_SOF_MACH = whenAtLeast "5.10" module; + SND_SOC_INTEL_USER_FRIENDLY_LONG_NAMES = whenAtLeast "5.10" yes; # dep of SOF_MACH + SND_SOC_SOF_INTEL_SOUNDWIRE_LINK = whenBetween "5.10" "5.11" yes; # dep of SOF_MACH SND_SOC_SOF_TOPLEVEL = yes; SND_SOC_SOF_ACPI = module; SND_SOC_SOF_PCI = module; @@ -449,13 +452,21 @@ let }; security = { + FORTIFY_SOURCE = whenAtLeast "4.13" (option yes); + + # https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html + DEBUG_LIST = yes; # Detect writes to read-only module pages DEBUG_SET_MODULE_RONX = { optional = true; tristate = whenOlder "4.11" "y"; }; RANDOMIZE_BASE = option yes; - STRICT_DEVMEM = option yes; # Filter access to /dev/mem + STRICT_DEVMEM = mkDefault yes; # Filter access to /dev/mem + IO_STRICT_DEVMEM = whenAtLeast "4.5" (mkDefault yes); SECURITY_SELINUX_BOOTPARAM_VALUE = whenOlder "5.1" (freeform "0"); # Disable SELinux by default # Prevent processes from ptracing non-children processes SECURITY_YAMA = option yes; + # The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. + # This does not have any effect if a program does not support it + SECURITY_LANDLOCK = whenAtLeast "5.13" yes; DEVKMEM = whenOlder "5.13" no; # Disable /dev/kmem USER_NS = yes; # Support for user namespaces @@ -473,7 +484,7 @@ let # Detect buffer overflows on the stack CC_STACKPROTECTOR_REGULAR = {optional = true; tristate = whenOlder "4.18" "y";}; - } // optionalAttrs stdenv.hostPlatform.isx86 { + } // optionalAttrs stdenv.hostPlatform.isx86_64 { # Enable Intel SGX X86_SGX = whenAtLeast "5.11" yes; # Allow KVM guests to load SGX enclaves @@ -533,6 +544,7 @@ let UPROBE_EVENT = { optional = true; tristate = whenOlder "4.11" "y";}; UPROBE_EVENTS = { optional = true; tristate = whenAtLeast "4.11" "y";}; BPF_SYSCALL = whenAtLeast "4.4" yes; + BPF_UNPRIV_DEFAULT_OFF = whenBetween "5.10" "5.15" yes; BPF_EVENTS = whenAtLeast "4.4" yes; FUNCTION_PROFILER = yes; RING_BUFFER_BENCHMARK = no; @@ -883,6 +895,12 @@ let SCHED_CORE = whenAtLeast "5.14" yes; FSL_MC_UAPI_SUPPORT = mkIf (stdenv.hostPlatform.system == "aarch64-linux") (whenAtLeast "5.12" yes); + + ASHMEM = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID_BINDER_IPC = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID_BINDERFS = { optional = true; tristate = whenAtLeast "5.0" "y";}; + ANDROID_BINDER_DEVICES = { optional = true; freeform = whenAtLeast "5.0" "binder,hwbinder,vndbinder";}; } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { # Enable CPU/memory hotplug support # Allows you to dynamically add & remove CPUs/memory to a VM client running NixOS without requiring a reboot diff --git a/pkgs/os-specific/linux/kernel/gpio-utils.nix b/pkgs/os-specific/linux/kernel/gpio-utils.nix index e28d838efb3fe..9c7386f61c1d2 100644 --- a/pkgs/os-specific/linux/kernel/gpio-utils.nix +++ b/pkgs/os-specific/linux/kernel/gpio-utils.nix @@ -5,7 +5,8 @@ with lib; assert versionAtLeast linux.version "4.6"; stdenv.mkDerivation { - name = "gpio-utils-${linux.version}"; + pname = "gpio-utils"; + version = linux.version; inherit (linux) src makeFlags; diff --git a/pkgs/os-specific/linux/kernel/hardened/config.nix b/pkgs/os-specific/linux/kernel/hardened/config.nix index 973e6d50adfe5..3e3cd149c4d9e 100644 --- a/pkgs/os-specific/linux/kernel/hardened/config.nix +++ b/pkgs/os-specific/linux/kernel/hardened/config.nix @@ -93,4 +93,8 @@ assert (versionAtLeast version "4.9"); # Detect out-of-bound reads/writes and use-after-free KFENCE = whenAtLeast "5.12" yes; + + # CONFIG_DEVMEM=n causes these to not exist anymore. + STRICT_DEVMEM = option no; + IO_STRICT_DEVMEM = option no; } diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 1242aa8eba5a0..9668faafc59a0 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,51 +2,51 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.258-hardened1.patch", - "sha256": "0rni42mbvyw0f9032i6bkgcwnzfw472vimd5l1q7rp52m63z6vbk", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.258-hardened1/linux-hardened-4.14.258-hardened1.patch" + "name": "linux-hardened-4.14.264-hardened1.patch", + "sha256": "1zlsww0mqaw5cswwqjvc9magh2a31v6ii7a4ivdra6nsv1xrdimy", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.264-hardened1/linux-hardened-4.14.264-hardened1.patch" }, - "sha256": "162bzhm0k8kipgk0ma745rjcl33rqhpwxdfdz3q6rkp48b82kbvi", - "version": "4.14.258" + "sha256": "1d1588f0zrq93dk9j8gmvfm9mlniyw98s0i3gmg2sa7h1p04pc2m", + "version": "4.14.264" }, "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.221-hardened1.patch", - "sha256": "0lw4lysiv5h1vlkwlz2z1kv78wsszj1xc383i2qkzfsb4l9vsm7h", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.221-hardened1/linux-hardened-4.19.221-hardened1.patch" + "name": "linux-hardened-4.19.227-hardened1.patch", + "sha256": "127l8s1wb71iyb4iw1bxkxn48qcchz50qwjpx9r2vm81cihasxs7", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.227-hardened1/linux-hardened-4.19.227-hardened1.patch" }, - "sha256": "1yg1cibyn53gpjnxfgj2qxxi8k3l7gv1ri6kywvp6sk5bygx8jd3", - "version": "4.19.221" + "sha256": "0d1jyyxdrpyi35033fjg8g6zz99ffry2ks1wlldfaxfa6wh9dp39", + "version": "4.19.227" }, "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.87-hardened1.patch", - "sha256": "1r1vyf9wy49s7pfskxlng17n0khi1dpxg5cm4yfnbbq0gdisnh1f", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.87-hardened1/linux-hardened-5.10.87-hardened1.patch" + "name": "linux-hardened-5.10.98-hardened1.patch", + "sha256": "13cjr3k2vyxmwk5gjrkwklzvl38p1d4qrzfqm7nqssvh52kqzkq1", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.98-hardened1/linux-hardened-5.10.98-hardened1.patch" }, - "sha256": "0jz6xhph7x0x11cjmypaw5gh8z4d53dcgx2gmg7k6d06ydq8n4h3", - "version": "5.10.87" + "sha256": "0hwl1ypllx9l5pv04yavz627qb31ki9mhznsak5bq48hbz0wc90v", + "version": "5.10.98" }, "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.10-hardened1.patch", - "sha256": "1fn37pg10w1m4cr4g0ibs5fvqs1yx3y776daxv836naffl1001fm", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.10-hardened1/linux-hardened-5.15.10-hardened1.patch" + "name": "linux-hardened-5.15.21-hardened1.patch", + "sha256": "1j01mlyr53wry8n7bzg6pi4nilj3i9jpq5aml6f25fjckz5apll7", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.21-hardened1/linux-hardened-5.15.21-hardened1.patch" }, - "sha256": "0jsv8lialjwp91qg9c9rh8rhn49a70ryyhzl19bxq3fhz1fwyks8", - "version": "5.15.10" + "sha256": "1lgvf3mrsbwjdjfvznbf5c3np76a7xxqr2rw7i6196ywsxnfnki9", + "version": "5.15.21" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.167-hardened1.patch", - "sha256": "03mj8nncfpqf5j6l66239saxv251rh5infhl0jjyx1znhfzavg0p", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.167-hardened1/linux-hardened-5.4.167-hardened1.patch" + "name": "linux-hardened-5.4.177-hardened1.patch", + "sha256": "1xyfc1hsphjgaxr2b36y7r3mzm3vn8vd1av73cwr42flc0qn3g4j", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.177-hardened1/linux-hardened-5.4.177-hardened1.patch" }, - "sha256": "19x5f3s5f4nqzjb61g22rs0hnmk43q4b7sm7mc4j1q3y44b33r5l", - "version": "5.4.167" + "sha256": "0wvb5is8rqvfxia1i8lw4yd3fm2bhb6wdl0bdjq90dx7y46wpxqq", + "version": "5.4.177" } } diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index e6104c6ed0c91..093e8205630e3 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.260"; + version = "4.14.267"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1bylxn6hsq17cann2w02ggz6xz3b3synrapcwlwfcfydf71hzj9f"; + sha256 = "13hq4hcq686gdragjcgmz3m0kkk8abz5lna0ildaa9gybj43yd4c"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index d87a635c5ef35..1ba37f697f717 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.223"; + version = "4.19.230"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1cnjk49g8sxsbzk375ji47lnx36drqh1x2pbfiqdwgrbjcb043sz"; + sha256 = "107sqv4izdnazscwhyam88vbinsvnd33z8agn4awc42hkqh9l20p"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 4bc6ca32c16bc..9271aa0182ec4 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.4.297"; + version = "4.4.302"; extraMeta.branch = "4.4"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "116346nkbhaz8jc1118gh40y6pw1kq7c7hm74f8bjga1p0gjqn0c"; + sha256 = "1cvnydc7y5xrb1c4yfmsl846dd1jfrr7xf62gxbhnkk01fs7n09m"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index eefe4fc7fb68f..0b67c3cd5fc71 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,12 +1,12 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.295"; + version = "4.9.302"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "095am71hl7qryrcn1blvxsq5zsy0gixmj7062p7vvz5ypcvqcd52"; + sha256 = "0difn0vjz4hz9vl5lklawqy19ccb5gz5p5r1cyckschf0l2nyifm"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 7b38ba8b09593..97416dd91e498 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.89"; + version = "5.10.101"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0c5v8fsv9sazdmdw4m1canm54x2p8777yavxq2gcpw8q98d8n8cj"; + sha256 = "13hwpb85dynbayghxs3ln3hbyh8djgl5fj63vxwc8izfny62aj87"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index f5f98e3317c08..e3a8505d98893 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.12"; + version = "5.15.24"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "182iwy2288layl2290cxla0k6y436lxlx43yaa8par325dviksbx"; + sha256 = "0zx9big7n8gh6y14c05llxsqh543q0czjdrq906m8cc7r01yp5pl"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-5.16.nix b/pkgs/os-specific/linux/kernel/linux-5.16.nix new file mode 100644 index 0000000000000..5630b05d4f4d7 --- /dev/null +++ b/pkgs/os-specific/linux/kernel/linux-5.16.nix @@ -0,0 +1,18 @@ +{ lib, buildPackages, fetchurl, perl, buildLinux, nixosTests, modDirVersionArg ? null, ... } @ args: + +with lib; + +buildLinux (args // rec { + version = "5.16.10"; + + # modDirVersion needs to be x.y.z, will automatically add .0 if needed + modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; + + # branchVersion needs to be x.y + extraMeta.branch = versions.majorMinor version; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; + sha256 = "17i3j07hgljsiz2kymbskp35p2xp14gb0mdi5s2r61c0h406yk8c"; + }; +} // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index d568a28538144..64252a715639a 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.169"; + version = "5.4.180"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "068sw1p50vcygi422bfjpahf2fxy3ifyp4ljnkwxbbvibzcq4hsm"; + sha256 = "07ckmgcqpr39bzpp8v60b2vkb03p8931k7sl3ywg6f00lvcbaf8n"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix index 4d078e45fe231..b647f6c4e156c 100644 --- a/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "18517"; - sha256 = "1i4gppn3lyi3aqzscrdhm2dsvfa84xqhymcc468sakn9in3g85gg"; + rev = "18587"; + sha256 = "01h3mvj36b3wnkjm932ya5prsyfw7fszifdb9bvqwrd2ggawxng9"; } , ... }: diff --git a/pkgs/os-specific/linux/kernel/linux-lqx.nix b/pkgs/os-specific/linux/kernel/linux-lqx.nix index 02e3902d3c5c3..0d56108f2f230 100644 --- a/pkgs/os-specific/linux/kernel/linux-lqx.nix +++ b/pkgs/os-specific/linux/kernel/linux-lqx.nix @@ -1,8 +1,8 @@ { lib, fetchFromGitHub, buildLinux, linux_zen, ... } @ args: let - version = "5.14.18"; - suffix = "lqx1"; + version = "5.15.16"; + suffix = "lqx2"; in buildLinux (args // { @@ -14,7 +14,7 @@ buildLinux (args // { owner = "zen-kernel"; repo = "zen-kernel"; rev = "v${version}-${suffix}"; - sha256 = "sha256-jn2Y/zusxwOvT5MXlM5HCojiyY0ssC36O92iv7/ZMWU="; + sha256 = "sha256-kdT/hiASZ72pkS0Igta0KT0GWTgDRjxBnd5CQ0eonfg="; }; extraMeta = { diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index b9458b3947f9b..c8d42ddda7461 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.87-rt59"; # updated by ./update-rt.sh + version = "5.10.78-rt55"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0jz6xhph7x0x11cjmypaw5gh8z4d53dcgx2gmg7k6d06ydq8n4h3"; + sha256 = "03q5lrv8gr9hnm7984pxi9kwsvxrn21qwykj60amisi2wac6r05y"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "04sr3n3ilvqq0dl59l92qmn3p7fjlsxxvbs3qls7b4pncb2xyyj3"; + sha256 = "1wcw682r238qi5jgn5zk9m6j2506p9ypfax13bzhjfyjzz3h98kp"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix index 0d827ad653e4b..bb789797a532f 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.4.161-rt67"; # updated by ./update-rt.sh + version = "5.4.177-rt69"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -14,14 +14,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "19rrz7fzka506bpgy229v1sbaxc2s609ldmxc2522y9h5aswcj9i"; + sha256 = "0wvb5is8rqvfxia1i8lw4yd3fm2bhb6wdl0bdjq90dx7y46wpxqq"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1xn3i1m0n4zcsnw5k52iyrd994zxmrla4rkjmdr71ra7csbrvkbx"; + sha256 = "16m1swkg54cgcgqwl6vifbpfvdf7waigbwi9brafwplb965zq5a2"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index e417ee6d389b2..52fc24e101e3b 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -1,9 +1,9 @@ { lib , fetchpatch , kernel -, date ? "2021-12-26" -, commit ? "b034dfb24fece43a7677b9a29781495aeb62767f" -, diffHash ? "0m7qrnfrcx3dki9lmsq3jk3mcrfm99djh83gwwjh401ql0cycx5p" +, date ? "2022-01-12" +, commit ? "0e6eb60f8be14b02e0a76cb330f4b22c80ec82e9" +, diffHash ? "091w4r7h93s5rv8hk65aix7l0rr4bd504mv998j7x360bqlb7vpi" , kernelPatches # must always be defined in bcachefs' all-packages.nix entry because it's also a top-level attribute supplied by callPackage , argsOverride ? {} , ... diff --git a/pkgs/os-specific/linux/kernel/linux-xanmod.nix b/pkgs/os-specific/linux/kernel/linux-xanmod.nix index 9740615a33111..636803f29097a 100644 --- a/pkgs/os-specific/linux/kernel/linux-xanmod.nix +++ b/pkgs/os-specific/linux/kernel/linux-xanmod.nix @@ -1,7 +1,7 @@ { lib, stdenv, buildLinux, fetchFromGitHub, ... } @ args: let - version = "5.15.11"; + version = "5.15.24"; release = "1"; suffix = "xanmod${release}-tt"; in @@ -13,7 +13,7 @@ buildLinux (args // rec { owner = "xanmod"; repo = "linux"; rev = modDirVersion; - sha256 = "sha256-f5DvjgZQoryCpRcawlmZY6muZdAcQMNm+N18XHEBq4U="; + sha256 = "sha256-O3OadPMBl74IK92w7IPGfiePeo/Ox+bIVr4XmOmPYTg="; }; structuredExtraConfig = with lib.kernel; { diff --git a/pkgs/os-specific/linux/kernel/linux-zen.nix b/pkgs/os-specific/linux/kernel/linux-zen.nix index 257485645f465..1432eb5598eef 100644 --- a/pkgs/os-specific/linux/kernel/linux-zen.nix +++ b/pkgs/os-specific/linux/kernel/linux-zen.nix @@ -2,7 +2,7 @@ let # having the full version string here makes it easier to update - modDirVersion = "5.15.11-zen1"; + modDirVersion = "5.16.8-zen1"; parts = lib.splitString "-" modDirVersion; version = lib.elemAt parts 0; suffix = lib.elemAt parts 1; @@ -19,7 +19,7 @@ buildLinux (args // { owner = "zen-kernel"; repo = "zen-kernel"; rev = "v${modDirVersion}"; - sha256 = "sha256-KOy1bmNnfa8LtnE+03Y+0pr9r1OCimY0bjGsVmGnPN4="; + sha256 = "sha256-/CYPuj+P5KlYFur0X2FYrrJFUDhKVL7xm53uOSym+Rc="; }; structuredExtraConfig = with lib.kernel; { diff --git a/pkgs/os-specific/linux/kernel/perf.nix b/pkgs/os-specific/linux/kernel/perf.nix index 045f80ce9ac26..6d1763a0d0fd1 100644 --- a/pkgs/os-specific/linux/kernel/perf.nix +++ b/pkgs/os-specific/linux/kernel/perf.nix @@ -12,7 +12,8 @@ with lib; assert versionAtLeast kernel.version "3.12"; stdenv.mkDerivation { - name = "perf-linux-${kernel.version}"; + pname = "perf-linux"; + version = kernel.version; inherit (kernel) src; diff --git a/pkgs/os-specific/linux/keyutils/0001-Remove-unused-function-after_eq.patch b/pkgs/os-specific/linux/keyutils/0001-Remove-unused-function-after_eq.patch new file mode 100644 index 0000000000000..61ad2a474f9a9 --- /dev/null +++ b/pkgs/os-specific/linux/keyutils/0001-Remove-unused-function-after_eq.patch @@ -0,0 +1,28 @@ +From 59d91e57d103fb4686d2f45ee3c688878244367a Mon Sep 17 00:00:00 2001 +From: Christian Kampka <christian@kampka.net> +Date: Tue, 24 Nov 2020 22:12:40 +0100 +Subject: [PATCH] Remove unused function 'after_eq' + +--- + keyctl_watch.c | 5 ----- + 1 file changed, 5 deletions(-) + +diff --git a/keyctl_watch.c b/keyctl_watch.c +index a70a19a..c4ca7f7 100644 +--- a/keyctl_watch.c ++++ b/keyctl_watch.c +@@ -47,11 +47,6 @@ static struct watch_notification_filter filter = { + }, + }; + +-static inline bool after_eq(unsigned int a, unsigned int b) +-{ +- return (signed int)(a - b) >= 0; +-} +- + static void consumer_term(int sig) + { + consumer_stop = 1; +-- +2.28.0 + diff --git a/pkgs/os-specific/linux/keyutils/default.nix b/pkgs/os-specific/linux/keyutils/default.nix index 71f708e210d48..f307bd56d1cff 100644 --- a/pkgs/os-specific/linux/keyutils/default.nix +++ b/pkgs/os-specific/linux/keyutils/default.nix @@ -21,6 +21,10 @@ stdenv.mkDerivation rec { sha256 = "0wnvbjfrbk7rghd032z684l7vk7mhy3bd41zvhkrhgp3cd5id0bm"; }) ./conf-symlink.patch + # This patch solves a duplicate symbol error when building with a clang stdenv + # Before removing this patch, please ensure the package still builds by running eg. + # nix-build -E 'with import ./. {}; pkgs.keyutils.override { stdenv = pkgs.llvmPackages_latest.stdenv; }' + ./0001-Remove-unused-function-after_eq.patch ]; makeFlags = lib.optionals stdenv.hostPlatform.isStatic "NO_SOLIB=1"; diff --git a/pkgs/os-specific/linux/klibc/default.nix b/pkgs/os-specific/linux/klibc/default.nix index 522a74dea01a6..6efcb01cc531c 100644 --- a/pkgs/os-specific/linux/klibc/default.nix +++ b/pkgs/os-specific/linux/klibc/default.nix @@ -9,11 +9,11 @@ in stdenv.mkDerivation rec { pname = "klibc"; - version = "2.0.9"; + version = "2.0.10"; src = fetchurl { url = "mirror://kernel/linux/libs/klibc/2.0/klibc-${version}.tar.xz"; - sha256 = "sha256-bcynCJEzINJjCfBbDCv2gHG/EbPa3MTmx9kjg3/CPuE="; + sha256 = "sha256-ZidT2oiJ50TfwNtutAIcM3fufvjtZtfVd2X4yeJZOc0="; }; patches = [ ./no-reinstall-kernel-headers.patch ]; diff --git a/pkgs/os-specific/linux/kmod-debian-aliases/default.nix b/pkgs/os-specific/linux/kmod-debian-aliases/default.nix index 23d323f84b8f4..15f7251f99616 100644 --- a/pkgs/os-specific/linux/kmod-debian-aliases/default.nix +++ b/pkgs/os-specific/linux/kmod-debian-aliases/default.nix @@ -1,7 +1,7 @@ { stdenv, fetchurl, lib }: stdenv.mkDerivation rec { - name = "kmod-debian-aliases-${version}.conf"; + pname = "kmod-debian-aliases.conf"; version = "22-1.1"; src = fetchurl { diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index 2cb263854ab8e..a1a1906ba9cea 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -4,7 +4,7 @@ }: let - systems = [ "/run/current-system/kernel-modules" "/run/booted-system/kernel-modules" "" ]; + systems = [ "/run/booted-system/kernel-modules" "/run/current-system/kernel-modules" "" ]; modulesDirs = lib.concatMapStringsSep ":" (x: "${x}/lib/modules") systems; in stdenv.mkDerivation rec { @@ -52,5 +52,6 @@ in stdenv.mkDerivation rec { changelog = "https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/plain/NEWS?h=v${version}"; license = with licenses; [ lgpl21Plus gpl2Plus ]; # GPLv2+ for tools platforms = platforms.unix; + maintainers = with maintainers; [ artturin ]; }; } diff --git a/pkgs/os-specific/linux/kvmfr/default.nix b/pkgs/os-specific/linux/kvmfr/default.nix index 6b5f31a1d350b..ed9c58d262661 100644 --- a/pkgs/os-specific/linux/kvmfr/default.nix +++ b/pkgs/os-specific/linux/kvmfr/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, kernel, kmod, looking-glass-client }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, kernel, kmod, looking-glass-client }: stdenv.mkDerivation rec { pname = "kvmfr"; @@ -9,6 +9,13 @@ stdenv.mkDerivation rec { hardeningDisable = [ "pic" "format" ]; nativeBuildInputs = kernel.moduleBuildDependencies; + patches = lib.optional (kernel.kernelAtLeast "5.16") (fetchpatch { + name = "kvmfr-5.16.patch"; + url = "https://github.com/gnif/LookingGlass/commit/a9b5302a517e19d7a2da114acf71ef1e69cfb497.patch"; + sha256 = "017nxlk2f7kyjp6llwa74dbczdb1jk8v791qld81dxhzkm9dyqqx"; + stripLen = 1; + }); + makeFlags = [ "KVER=${kernel.modDirVersion}" "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" diff --git a/pkgs/os-specific/linux/libbpf/default.nix b/pkgs/os-specific/linux/libbpf/default.nix index daee83e61dbc2..8e6b9fa0663a3 100644 --- a/pkgs/os-specific/linux/libbpf/default.nix +++ b/pkgs/os-specific/linux/libbpf/default.nix @@ -12,21 +12,20 @@ with builtins; stdenv.mkDerivation rec { pname = "libbpf"; - version = "0.6.1"; + version = "0.7.0"; src = fetchFromGitHub { owner = "libbpf"; repo = "libbpf"; rev = "v${version}"; - sha256 = "sha256-/MLPflnfooe7Wjy8M3CTowAi5oYpscruSkDsaVzhmYQ="; + sha256 = "sha256-NFVJ8JquWVzu+QoaaOMzhnu6/IqdP1FPhtJFidXA4L4="; }; nativeBuildInputs = [ pkg-config ]; buildInputs = [ libelf zlib ]; - sourceRoot = "source/src"; enableParallelBuilding = true; - makeFlags = [ "PREFIX=$(out)" ]; + makeFlags = [ "PREFIX=$(out)" "-C src" ]; passthru.tests = { bpf = nixosTests.bpf; @@ -34,7 +33,7 @@ stdenv.mkDerivation rec { postInstall = '' # install linux's libbpf-compatible linux/btf.h - install -Dm444 ../include/uapi/linux/btf.h -t $out/include/linux + install -Dm444 include/uapi/linux/*.h -t $out/include/linux ''; # FIXME: Multi-output requires some fixes to the way the pkg-config file is diff --git a/pkgs/os-specific/linux/libevdevc/default.nix b/pkgs/os-specific/linux/libevdevc/default.nix index 2417ef6da9db5..4998ee3e6b57a 100644 --- a/pkgs/os-specific/linux/libevdevc/default.nix +++ b/pkgs/os-specific/linux/libevdevc/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, coreutils, pkg-config, glib, jsoncpp }: stdenv.mkDerivation rec { - name = "libevdevc"; + pname = "libevdevc"; version = "2.0.1"; src = fetchFromGitHub { owner = "hugegreenbug"; diff --git a/pkgs/os-specific/linux/libgestures/default.nix b/pkgs/os-specific/linux/libgestures/default.nix index bface8118be21..1454c0c78a502 100644 --- a/pkgs/os-specific/linux/libgestures/default.nix +++ b/pkgs/os-specific/linux/libgestures/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, pkg-config, glib, jsoncpp }: stdenv.mkDerivation rec { - name = "libgestures-${version}"; + pname = "libgestures"; version = "2.0.1"; src = fetchFromGitHub { owner = "hugegreenbug"; diff --git a/pkgs/os-specific/linux/libpsm2/default.nix b/pkgs/os-specific/linux/libpsm2/default.nix index 8b979d4795629..aeb261aaaca5c 100644 --- a/pkgs/os-specific/linux/libpsm2/default.nix +++ b/pkgs/os-specific/linux/libpsm2/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "libpsm2"; - version = "11.2.185"; + version = "11.2.203"; preConfigure= '' export UDEVDIR=$out/etc/udev @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { owner = "intel"; repo = "opa-psm2"; rev = "PSM2_${version}"; - sha256 = "062hg4r6gz7pla9df70nqs5i2a3mp1wszmp4l0g771fykhhrxsjg"; + sha256 = "sha256-W5Mg5ATUARMFAy1VVpMKPar0VpbKfrkxa6bDhqVYpoc="; }; postInstall = '' diff --git a/pkgs/os-specific/linux/liquidtux/default.nix b/pkgs/os-specific/linux/liquidtux/default.nix index a306135f73b0d..317801bb3cddb 100644 --- a/pkgs/os-specific/linux/liquidtux/default.nix +++ b/pkgs/os-specific/linux/liquidtux/default.nix @@ -29,5 +29,6 @@ stdenv.mkDerivation rec { license = licenses.gpl2; platforms = [ "x86_64-linux" "i686-linux" ]; maintainers = with maintainers; [ nickhu ]; + broken = lib.versionOlder kernel.version "5.10"; }; } diff --git a/pkgs/os-specific/linux/lsirec/default.nix b/pkgs/os-specific/linux/lsirec/default.nix new file mode 100644 index 0000000000000..cf2da7d164804 --- /dev/null +++ b/pkgs/os-specific/linux/lsirec/default.nix @@ -0,0 +1,36 @@ +{ lib +, stdenv +, fetchFromGitHub +, python3 +}: + +stdenv.mkDerivation rec { + pname = "lsirec"; + version = "unstable-2019-03-03"; + + src = fetchFromGitHub { + owner = "marcan"; + repo = "lsirec"; + rev = "2dfb6dc92649feb01a3ddcfd117d4a99098084f2"; + sha256 = "sha256-8v+KKjAJlJNpUT0poedRTQfPiDiwahrosXD35Bmh3jM="; + }; + + buildInputs = [ python3 ]; + + installPhase = '' + runHook preInstall + + install -Dm755 'lsirec' "$out/bin/lsirec" + install -Dm755 'sbrtool.py' "$out/bin/sbrtool" + + runHook postInstall + ''; + + meta = with lib; { + description = "LSI SAS2008/SAS2108 low-level recovery tool for Linux"; + homepage = "https://github.com/marcan/lsirec"; + platforms = platforms.linux; + license = licenses.bsd2; + maintainers = with maintainers; [ Luflosi ]; + }; +} diff --git a/pkgs/os-specific/linux/lttng-modules/default.nix b/pkgs/os-specific/linux/lttng-modules/default.nix index e5645438567a4..8753f34087cf6 100644 --- a/pkgs/os-specific/linux/lttng-modules/default.nix +++ b/pkgs/os-specific/linux/lttng-modules/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "lttng-modules-${kernel.version}"; - version = "2.13.0"; + version = "2.13.1"; src = fetchurl { url = "https://lttng.org/files/lttng-modules/lttng-modules-${version}.tar.bz2"; - sha256 = "0mikc3fdjd0w6rrcyksjzmv0czvgba6yk8dfmz4a3cr8s4y2pgsy"; + sha256 = "0hzksx2fw008jdsgfzpws9g7imy6ryw09ai5y0knvrmvr68nvj57"; }; buildInputs = kernel.moduleBuildDependencies; diff --git a/pkgs/os-specific/linux/lvm2/2_02.nix b/pkgs/os-specific/linux/lvm2/2_02.nix index 3566a01178b2a..56ab613afd24d 100644 --- a/pkgs/os-specific/linux/lvm2/2_02.nix +++ b/pkgs/os-specific/linux/lvm2/2_02.nix @@ -1,4 +1,4 @@ import ./common.nix { version = "2.02.187"; - sha256Hash = "sha256-Dg1SGoY6XbJEDy4edie6grcCc65KsLvhMIUdsNWOWvE="; + sha256 = "sha256-Dg1SGoY6XbJEDy4edie6grcCc65KsLvhMIUdsNWOWvE="; } diff --git a/pkgs/os-specific/linux/lvm2/2_03.nix b/pkgs/os-specific/linux/lvm2/2_03.nix index d6456b46e5184..555ff6b0dc148 100644 --- a/pkgs/os-specific/linux/lvm2/2_03.nix +++ b/pkgs/os-specific/linux/lvm2/2_03.nix @@ -1,4 +1,4 @@ import ./common.nix { - version = "2.03.12"; - sha256Hash = "1shczwfd0888dchjiaqzd48ampm6f8y0ngsqd99fy4nxlbr5q1vn"; + version = "2.03.14"; + sha256 = "0p5077h3z7mrr0b49ikmhlhrs4v4qb530raypk3y72ja125bqqsa"; } diff --git a/pkgs/os-specific/linux/lvm2/common.nix b/pkgs/os-specific/linux/lvm2/common.nix index 2d09c48073d18..0749292531bb9 100644 --- a/pkgs/os-specific/linux/lvm2/common.nix +++ b/pkgs/os-specific/linux/lvm2/common.nix @@ -1,4 +1,4 @@ -{ version, sha256Hash }: +{ version, sha256 }: { lib, stdenv , fetchpatch @@ -9,7 +9,8 @@ , libaio , enableCmdlib ? false , enableDmeventd ? false -, udev ? null +, udevSupport ? !stdenv.targetPlatform.isStatic, udev ? null +, onlyLib ? stdenv.targetPlatform.isStatic , nixosTests }: @@ -22,11 +23,17 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${version}.tgz"; - sha256 = sha256Hash; + inherit sha256; }; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ udev libuuid libaio ]; + buildInputs = [ + libaio + ] ++ lib.optionals udevSupport [ + udev + ] ++ lib.optionals (!onlyLib) [ + libuuid + ]; configureFlags = [ "--disable-readline" @@ -46,10 +53,11 @@ stdenv.mkDerivation rec { ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "ac_cv_func_malloc_0_nonnull=yes" "ac_cv_func_realloc_0_nonnull=yes" - ] ++ - lib.optionals (udev != null) [ + ] ++ lib.optionals udevSupport [ "--enable-udev_rules" "--enable-udev_sync" + ] ++ lib.optionals stdenv.targetPlatform.isStatic [ + "--enable-static_link" ]; preConfigure = '' @@ -58,9 +66,13 @@ stdenv.mkDerivation rec { substituteInPlace scripts/lvm2_activation_generator_systemd_red_hat.c \ --replace /usr/bin/udevadm /run/current-system/systemd/bin/udevadm # https://github.com/lvmteam/lvm2/issues/36 + '' + lib.optionalString (lib.versionOlder version "2.03.14") '' substituteInPlace udev/69-dm-lvm-metad.rules.in \ --replace "(BINDIR)/systemd-run" /run/current-system/systemd/bin/systemd-run - + '' + lib.optionalString (lib.versionAtLeast version "2.03.14") '' + substituteInPlace udev/69-dm-lvm.rules.in \ + --replace "/usr/bin/systemd-run" /run/current-system/systemd/bin/systemd-run + '' + '' substituteInPlace make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" '' + lib.optionalString (lib.versionAtLeast version "2.03") '' substituteInPlace libdm/make.tmpl.in --replace "@systemdsystemunitdir@" "$out/lib/systemd/system" @@ -78,30 +90,41 @@ stdenv.mkDerivation rec { url = "https://git.alpinelinux.org/aports/plain/main/lvm2/mallinfo.patch?h=3.7-stable&id=31bd4a8c2dc00ae79a821f6fe0ad2f23e1534f50"; sha256 = "0g6wlqi215i5s30bnbkn8w7axrs27y3bnygbpbnf64wwx7rxxlj0"; }) + ] ++ lib.optionals stdenv.targetPlatform.isStatic [ + ./no-shared.diff ]; doCheck = false; # requires root - makeFlags = lib.optionals (udev != null) [ + makeFlags = lib.optionals udevSupport [ "SYSTEMD_GENERATOR_DIR=$(out)/lib/systemd/system-generators" + ] ++ lib.optionals onlyLib [ + "libdm.device-mapper" ]; # To prevent make install from failing. installFlags = [ "OWNER=" "GROUP=" "confdir=$(out)/etc" ]; # Install systemd stuff. - installTargets = [ "install" ] ++ lib.optionals (udev != null) [ + installTargets = [ "install" ] ++ lib.optionals udevSupport [ "install_systemd_generators" "install_systemd_units" "install_tmpfiles_configuration" ]; + installPhase = lib.optionalString onlyLib '' + install -D -t $out/lib libdm/ioctl/libdevmapper.${if stdenv.targetPlatform.isStatic then "a" else "so"} + make -C libdm install_include + make -C libdm install_pkgconfig + ''; + # only split bin and lib out from out if cmdlib isn't enabled outputs = [ "out" + ] ++ lib.optionals (!onlyLib) [ "dev" "man" - ] ++ lib.optionals (enableCmdlib != true) [ + ] ++ lib.optionals (!onlyLib && !enableCmdlib) [ "bin" "lib" ]; diff --git a/pkgs/os-specific/linux/lvm2/no-shared.diff b/pkgs/os-specific/linux/lvm2/no-shared.diff new file mode 100644 index 0000000000000..d40dd85dfc626 --- /dev/null +++ b/pkgs/os-specific/linux/lvm2/no-shared.diff @@ -0,0 +1,25 @@ +diff --git a/libdm/Makefile.in b/libdm/Makefile.in +index 66ec39513..ab7123dae 100644 +--- a/libdm/Makefile.in ++++ b/libdm/Makefile.in +@@ -44,7 +44,6 @@ endif + + LIB_SHARED = $(interface)/libdevmapper.$(LIB_SUFFIX) + LIB_VERSION = $(LIB_VERSION_DM) +-TARGETS = libdevmapper.$(LIB_SUFFIX) libdevmapper.$(LIB_SUFFIX).$(LIB_VERSION) + + CFLOW_LIST = $(SOURCES) + CFLOW_LIST_TARGET = libdevmapper.cflow +diff --git a/make.tmpl.in b/make.tmpl.in +index e7780e8d4..ca4aa9fdd 100644 +--- a/make.tmpl.in ++++ b/make.tmpl.in +@@ -346,7 +346,7 @@ SUBDIRS.cflow := $(SUBDIRS:=.cflow) + SUBDIRS.clean := $(SUBDIRS:=.clean) + SUBDIRS.distclean := $(SUBDIRS:=.distclean) + +-TARGETS += $(LIB_SHARED) $(LIB_STATIC) ++TARGETS += $(LIB_STATIC) + + all: $(SUBDIRS) $(TARGETS) + diff --git a/pkgs/os-specific/linux/lxc/default.nix b/pkgs/os-specific/linux/lxc/default.nix index bfe888c6e448e..62f63a8c3ac35 100644 --- a/pkgs/os-specific/linux/lxc/default.nix +++ b/pkgs/os-specific/linux/lxc/default.nix @@ -9,11 +9,11 @@ with lib; stdenv.mkDerivation rec { pname = "lxc"; - version = "4.0.11"; + version = "4.0.12"; src = fetchurl { url = "https://linuxcontainers.org/downloads/lxc/lxc-${version}.tar.gz"; - sha256 = "0b7hv4n8b3lndhr0jf9j1gkbzxm8897a1myjsfgwzad9gkhq395g"; + sha256 = "1vyk2j5w9gfyh23w3ar09cycyws16mxh3clbb33yhqzwcs1jy96v"; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/lxcfs/default.nix b/pkgs/os-specific/linux/lxcfs/default.nix index 6ae44f3fdb87b..68bf03552307a 100644 --- a/pkgs/os-specific/linux/lxcfs/default.nix +++ b/pkgs/os-specific/linux/lxcfs/default.nix @@ -5,13 +5,13 @@ with lib; stdenv.mkDerivation rec { pname = "lxcfs"; - version = "4.0.11"; + version = "4.0.12"; src = fetchFromGitHub { owner = "lxc"; repo = "lxcfs"; rev = "lxcfs-${version}"; - sha256 = "sha256-jWOmGV85uTYjBFQZKR3+TgPWZix2vuN8TLA/dhL8jwk="; + sha256 = "sha256-+wp29GD+toXGfQbPGYbDJ7/P+FY1uQY4uK3OQxTE9GM="; }; nativeBuildInputs = [ pkg-config help2man autoreconfHook makeWrapper ]; diff --git a/pkgs/os-specific/linux/microcode/amd.nix b/pkgs/os-specific/linux/microcode/amd.nix index 72f413f9cb662..0f3d0f18186a0 100644 --- a/pkgs/os-specific/linux/microcode/amd.nix +++ b/pkgs/os-specific/linux/microcode/amd.nix @@ -1,9 +1,10 @@ -{ lib, stdenv, firmwareLinuxNonfree, libarchive }: +{ lib, stdenv, linux-firmware, libarchive }: stdenv.mkDerivation { - name = "amd-ucode-${firmwareLinuxNonfree.version}"; + pname = "amd-ucode"; + version = linux-firmware.version; - src = firmwareLinuxNonfree; + src = linux-firmware; sourceRoot = "."; @@ -11,7 +12,7 @@ stdenv.mkDerivation { buildPhase = '' mkdir -p kernel/x86/microcode - find ${firmwareLinuxNonfree}/lib/firmware/amd-ucode -name \*.bin \ + find ${linux-firmware}/lib/firmware/amd-ucode -name \*.bin \ -exec sh -c 'cat {} >> kernel/x86/microcode/AuthenticAMD.bin' \; ''; diff --git a/pkgs/os-specific/linux/microcode/intel.nix b/pkgs/os-specific/linux/microcode/intel.nix index f8bb7c67d8e59..923047ead11ad 100644 --- a/pkgs/os-specific/linux/microcode/intel.nix +++ b/pkgs/os-specific/linux/microcode/intel.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "microcode-intel"; - version = "20210608"; + version = "20220207"; src = fetchFromGitHub { owner = "intel"; repo = "Intel-Linux-Processor-Microcode-Data-Files"; rev = "microcode-${version}"; - sha256 = "08nk353z2lcqsjbm2qdsfapfgrvlfw0rj7r9scr9pllzkjj5n9x3"; + sha256 = "sha256-yNHYAf8AX8C8iSaFWa6u7knUryaUgvI6nIH9jkD4jjw="; }; nativeBuildInputs = [ iucode-tool libarchive ]; @@ -28,6 +28,6 @@ stdenv.mkDerivation rec { description = "Microcode for Intel processors"; license = licenses.unfreeRedistributableFirmware; platforms = platforms.linux; - maintainers = with maintainers; [ andir ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/os-specific/linux/multipath-tools/default.nix b/pkgs/os-specific/linux/multipath-tools/default.nix index 45ffa8896ae73..184d2e1fe6eb8 100644 --- a/pkgs/os-specific/linux/multipath-tools/default.nix +++ b/pkgs/os-specific/linux/multipath-tools/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, fetchpatch, pkg-config, perl, lvm2, libaio, gzip, readline, systemd, liburcu, json_c, kmod }: +{ lib, stdenv, fetchurl, fetchpatch, pkg-config, perl, lvm2, libaio, gzip, readline, systemd, liburcu, json_c, kmod, nixosTests }: stdenv.mkDerivation rec { pname = "multipath-tools"; @@ -53,6 +53,8 @@ stdenv.mkDerivation rec { "SYSTEMDPATH=lib" ]; + passthru.tests = { inherit (nixosTests) iscsi-multipath-root; }; + meta = with lib; { description = "Tools for the Linux multipathing driver"; homepage = "http://christophe.varoqui.free.fr/"; diff --git a/pkgs/os-specific/linux/net-tools/mptcp.nix b/pkgs/os-specific/linux/net-tools/mptcp.nix index 577b7c25311a3..b4ce59a7c68d2 100644 --- a/pkgs/os-specific/linux/net-tools/mptcp.nix +++ b/pkgs/os-specific/linux/net-tools/mptcp.nix @@ -1,7 +1,7 @@ { lib, nettools, fetchFromGitHub }: nettools.overrideAttrs(oa: rec { - name = "net-tools-mptcp"; + pname = "net-tools-mptcp"; version = "0.95"; src = fetchFromGitHub { diff --git a/pkgs/os-specific/linux/nixos-rebuild/default.nix b/pkgs/os-specific/linux/nixos-rebuild/default.nix index b317c5a1fbfd6..08bba5a428d16 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/default.nix +++ b/pkgs/os-specific/linux/nixos-rebuild/default.nix @@ -3,7 +3,6 @@ , coreutils , gnused , gnugrep -, jq , nix , lib }: @@ -19,5 +18,5 @@ substituteAll { nix_x86_64_linux = fallback.x86_64-linux; nix_i686_linux = fallback.i686-linux; nix_aarch64_linux = fallback.aarch64-linux; - path = lib.makeBinPath [ coreutils jq gnused gnugrep ]; + path = lib.makeBinPath [ coreutils gnused gnugrep ]; } diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index e5e40dca086ed..5f950eb8b76b9 100755 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -71,7 +71,7 @@ while [ "$#" -gt 0 ]; do j="$1"; shift 1 extraBuildFlags+=("$i" "$j") ;; - --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--refresh|--no-net|--offline|--impure) + --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--print-build-logs|--refresh|--no-net|--offline|--impure) extraBuildFlags+=("$i") ;; --option) @@ -247,6 +247,8 @@ nixFlakeBuild() { local k="$1"; shift 1 evalArgs+=("$i" "$j" "$k") ;; + --impure) # We don't want this in buildArgs, it's only needed at evaluation time, and unsupported during realisation + ;; *) buildArgs+=("$i") ;; @@ -343,11 +345,6 @@ if [[ -n $flake ]]; then fi fi -# Resolve the flake. -if [[ -n $flake ]]; then - flake=$(nix "${flakeFlags[@]}" flake metadata --json "${extraBuildFlags[@]}" "${lockFlags[@]}" -- "$flake" | jq -r .url) -fi - # Find configuration.nix and open editor instead of building. if [ "$action" = edit ]; then if [[ -z $flake ]]; then diff --git a/pkgs/os-specific/linux/numatop/default.nix b/pkgs/os-specific/linux/numatop/default.nix index ba972bb6916a6..0946d5050db47 100644 --- a/pkgs/os-specific/linux/numatop/default.nix +++ b/pkgs/os-specific/linux/numatop/default.nix @@ -1,17 +1,32 @@ -{ lib, stdenv, fetchurl, pkg-config, numactl, ncurses, check }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pkg-config, numactl, ncurses, check }: stdenv.mkDerivation rec { pname = "numatop"; - version = "2.1"; - src = fetchurl { - url = "https://github.com/intel/${pname}/releases/download/v${version}/${pname}-v${version}.tar.xz"; - sha256 = "1s7psq1xyswj0lpx10zg5lnppav2xy9safkfx3rssrs9c2fp5d76"; + version = "2.2"; + src = fetchFromGitHub { + owner = "intel"; + repo = "numatop"; + rev = "v${version}"; + sha256 = "sha256-GJvTwqgx34ZW10eIJj/xiKe3ZkAfs7GlJImz8jrnjfI="; }; - nativeBuildInputs = [ pkg-config ]; + nativeBuildInputs = [ autoreconfHook pkg-config ]; buildInputs = [ numactl ncurses ]; checkInputs = [ check ]; + patches = [ + (fetchpatch { + url = "https://github.com/intel/numatop/pull/54.patch"; + sha256 = "sha256-TbMLv7TT9T8wE4uJ1a/AroyPPwrwL0eX5IBLsh9GTTM="; + name = "fix-string-operations.patch"; + }) + (fetchpatch { + url = "https://github.com/intel/numatop/pull/64.patch"; + sha256 = "sha256-IevbSFJRTS5iQ5apHOVXzF67f3LJaW6j7DySFmVuyiM="; + name = "fix-format-strings-mvwprintw.patch"; + }) + ]; + doCheck = true; meta = with lib; { @@ -20,8 +35,8 @@ stdenv.mkDerivation rec { license = licenses.bsd3; maintainers = with maintainers; [ dtzWill ]; platforms = [ - { kernel.name = "linux"; cpu.family = "x86"; } - { kernel.name = "linux"; cpu.family = "power"; } + "i686-linux" "x86_64-linux" + "powerpc64-linux" "powerpc64le-linux" ]; }; } diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index d108ca0d00608..24ab34c4ea9db 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -89,10 +89,11 @@ installPhase() { sed -E "s#(libGLX_nvidia)#$i/lib/\\1#" nvidia_icd.json > nvidia_icd.json.fixed fi + # nvidia currently only supports x86_64 and i686 if [ "$system" = "i686-linux" ]; then install -Dm644 nvidia_icd.json.fixed $i/share/vulkan/icd.d/nvidia_icd.i686.json else - install -Dm644 nvidia_icd.json.fixed $i/share/vulkan/icd.d/nvidia_icd.json + install -Dm644 nvidia_icd.json.fixed $i/share/vulkan/icd.d/nvidia_icd.x86_64.json fi fi diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index 2af6db7faf38f..1452650178550 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -19,10 +19,10 @@ rec { # Policy: use the highest stable version as the default (on our master). stable = if stdenv.hostPlatform.system == "x86_64-linux" then generic { - version = "495.46"; - sha256_64bit = "2Dt30X2gxUZnqlsT1uqVpcUTBCV7Hs8vjUo7WuMcYvU="; - settingsSha256 = "vbcZYn+UBBGwjfrJ6SyXt3+JLBeNcXK4h8mjj7qxZPk="; - persistencedSha256 = "ieYqkVxe26cLw1LUgBsFSSowAyfZkTcItIzQCestCXI="; + version = "510.54"; + sha256_64bit = "TCDezK4/40et/Q5piaMG+QJP2t+DGtwejmCFVnUzUWE="; + settingsSha256 = "ZWz5UN6Pa69NlmerKu30G+X8WfGlAwnVerDrO7TRO6w="; + persistencedSha256 = "MgWrBjKXJeRqF+ouT72tTiLPtn+lsS/Cp3oS61AWV8Q="; } else legacy_390; @@ -30,10 +30,10 @@ rec { production = legacy_470; beta = generic { - version = "495.29.05"; - sha256_64bit = "sha256-9yVLl9QAxpJQR5ZJb059j2TpOx4xxCeGCk8hmhhvEl4="; - settingsSha256 = "sha256-dcEI+3bxSTwVbHcR6IgvIUFt4vWtK5T4NMGVhmmeVJ0="; - persistencedSha256 = "sha256-OT/hOXEPatc6pAKrxDe0jsmaDFCtVXAbdW4elKe6xE8="; + version = "510.39.01"; + sha256_64bit = "sha256-Lj7cOvulhApeuRycIiyYy5kcPv3ZlM8qqpPUWl0bmRs="; + settingsSha256 = "sha256-qlSwNq0wC/twvrbQjY+wSTcDaV5KG4Raq6WkzTizyXw="; + persistencedSha256 = "sha256-UNrl/hfiNXKGACQ7aHpsNcfcHPWVnycQ51yaa3eKXhI="; }; # Vulkan developer beta driver @@ -62,11 +62,11 @@ rec { # Last one supporting x86 legacy_390 = generic { - version = "390.143"; - sha256_32bit = "AelrdTTeo/3+ZdXK0iniZDB8gJUkeZQtNoRm25z+bQY="; - sha256_64bit = "tyKqcPM71ErK8ZZHLPtxmgrWzv6tfEmxBRveCSwTlO8="; - settingsSha256 = "EJPXZbxZS1CMENAYk9dCAIsHsRTXJpj473+JLuhGkWI="; - persistencedSha256 = "FtlPF3jCNr18NnImTmr8zJsaK9wbj/aWZ9LwoLr5SeE="; + version = "390.147"; + sha256_32bit = "00avsns7l0j1ai8bf8gav2qshvphfdngy388bwzz24p61mfv1i1a"; + sha256_64bit = "09qcdfn4j5jza3iw59wqwgq4a489qf7kx355yssrcahaw9g87lxz"; + settingsSha256 = "16qqw0jy31da65cdi17y3j2kcdhw09vra7g17bkcimaqnf70j0ni"; + persistencedSha256 = "1ad81y4qfpxrx0vqsk81a3h0bi1yg8hw5gi5y5d58p76vc8083i9"; }; legacy_340 = generic { @@ -77,6 +77,7 @@ rec { persistencedSha256 = "1ax4xn3nmxg1y6immq933cqzw6cj04x93saiasdc0kjlv0pvvnkn"; useGLVND = false; + broken = with kernel; kernelAtLeast "5.5"; patches = [ ./vm_operations_struct-fault.patch ]; }; } diff --git a/pkgs/os-specific/linux/nvidia-x11/generic.nix b/pkgs/os-specific/linux/nvidia-x11/generic.nix index ec83b472085da..c7e062534a4d4 100644 --- a/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -17,7 +17,7 @@ }@args: { lib, stdenv, callPackage, pkgs, pkgsi686Linux, fetchurl -, kernel ? null, perl, nukeReferences +, kernel ? null, perl, nukeReferences, which , # Whether to build the libraries only (i.e. not the kernel module or # nvidia-settings). Used to support 32-bit binaries on 64-bit # Linux. @@ -93,6 +93,7 @@ let libPath = libPathFor pkgs; libPath32 = optionalString i686bundled (libPathFor pkgsi686Linux); + buildInputs = [ which ]; nativeBuildInputs = [ perl nukeReferences ] ++ optionals (!libsOnly) kernel.moduleBuildDependencies; @@ -114,7 +115,7 @@ let description = "X.org driver and kernel module for NVIDIA graphics cards"; license = licenses.unfreeRedistributable; platforms = [ "x86_64-linux" ] ++ optionals (!i686bundled) [ "i686-linux" ]; - maintainers = with maintainers; [ ]; + maintainers = with maintainers; [ jonringer ]; priority = 4; # resolves collision with xorg-server's "lib/xorg/modules/extensions/libglx.so" inherit broken; }; diff --git a/pkgs/os-specific/linux/open-iscsi/default.nix b/pkgs/os-specific/linux/open-iscsi/default.nix index 0640316b627a9..a4f6565f0c708 100644 --- a/pkgs/os-specific/linux/open-iscsi/default.nix +++ b/pkgs/os-specific/linux/open-iscsi/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchFromGitHub, automake, autoconf, libtool, gettext -, util-linux, open-isns, openssl, kmod, perl, systemd, pkgconf +, util-linux, open-isns, openssl, kmod, perl, systemd, pkgconf, nixosTests }: stdenv.mkDerivation rec { @@ -42,6 +42,8 @@ stdenv.mkDerivation rec { sed -i "s|/sbin/iscsiadm|$out/bin/iscsiadm|" $out/bin/iscsi_fw_login ''; + passthru.tests = { inherit (nixosTests) iscsi-root iscsi-multipath-root; }; + meta = with lib; { description = "A high performance, transport independent, multi-platform implementation of RFC3720"; license = licenses.gpl2Plus; diff --git a/pkgs/os-specific/linux/openvswitch/default.nix b/pkgs/os-specific/linux/openvswitch/default.nix index e2346cca95c7d..380d76844c804 100644 --- a/pkgs/os-specific/linux/openvswitch/default.nix +++ b/pkgs/os-specific/linux/openvswitch/default.nix @@ -8,12 +8,12 @@ let _kernel = kernel; pythonEnv = python3.withPackages (ps: with ps; [ six ]); in stdenv.mkDerivation rec { - version = "2.15.1"; + version = "2.16.2"; pname = "openvswitch"; src = fetchurl { url = "https://www.openvswitch.org/releases/${pname}-${version}.tar.gz"; - sha256 = "0vgijwycf3wvzv9v811jrfr5rlwmihlxwpf16spl6k9n6zaswysw"; + sha256 = "sha256-A6xMMpmzjlbAtNTCejKclYsAOgjztUigo8qLmU8tSTQ="; }; kernel = optional (_kernel != null) _kernel.dev; diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index 12ff9f493a373..1476ae49006ce 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -5,13 +5,15 @@ stdenv.mkDerivation rec { pname = "linux-pam"; - version = "1.5.1"; + version = "1.5.2"; src = fetchurl { url = "https://github.com/linux-pam/linux-pam/releases/download/v${version}/Linux-PAM-${version}.tar.xz"; - sha256 = "sha256-IB1AcwsRNbGzzeoJ8sKKxjTXMYHM0Bcs7d7jZJxXkvw="; + sha256 = "sha256-5OxxMakdpEUSV0Jo9JPG2MoQXIcJFpG46bVspoXU+U0="; }; + patches = [ ./suid-wrapper-path.patch ]; + outputs = [ "out" "doc" "man" /* "modules" */ ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; @@ -23,18 +25,6 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - postInstall = '' - mv -v $out/sbin/unix_chkpwd{,.orig} - ln -sv /run/wrappers/bin/unix_chkpwd $out/sbin/unix_chkpwd - ''; /* - rm -rf $out/etc - mkdir -p $modules/lib - mv $out/lib/security $modules/lib/ - '';*/ - # don't move modules, because libpam needs to (be able to) find them, - # which is done by dlopening $out/lib/security/pam_foo.so - # $out/etc was also missed: pam_env(login:session): Unable to open config file - preConfigure = lib.optionalString (stdenv.hostPlatform.libc == "musl") '' # export ac_cv_search_crypt=no # (taken from Alpine linux, apparently insecure but also doesn't build O:)) diff --git a/pkgs/os-specific/linux/pam/suid-wrapper-path.patch b/pkgs/os-specific/linux/pam/suid-wrapper-path.patch new file mode 100644 index 0000000000000..71533c51a1902 --- /dev/null +++ b/pkgs/os-specific/linux/pam/suid-wrapper-path.patch @@ -0,0 +1,6 @@ +It needs the SUID version during runtime, and that can't be in /nix/store/** +--- a/modules/pam_unix/Makefile.in ++++ b/modules/pam_unix/Makefile.in +@@ -651 +651 @@ +- -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\" \ ++ -DCHKPWD_HELPER=\"/run/wrappers/bin/unix_chkpwd\" \ diff --git a/pkgs/os-specific/linux/pam_krb5/default.nix b/pkgs/os-specific/linux/pam_krb5/default.nix index af5fbccff0529..157226373db0a 100644 --- a/pkgs/os-specific/linux/pam_krb5/default.nix +++ b/pkgs/os-specific/linux/pam_krb5/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "pam-krb5"; - version = "4.10"; + version = "4.11"; src = fetchurl { url = "https://archives.eyrie.org/software/kerberos/pam-krb5-${version}.tar.gz"; - sha256 = "09wzxd5zrj5bzqpb01qf148npj5k8hmd2bx2ij1qsy40hdxqyq79"; + sha256 = "sha256-UDy+LLGv9L39o7z3+T+U+2ulLCbXCJNOcDmyGC/hCyA="; }; buildInputs = [ pam libkrb5 ]; diff --git a/pkgs/os-specific/linux/pam_pgsql/default.nix b/pkgs/os-specific/linux/pam_pgsql/default.nix index bca02c1706616..3cfa6733efa84 100644 --- a/pkgs/os-specific/linux/pam_pgsql/default.nix +++ b/pkgs/os-specific/linux/pam_pgsql/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "pam_pgsql"; - version = "0.7.3.2"; + version = "unstable-2020-05-05"; src = fetchFromGitHub { owner = "pam-pgsql"; repo = "pam-pgsql"; - rev = "release-${version}"; - sha256 = "1a68krq5m07zspdxwl1wmkr5j98zr9bdg4776kvplrsdcg97h4jk"; + rev = "f9fd1e1a0daf754e6764a31db5cbec6f9fc02b3d"; + sha256 = "1bvddrwyk1479wibyayzc24h62qzfnlbk9qvdhb31yw9yn17gp6k"; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/pkgs/os-specific/linux/pam_usb/default.nix b/pkgs/os-specific/linux/pam_usb/default.nix index 8411c4fdbfaff..0091accd57a7a 100644 --- a/pkgs/os-specific/linux/pam_usb/default.nix +++ b/pkgs/os-specific/linux/pam_usb/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, makeWrapper, dbus, libxml2, pam, pkg-config, pmount, pythonPackages, writeScript, runtimeShell }: +{ lib, stdenv, fetchurl, makeWrapper, dbus, libxml2, pam, pkg-config, pmount, python2Packages, writeScript, runtimeShell }: let @@ -29,7 +29,7 @@ let pmountBin = useSetUID pmount "/bin/pmount"; pumountBin = useSetUID pmount "/bin/pumount"; - inherit (pythonPackages) python dbus-python; + inherit (python2Packages) python dbus-python; in stdenv.mkDerivation rec { diff --git a/pkgs/os-specific/linux/pcm/default.nix b/pkgs/os-specific/linux/pcm/default.nix index a7b26fb6d711a..a5d9771a2f9c2 100644 --- a/pkgs/os-specific/linux/pcm/default.nix +++ b/pkgs/os-specific/linux/pcm/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "pcm"; - version = "202110"; + version = "202112"; src = fetchFromGitHub { owner = "opcm"; repo = "pcm"; rev = version; - sha256 = "sha256-YcTsC1ceCXKALroyZtgRYpqK3ysJhgzRJ8fBiCx7CCM="; + sha256 = "sha256-uuQvj8BcUmuYDwV4r3oqkT+QTcSFcGjBeGUM2NZRFcA="; }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/pflask/default.nix b/pkgs/os-specific/linux/pflask/default.nix index 92294b58e42ad..ba525c1a387ad 100644 --- a/pkgs/os-specific/linux/pflask/default.nix +++ b/pkgs/os-specific/linux/pflask/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, python, wafHook }: +{ lib, stdenv, fetchFromGitHub, python2, wafHook }: stdenv.mkDerivation rec { pname = "pflask"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ wafHook ]; - buildInputs = [ python ]; + buildInputs = [ python2 ]; meta = { description = "Lightweight process containers for Linux"; diff --git a/pkgs/os-specific/linux/pommed-light/default.nix b/pkgs/os-specific/linux/pommed-light/default.nix index 0797656f653e9..e86658ccb0ac3 100644 --- a/pkgs/os-specific/linux/pommed-light/default.nix +++ b/pkgs/os-specific/linux/pommed-light/default.nix @@ -10,13 +10,12 @@ }: stdenv.mkDerivation rec { - pkgname = "pommed-light"; + pname = "pommed-light"; version = "1.51lw"; - name = "${pkgname}-${version}"; src = fetchFromGitHub { owner = "bytbox"; - repo = pkgname; + repo = "pommed-light"; rev = "v${version}"; sha256 = "18fvdwwhcl6s4bpf2f2i389s71c8k4g0yb81am9rdddqmzaw27iy"; }; diff --git a/pkgs/os-specific/linux/procdump/default.nix b/pkgs/os-specific/linux/procdump/default.nix index 0b40a4dd03654..05ec4b90ed702 100644 --- a/pkgs/os-specific/linux/procdump/default.nix +++ b/pkgs/os-specific/linux/procdump/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, bash, coreutils, gdb, zlib }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, bash, coreutils, gdb, zlib }: stdenv.mkDerivation rec { pname = "procdump"; @@ -11,6 +11,16 @@ stdenv.mkDerivation rec { sha256 = "sha256-gVswAezHl7E2cBTJEQhPFXhHkzhWVHSpPF8m0s8+ekc="; }; + patches = [ + # Pull upstream patch to fix parallel builds: + # https://github.com/Sysinternals/ProcDump-for-Linux/pull/133 + (fetchpatch { + name = "parallel.patch"; + url = "https://github.com/Sysinternals/ProcDump-for-Linux/commit/0d735836f11281cc6134be93eac8acb302f2055e.patch"; + sha256 = "sha256-zsqllPHF8ZuXAIDSAPvbzdKa43uSSx9ilUKM1vFVW90="; + }) + ]; + nativeBuildInputs = [ zlib ]; buildInputs = [ bash coreutils gdb ]; @@ -27,6 +37,8 @@ stdenv.mkDerivation rec { "MANDIR=/share/man/man1" ]; + enableParallelBuilding = true; + doCheck = false; # needs sudo root doInstallCheck = true; diff --git a/pkgs/os-specific/linux/rdma-core/default.nix b/pkgs/os-specific/linux/rdma-core/default.nix index 710a74d67d8cf..f7543291deda1 100644 --- a/pkgs/os-specific/linux/rdma-core/default.nix +++ b/pkgs/os-specific/linux/rdma-core/default.nix @@ -5,13 +5,13 @@ stdenv.mkDerivation rec { pname = "rdma-core"; - version = "38.0"; + version = "39.0"; src = fetchFromGitHub { owner = "linux-rdma"; repo = "rdma-core"; rev = "v${version}"; - sha256 = "1z9yrkqdknzidg4g1g5rqrs7i0325nmzzw0nf2ki1nzlfwqxy9qv"; + sha256 = "sha256-7Z06bdCtv/gdZKzKfcU+JrWl4+b6b/cdKp8pMLCZZo0="; }; strictDeps = true; diff --git a/pkgs/os-specific/linux/rtl8189es/default.nix b/pkgs/os-specific/linux/rtl8189es/default.nix new file mode 100644 index 0000000000000..500359f7e4fd4 --- /dev/null +++ b/pkgs/os-specific/linux/rtl8189es/default.nix @@ -0,0 +1,50 @@ +{ stdenv, lib, fetchFromGitHub, kernel, bc, nukeReferences }: + +stdenv.mkDerivation rec { + name = "rtl8189es-${kernel.version}-${version}"; + version = "2020-10-03"; + + src = fetchFromGitHub { + owner = "jwrdegoede"; + repo = "rtl8189ES_linux"; + rev = "03ac413135a355b55b693154c44b70f86a39732e"; + sha256 = "0wiikviwyvy6h55rgdvy7csi1zqniqg26p8x44rd6mhbw0g00h56"; + }; + + nativeBuildInputs = [ bc nukeReferences ]; + buildInputs = kernel.moduleBuildDependencies; + + hardeningDisable = [ "pic" "format" ]; + + prePatch = '' + substituteInPlace ./Makefile --replace /lib/modules/ "${kernel.dev}/lib/modules/" + substituteInPlace ./Makefile --replace '$(shell uname -r)' "${kernel.modDirVersion}" + substituteInPlace ./Makefile --replace /sbin/depmod \# + substituteInPlace ./Makefile --replace '$(MODDESTDIR)' "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + makeFlags = [ + "ARCH=${stdenv.hostPlatform.linuxArch}" + "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ("CONFIG_PLATFORM_I386_PC=" + (if (stdenv.hostPlatform.isi686 || stdenv.hostPlatform.isx86_64) then "y" else "n")) + ("CONFIG_PLATFORM_ARM_RPI=" + (if (stdenv.hostPlatform.isAarch32 || stdenv.hostPlatform.isAarch64) then "y" else "n")) + ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ + "CROSS_COMPILE=${stdenv.cc.targetPrefix}" + ]; + + preInstall = '' + mkdir -p "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + postInstall = '' + nuke-refs $out/lib/modules/*/kernel/net/wireless/*.ko + ''; + + meta = with lib; { + description = "Driver for Realtek rtl8189es"; + homepage = "https://github.com/jwrdegoede/rtl8189ES_linux"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ danielfullmer lheckemann ]; + }; +} diff --git a/pkgs/os-specific/linux/ryzenadj/default.nix b/pkgs/os-specific/linux/ryzenadj/default.nix index e50cb7e8d53a4..cdc2425ae4ad8 100644 --- a/pkgs/os-specific/linux/ryzenadj/default.nix +++ b/pkgs/os-specific/linux/ryzenadj/default.nix @@ -1,13 +1,13 @@ { lib, stdenv, fetchFromGitHub, pciutils, cmake }: stdenv.mkDerivation rec { pname = "ryzenadj"; - version = "0.8.2"; + version = "0.8.3"; src = fetchFromGitHub { owner = "FlyGoat"; repo = "RyzenAdj"; rev = "v${version}"; - sha256 = "182l9nchlpl4yr568n86086glkr607rif92wnwc7v3aym62ch6ld"; + sha256 = "sha256-eb8DskF0SJtc0tDKJ1vU7dtuQmHO7RX8vm4DQki2ZEg="; }; nativeBuildInputs = [ pciutils cmake ]; diff --git a/pkgs/os-specific/linux/sgx/samples/default.nix b/pkgs/os-specific/linux/sgx/samples/default.nix new file mode 100644 index 0000000000000..f9c5ae4505450 --- /dev/null +++ b/pkgs/os-specific/linux/sgx/samples/default.nix @@ -0,0 +1,109 @@ +{ stdenv +, lib +, makeWrapper +, sgx-sdk +, sgx-psw +, which + # "SIM" or "HW" +, sgxMode +}: +let + isSimulation = sgxMode == "SIM"; + buildSample = name: stdenv.mkDerivation { + pname = name; + version = sgxMode; + + src = sgx-sdk.out; + sourceRoot = "${sgx-sdk.name}/share/SampleCode/${name}"; + + nativeBuildInputs = [ + makeWrapper + which + ]; + + buildInputs = [ + sgx-sdk + ]; + + # The samples don't have proper support for parallel building + # causing them to fail randomly. + enableParallelBuilding = false; + + buildFlags = [ + "SGX_MODE=${sgxMode}" + ]; + + installPhase = '' + runHook preInstall + + mkdir -p $out/{bin,lib} + install -m 755 app $out/bin + install *.so $out/lib + + wrapProgram "$out/bin/app" \ + --run "cd $out/lib" \ + ${lib.optionalString (!isSimulation) + ''--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ sgx-psw ]}"''} + + runHook postInstall + ''; + + # Breaks the signature of the enclaves + dontFixup = true; + + # We don't have access to real SGX hardware during the build + doInstallCheck = isSimulation; + installCheckPhase = '' + runHook preInstallCheck + + pushd / + echo a | $out/bin/app + popd + + runHook preInstallCheck + ''; + }; +in +{ + cxx11SGXDemo = buildSample "Cxx11SGXDemo"; + localAttestation = (buildSample "LocalAttestation").overrideAttrs (oldAttrs: { + installPhase = '' + runHook preInstall + + mkdir -p $out/{bin,lib} + install -m 755 bin/app* $out/bin + install bin/*.so $out/lib + + for bin in $out/bin/*; do + wrapProgram $bin \ + --run "cd $out/lib" \ + ${lib.optionalString (!isSimulation) + ''--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ sgx-psw ]}"''} + done + + runHook postInstall + ''; + }); + powerTransition = buildSample "PowerTransition"; + protobufSGXDemo = buildSample "ProtobufSGXDemo"; + remoteAttestation = (buildSample "RemoteAttestation").overrideAttrs (oldAttrs: { + # Makefile sets rpath to point to $TMPDIR + preFixup = '' + patchelf --remove-rpath $out/bin/app + ''; + + postInstall = '' + install sample_libcrypto/*.so $out/lib + ''; + }); + sampleEnclave = buildSample "SampleEnclave"; + sampleEnclavePCL = buildSample "SampleEnclavePCL"; + sampleEnclaveGMIPP = buildSample "SampleEnclaveGMIPP"; + sealUnseal = (buildSample "SealUnseal").overrideAttrs (oldAttrs: { + prePatch = '' + substituteInPlace App/App.cpp \ + --replace '"sealed_data_blob.txt"' '"/tmp/sealed_data_blob.txt"' + ''; + }); + switchless = buildSample "Switchless"; +} diff --git a/pkgs/os-specific/linux/sgx/sdk/default.nix b/pkgs/os-specific/linux/sgx/sdk/default.nix index 18876f927e804..baa4ad2a3375c 100644 --- a/pkgs/os-specific/linux/sgx/sdk/default.nix +++ b/pkgs/os-specific/linux/sgx/sdk/default.nix @@ -3,15 +3,16 @@ , fetchFromGitHub , fetchpatch , fetchzip -, callPackage , autoconf , automake , binutils +, callPackage , cmake , file , gdb , git , libtool +, linkFarmFromDrvs , nasm , ocaml , ocamlPackages @@ -20,6 +21,7 @@ , python3 , texinfo , validatePkgConfig +, writeShellApplication , writeShellScript , writeText , debug ? false @@ -46,6 +48,11 @@ stdenv.mkDerivation rec { ''; patches = [ + # Fix missing pthread_compat.h, see https://github.com/intel/linux-sgx/pull/784 + (fetchpatch { + url = "https://github.com/intel/linux-sgx/commit/254b58f922a6bd49c308a4f47f05f525305bd760.patch"; + sha256 = "sha256-sHU++K7NJ+PdITx3y0PwstA9MVh10rj2vrLn01N9F4w="; + }) # Commit to add missing sgx_ippcp.h not yet part of this release (fetchpatch { name = "add-missing-sgx_ippcp-header.patch"; @@ -257,7 +264,25 @@ stdenv.mkDerivation rec { postHooks+=(sgxsdk) ''; - passthru.tests = callPackage ./samples.nix { }; + passthru.tests = callPackage ../samples { sgxMode = "SIM"; }; + + # Run tests in SGX hardware mode on an SGX-enabled machine + # $(nix-build -A sgx-sdk.runTestsHW)/bin/run-tests-hw + passthru.runTestsHW = + let + testsHW = lib.filterAttrs (_: v: v ? "name") (callPackage ../samples { sgxMode = "HW"; }); + testsHWLinked = linkFarmFromDrvs "sgx-samples-hw-bundle" (lib.attrValues testsHW); + in + writeShellApplication { + name = "run-tests-hw"; + text = '' + for test in ${testsHWLinked}/*; do + printf '*** Running test %s ***\n\n' "$(basename "$test")" + printf 'a\n' | "$test/bin/app" + printf '\n' + done + ''; + }; meta = with lib; { description = "Intel SGX SDK for Linux built with IPP Crypto Library"; diff --git a/pkgs/os-specific/linux/sgx/sdk/samples.nix b/pkgs/os-specific/linux/sgx/sdk/samples.nix deleted file mode 100644 index 21b31f824476b..0000000000000 --- a/pkgs/os-specific/linux/sgx/sdk/samples.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ stdenv -, sgx-sdk -, which -}: -let - buildSample = name: stdenv.mkDerivation rec { - inherit name; - - src = sgx-sdk.out; - sourceRoot = "${sgx-sdk.name}/share/SampleCode/${name}"; - - buildInputs = [ - sgx-sdk - ]; - - # The samples don't have proper support for parallel building - # causing them to fail randomly. - enableParallelBuilding = false; - - buildFlags = [ - "SGX_MODE=SIM" - ]; - - installPhase = '' - mkdir $out - install -m 755 app $out/app - install *.so $out/ - ''; - - doInstallCheck = true; - installCheckInputs = [ which ]; - installCheckPhase = '' - pushd $out - ./app - popd - ''; - }; -in -{ - cxx11SGXDemo = buildSample "Cxx11SGXDemo"; - localAttestation = (buildSample "LocalAttestation").overrideAttrs (oldAttrs: { - installPhase = '' - mkdir $out - cp -r bin/. $out/ - ''; - }); - powerTransition = (buildSample "PowerTransition").overrideAttrs (oldAttrs: { - # Requires interaction - doInstallCheck = false; - }); - protobufSGXDemo = buildSample "ProtobufSGXDemo"; - remoteAttestation = (buildSample "RemoteAttestation").overrideAttrs (oldAttrs: { - dontFixup = true; - installCheckPhase = '' - echo "a" | LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD/sample_libcrypto ./app - ''; - }); - sampleEnclave = buildSample "SampleEnclave"; - sampleEnclavePCL = buildSample "SampleEnclavePCL"; - sampleEnclaveGMIPP = buildSample "SampleEnclaveGMIPP"; - sealUnseal = buildSample "SealUnseal"; - switchless = buildSample "Switchless"; -} diff --git a/pkgs/os-specific/linux/sgx/ssl/default.nix b/pkgs/os-specific/linux/sgx/ssl/default.nix new file mode 100644 index 0000000000000..c54eda19d6a21 --- /dev/null +++ b/pkgs/os-specific/linux/sgx/ssl/default.nix @@ -0,0 +1,95 @@ +{ stdenv +, fetchFromGitHub +, fetchpatch +, fetchurl +, lib +, perl +, sgx-sdk +, which +, debug ? false +}: +let + sgxVersion = sgx-sdk.versionTag; + opensslVersion = "1.1.1l"; +in +stdenv.mkDerivation rec { + pname = "sgx-ssl" + lib.optionalString debug "-debug"; + version = "lin_${sgxVersion}_${opensslVersion}"; + + src = fetchFromGitHub { + owner = "intel"; + repo = "intel-sgx-ssl"; + rev = version; + hash = "sha256-ibPXs90ni2fkxJ09fNO6wWVpfCFdko6MjBFkEsyIih8="; + }; + + postUnpack = + let + opensslSourceArchive = fetchurl { + url = "https://www.openssl.org/source/openssl-${opensslVersion}.tar.gz"; + hash = "sha256-C3o+XlnDSCf+DDp0t+yLrvMCuY+oAIjX+RU6oW+na9E="; + }; + in + '' + ln -s ${opensslSourceArchive} $sourceRoot/openssl_source/openssl-${opensslVersion}.tar.gz + ''; + + patches = [ + # https://github.com/intel/intel-sgx-ssl/pull/111 + ./intel-sgx-ssl-pr-111.patch + ]; + + postPatch = '' + patchShebangs Linux/build_openssl.sh + + # Run the test in the `installCheckPhase`, not the `buildPhase` + substituteInPlace Linux/sgx/Makefile \ + --replace '$(MAKE) -C $(TEST_DIR) all' \ + 'bash -c "true"' + ''; + + enableParallelBuilding = true; + + nativeBuildInputs = [ + perl + sgx-sdk + stdenv.glibc + which + ]; + + makeFlags = [ + "-C Linux" + ] ++ lib.optionals debug [ + "DEBUG=1" + ]; + + installFlags = [ + "DESTDIR=$(out)" + ]; + + # Build the test app + # + # Running the test app is currently only supported on Intel CPUs + # and will fail on non-Intel CPUs even in SGX simulation mode. + # Therefore, we only build the test app without running it until + # upstream resolves the issue: https://github.com/intel/intel-sgx-ssl/issues/113 + doInstallCheck = true; + installCheckTarget = "all"; + installCheckFlags = [ + "SGX_MODE=SIM" + "-C sgx/test_app" + "-j 1" # Makefile doesn't support multiple jobs + ]; + preInstallCheck = '' + # Expects the enclave file in the current working dir + ln -s sgx/test_app/TestEnclave.signed.so . + ''; + + meta = with lib; { + description = "Cryptographic library for Intel SGX enclave applications based on OpenSSL"; + homepage = "https://github.com/intel/intel-sgx-ssl"; + maintainers = with maintainers; [ trundle veehaitch ]; + platforms = [ "x86_64-linux" ]; + license = with licenses; [ bsd3 openssl ]; + }; +} diff --git a/pkgs/os-specific/linux/sgx/ssl/intel-sgx-ssl-pr-111.patch b/pkgs/os-specific/linux/sgx/ssl/intel-sgx-ssl-pr-111.patch new file mode 100644 index 0000000000000..6ef06d7e231b7 --- /dev/null +++ b/pkgs/os-specific/linux/sgx/ssl/intel-sgx-ssl-pr-111.patch @@ -0,0 +1,99 @@ +From 1683c336e11b3cbe2b48c1be1c9460a661523c71 Mon Sep 17 00:00:00 2001 +From: Vincent Haupert <mail@vincent-haupert.de> +Date: Sat, 8 Jan 2022 17:22:31 +0100 +Subject: [PATCH 1/3] Linux: fix Nix detection + +Detect the `OS_ID` of Nix by probing for the presence of the `NIX_STORE` +environment variable instead of `NIX_PATH`. The latter is only set in a +`nix-shell` session but isn't when building a derivation through +`nix-build`. In contrast, the `NIX_STORE` environment variable is set in +both cases. + +Signed-off-by: Vincent Haupert <mail@vincent-haupert.de> +--- + Linux/sgx/buildenv.mk | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Linux/sgx/buildenv.mk b/Linux/sgx/buildenv.mk +index cd8818e..dac23c7 100644 +--- a/Linux/sgx/buildenv.mk ++++ b/Linux/sgx/buildenv.mk +@@ -65,7 +65,7 @@ $(shell mkdir -p $(PACKAGE_LIB)) + UBUNTU_CONFNAME:=/usr/include/x86_64-linux-gnu/bits/confname.h + ifneq ("$(wildcard $(UBUNTU_CONFNAME))","") + OS_ID=1 +-else ifeq ($(origin NIX_PATH),environment) ++else ifeq ($(origin NIX_STORE),environment) + OS_ID=3 + else + OS_ID=2 + +From f493525face589d759223bfa45bb802c31ddce4f Mon Sep 17 00:00:00 2001 +From: Vincent Haupert <mail@vincent-haupert.de> +Date: Sat, 8 Jan 2022 17:33:22 +0100 +Subject: [PATCH 2/3] Linux: call binaries relative to PATH + +Using an absolute path to call binaries is incompatible with +distributions which do not follow the Filesystem Hierachy Standard; +Nix is an example. Also, it is inconsistent with the rest of the code +base, let alone superfluous. + +Signed-off-by: Vincent Haupert <mail@vincent-haupert.de> +--- + Linux/build_openssl.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Linux/build_openssl.sh b/Linux/build_openssl.sh +index 7d77b79..e8b59a1 100755 +--- a/Linux/build_openssl.sh ++++ b/Linux/build_openssl.sh +@@ -38,7 +38,7 @@ SGXSSL_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + echo $SGXSSL_ROOT + + OPENSSL_INSTALL_DIR="$SGXSSL_ROOT/../openssl_source/OpenSSL_install_dir_tmp" +-OPENSSL_VERSION=`/bin/ls $SGXSSL_ROOT/../openssl_source/*1.1.1*.tar.gz | /usr/bin/head -1 | /bin/grep -o '[^/]*$' | /bin/sed -s -- 's/\.tar\.gz//'` ++OPENSSL_VERSION=`ls $SGXSSL_ROOT/../openssl_source/*1.1.1*.tar.gz | head -1 | grep -o '[^/]*$' | sed -s -- 's/\.tar\.gz//'` + if [ "$OPENSSL_VERSION" == "" ] + then + echo "In order to run this script, OpenSSL tar.gz package must be located in openssl_source/ directory." + +From fdb883d30fff72b5cfb8c61a2288d3d948f64224 Mon Sep 17 00:00:00 2001 +From: Vincent Haupert <mail@vincent-haupert.de> +Date: Tue, 11 Jan 2022 10:56:39 +0100 +Subject: [PATCH 3/3] Linux: properly extract GCC major version + +Calling `gcc -dumpversion` yields the full version string, e.g., +`10.3.0`. The `build_openssl.sh` bash script uses the `-ge` number +comparison operator to check if the returned version is at least +8. This results in an error if the returned GCC version includes a patch +version; "10.3.0" isn't a valid number. + +This commit fixes the version detection by only extracting the relevant +major version of GCC. + +Signed-off-by: Vincent Haupert <mail@vincent-haupert.de> +--- + Linux/build_openssl.sh | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/Linux/build_openssl.sh b/Linux/build_openssl.sh +index e8b59a1..6e4046f 100755 +--- a/Linux/build_openssl.sh ++++ b/Linux/build_openssl.sh +@@ -82,6 +82,7 @@ fi + MITIGATION_OPT="" + MITIGATION_FLAGS="" + CC_VERSION=`gcc -dumpversion` ++CC_VERSION_MAJOR=`echo "$CC_VERSION" | cut -f1 -d.` + for arg in "$@" + do + case $arg in +@@ -99,7 +100,7 @@ do + ;; + -mfunction-return=thunk-extern) + MITIGATION_FLAGS+=" $arg" +- if [[ $CC_VERSION -ge 8 ]] ; then ++ if [[ "$CC_VERSION_MAJOR" -ge 8 ]] ; then + MITIGATION_FLAGS+=" -fcf-protection=none" + fi + shift diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index e20023b2b6ebf..2e4ae1649ea86 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -11,7 +11,7 @@ let else assert stdenv.hostPlatform.libc == "glibc"; stdenv.cc.libc; dots_in_usernames = fetchpatch { - url = "http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch"; + url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch"; sha256 = "1fj3rg6x3jppm5jvi9y7fhd2djbi4nc5pgwisw00xlh4qapgz692"; }; diff --git a/pkgs/os-specific/linux/sinit/default.nix b/pkgs/os-specific/linux/sinit/default.nix index f88eca9b48736..a412461bfd511 100644 --- a/pkgs/os-specific/linux/sinit/default.nix +++ b/pkgs/os-specific/linux/sinit/default.nix @@ -1,36 +1,29 @@ -{lib, stdenv, fetchgit, rcinit ? null, rcshutdown ? null, rcreboot ? null}: -let - s = # Generated upstream information - rec { - baseName="sinit"; - version="1.1"; - name="${baseName}-${version}"; - url="https://git.suckless.org/sinit/"; - sha256="sha256-VtXkgixgElKKOT26uKN9feXDVjjtSgTWvcgk5o5MLmw="; +{ lib, stdenv, fetchgit, rcinit ? null, rcshutdown ? null, rcreboot ? null }: + +stdenv.mkDerivation rec { + pname = "sinit"; + version = "1.1"; + + src = fetchgit { + url = "https://git.suckless.org/sinit/"; + sha256 = "sha256-VtXkgixgElKKOT26uKN9feXDVjjtSgTWvcgk5o5MLmw="; rev = "refs/tags/v${version}"; }; buildInputs = [ (lib.getOutput "static" stdenv.cc.libc) ]; -in -stdenv.mkDerivation { - inherit (s) name version; - inherit buildInputs; - src = fetchgit { - inherit (s) url sha256 rev; - }; - makeFlags = ["PREFIX=$(out)"]; + makeFlags = [ "PREFIX=$(out)" ]; preConfigure = "" + (lib.optionalString (rcinit != null) ''sed -re 's@(rcinitcmd[^"]*")[^"]*"@\1${rcinit}"@' -i config.def.h; '') + (lib.optionalString (rcshutdown != null) ''sed -re 's@(rc(reboot|poweroff)cmd[^"]*")[^"]*"@\1${rcshutdown}"@' -i config.def.h; '') + (lib.optionalString (rcreboot != null) ''sed -re 's@(rc(reboot)cmd[^"]*")[^"]*"@\1${rcreboot}"@' -i config.def.h; '') - ; - meta = { - inherit (s) version; + ; + + meta = with lib; { description = "A very minimal Linux init implementation from suckless.org"; - license = lib.licenses.mit ; - maintainers = [lib.maintainers.raskin]; - platforms = lib.platforms.linux; + license = licenses.mit; + maintainers = with maintainers; [ raskin ]; + platforms = platforms.linux; homepage = "https://tools.suckless.org/sinit"; downloadPage = "https://git.suckless.org/sinit"; }; diff --git a/pkgs/os-specific/linux/smem/default.nix b/pkgs/os-specific/linux/smem/default.nix index cace3e22ae7d3..b2636382aec64 100644 --- a/pkgs/os-specific/linux/smem/default.nix +++ b/pkgs/os-specific/linux/smem/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, python }: +{ lib, stdenv, fetchurl, python2 }: stdenv.mkDerivation rec { pname = "smem"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "19ibv1byxf2b68186ysrgrhy5shkc5mc69abark1h18yigp3j34m"; }; - buildInputs = [ python ]; + buildInputs = [ python2 ]; makeFlags = [ "smemcap" ]; diff --git a/pkgs/os-specific/linux/speedometer/default.nix b/pkgs/os-specific/linux/speedometer/default.nix index 2801334688b0e..2802fddf8ce55 100644 --- a/pkgs/os-specific/linux/speedometer/default.nix +++ b/pkgs/os-specific/linux/speedometer/default.nix @@ -1,6 +1,6 @@ -{ lib, fetchurl, pythonPackages }: +{ lib, fetchurl, python2Packages }: -pythonPackages.buildPythonApplication rec { +python2Packages.buildPythonApplication rec { pname = "speedometer"; version = "2.8"; @@ -9,7 +9,7 @@ pythonPackages.buildPythonApplication rec { sha256 = "060bikv3gwr203jbdmvawsfhc0yq0bg1m42dk8czx1nqvwvgv6fm"; }; - propagatedBuildInputs = [ pythonPackages.urwid ]; + propagatedBuildInputs = [ python2Packages.urwid ]; postPatch = '' sed -i "/'entry_points': {/d" setup.py diff --git a/pkgs/os-specific/linux/sssd/default.nix b/pkgs/os-specific/linux/sssd/default.nix index d0ff53fb96b90..22602d12bd5a8 100644 --- a/pkgs/os-specific/linux/sssd/default.nix +++ b/pkgs/os-specific/linux/sssd/default.nix @@ -13,13 +13,13 @@ let in stdenv.mkDerivation rec { pname = "sssd"; - version = "2.6.1"; + version = "2.6.3"; src = fetchFromGitHub { owner = "SSSD"; repo = pname; rev = version; - sha256 = "sha256-AcfNm/0VpjD+Aa1ZUwI2EI/i0s06rxQCfabv3a/AM38="; + sha256 = "sha256-m0ArsN9xopfBPnHTiPDEOPuhQHQ2zoICGwVM7P05k3U="; }; postPatch = '' diff --git a/pkgs/os-specific/linux/statifier/default.nix b/pkgs/os-specific/linux/statifier/default.nix index 5afb399fc162c..eefd95d1153a9 100644 --- a/pkgs/os-specific/linux/statifier/default.nix +++ b/pkgs/os-specific/linux/statifier/default.nix @@ -1,8 +1,8 @@ { lib, multiStdenv, fetchurl }: -let version = "1.7.4"; in -multiStdenv.mkDerivation { - name = "statifier-${version}"; +multiStdenv.mkDerivation rec { + pname = "statifier"; + version = "1.7.4"; src = fetchurl { url = "mirror://sourceforge/statifier/statifier-${version}.tar.gz"; diff --git a/pkgs/os-specific/linux/sysdig/default.upstream b/pkgs/os-specific/linux/sysdig/default.upstream deleted file mode 100644 index 485de5741d790..0000000000000 --- a/pkgs/os-specific/linux/sysdig/default.upstream +++ /dev/null @@ -1,8 +0,0 @@ -url https://github.com/draios/sysdig/releases -ensure_choice -version '.*/([0-9.]+)[.]tar[.].*' '\1' -do_overwrite () { - ensure_hash - set_var_value sha256 $CURRENT_HASH - set_var_value version $CURRENT_VERSION -} diff --git a/pkgs/os-specific/linux/sysstat/default.nix b/pkgs/os-specific/linux/sysstat/default.nix index 2d5b3e2ab5588..5389caaa33fb3 100644 --- a/pkgs/os-specific/linux/sysstat/default.nix +++ b/pkgs/os-specific/linux/sysstat/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "sysstat"; - version = "12.4.3"; + version = "12.4.4"; src = fetchurl { url = "http://pagesperso-orange.fr/sebastien.godard/sysstat-${version}.tar.xz"; - sha256 = "sha256-rkMkMfRarLyrrPu+Ep4lBeIVyvqc6ZbXVQxgkaRvC/0="; + sha256 = "sha256-lRLnR54E+S4lHFxrS9lLj2Q9ISvQ6Yao6k0Uem6UPSQ="; }; buildInputs = [ gettext ]; diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index ac95dc745fe19..a87c59558e01c 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -1,7 +1,7 @@ -From d4ea219a35a09fe02bc9e47e8530644cb4fc4146 Mon Sep 17 00:00:00 2001 +From 93b2d29de784c68d1b4d70d7f214b19432aec6a8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Tue, 8 Jan 2013 15:46:30 +0100 -Subject: [PATCH 01/21] Start device units for uninitialised encrypted devices +Subject: [PATCH 01/19] Start device units for uninitialised encrypted devices This is necessary because the NixOS service that initialises the filesystem depends on the appearance of the device unit. Also, this @@ -28,5 +28,5 @@ index 25b8a590a6..d18999ea87 100644 SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}!="crypto_LUKS", SYMLINK+="gpt-auto-root" SUBSYSTEM=="block", ENV{ID_PART_GPT_AUTO_ROOT}=="1", ENV{ID_FS_TYPE}=="crypto_LUKS", SYMLINK+="gpt-auto-root-luks" -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index dd351c0010063..e9fedd239f473 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,7 +1,7 @@ -From 67abd8f22f70d9348bc9d8e0e93dde4d325627ba Mon Sep 17 00:00:00 2001 +From 41edb381df0326e216b3c569d2cd5764591267d9 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 12 Apr 2013 13:16:57 +0200 -Subject: [PATCH 02/21] Don't try to unmount /nix or /nix/store +Subject: [PATCH 02/19] Don't try to unmount /nix or /nix/store They'll still be remounted read-only. @@ -25,10 +25,10 @@ index f683f05981..5a04c2c2a6 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index c2a26242c0..9936398f32 100644 +index 1f945b7875..6df9d383ba 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -496,6 +496,8 @@ static int delete_md(MountPoint *m) { +@@ -508,6 +508,8 @@ static int delete_md(MountPoint *m) { static bool nonunmountable_path(const char *path) { return path_equal(path, "/") @@ -38,5 +38,5 @@ index c2a26242c0..9936398f32 100644 || path_equal(path, "/usr") #endif -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 2dd3d87f6ed27..217629f7d6ac7 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -1,7 +1,7 @@ -From 37c9471f59bd57223014a4a645b5f96a71d78787 Mon Sep 17 00:00:00 2001 +From 43620479f6bfbbc4c3eed28947e0676c817acb7c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Wed, 16 Apr 2014 10:59:28 +0200 -Subject: [PATCH 03/21] Fix NixOS containers +Subject: [PATCH 03/19] Fix NixOS containers In NixOS containers, the init script is bind-mounted into the container, so checking early whether it exists will fail. @@ -30,5 +30,5 @@ index 575b9da447..438ca294db 100644 } else { -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch index 54d9ff93b43b8..f7b768af515f2 100644 --- a/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch +++ b/pkgs/os-specific/linux/systemd/0004-Look-for-fsck-in-the-right-place.patch @@ -1,7 +1,7 @@ -From 987d6f94dac8e1a75615fd9ddcfb0eb1c2c4c349 Mon Sep 17 00:00:00 2001 +From a08ed6697974d7f7dabe60d42bbc9e31a10f7e23 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Thu, 1 May 2014 14:10:10 +0200 -Subject: [PATCH 04/21] Look for fsck in the right place +Subject: [PATCH 04/19] Look for fsck in the right place --- src/fsck/fsck.c | 2 +- @@ -21,5 +21,5 @@ index cd7adfaeb9..68cebdd158 100644 cmdline[i++] = "-T"; -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index ee878b410f048..7ebf07d0a82b7 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -1,7 +1,7 @@ -From da4f855044b2babe052ce303cca1de736cf952cd Mon Sep 17 00:00:00 2001 +From ddcfae6de8c460903c5db8c536ffeb5771e976f8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Fri, 19 Dec 2014 14:46:17 +0100 -Subject: [PATCH 05/21] Add some NixOS-specific unit directories +Subject: [PATCH 05/19] Add some NixOS-specific unit directories Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for units provided by packages installed into the default profile via @@ -122,5 +122,5 @@ index fc0f8c34fa..162432e77f 100644 systemd_sleep_dir=${root_prefix}/lib/systemd/system-sleep -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch index 482eeacb0218f..0c09107c5ef22 100644 --- a/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0006-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -1,7 +1,7 @@ -From c06abdb631527f56a626b739340d1b275349612c Mon Sep 17 00:00:00 2001 +From b39b8871bcaa07280d6b0cf2226b1a3be31232b8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra <eelco.dolstra@logicblox.com> Date: Mon, 11 May 2015 15:39:38 +0200 -Subject: [PATCH 06/21] Get rid of a useless message in user sessions +Subject: [PATCH 06/19] Get rid of a useless message in user sessions Namely lots of variants of @@ -27,5 +27,5 @@ index 34891a8754..b9b4789720 100644 /* If stopping a unit fails continuously we might enter a stop loop here, hence stop acting on the * service being unnecessary after a while. */ -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch index 22e4c74d08d74..d7649b5e44a76 100644 --- a/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0007-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -1,7 +1,7 @@ -From 207c69466cdd164c42ed1901deb06f57b12f4363 Mon Sep 17 00:00:00 2001 +From 566208aea81057789218b959f4d0e898eec54fc9 Mon Sep 17 00:00:00 2001 From: Gabriel Ebner <gebner@gebner.org> Date: Sun, 6 Dec 2015 14:26:36 +0100 -Subject: [PATCH 07/21] hostnamed, localed, timedated: disable methods that +Subject: [PATCH 07/19] hostnamed, localed, timedated: disable methods that change system settings. --- @@ -104,5 +104,5 @@ index 66b454269d..0a8fe25d0f 100644 if (r < 0) return r; -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch index e5a0bf7d97fa6..f938b553c9f52 100644 --- a/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch +++ b/pkgs/os-specific/linux/systemd/0008-Fix-hwdb-paths.patch @@ -1,7 +1,7 @@ -From 3ca3855259c3015615983587063fa159cfa7e93c Mon Sep 17 00:00:00 2001 +From 3b9983969de2a86929768f6362ed41c20dd13bd3 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 7 Jul 2016 02:47:13 +0300 -Subject: [PATCH 08/21] Fix hwdb paths +Subject: [PATCH 08/19] Fix hwdb paths Patch by vcunat. --- @@ -24,5 +24,5 @@ index 5ddc2211e6..ee621eec46 100644 + "/etc/udev/hwdb.bin\0" + -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 9e22ea719e35b..87cf1afc7d22b 100644 --- a/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0009-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -1,7 +1,7 @@ -From 717226ad0dc37ceb6c667c1f56396848978b6e83 Mon Sep 17 00:00:00 2001 +From b5966b6abb9696798618367cab33d1fed317734f Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Tue, 11 Oct 2016 13:12:08 +0300 -Subject: [PATCH 09/21] Change /usr/share/zoneinfo to /etc/zoneinfo +Subject: [PATCH 09/19] Change /usr/share/zoneinfo to /etc/zoneinfo NixOS uses this path. --- @@ -137,5 +137,5 @@ index 0a8fe25d0f..2f02b9a520 100644 return -ENOMEM; -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch index ce0ad7e4ddc30..6e36bbdc34065 100644 --- a/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0010-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -1,7 +1,7 @@ -From 75d12cf65073458f091899d673c613dfc43f60c0 Mon Sep 17 00:00:00 2001 +From f4e9304560ad42eeb8d42be583cc55eb2e5b4bb1 Mon Sep 17 00:00:00 2001 From: Imuli <i@imu.li> Date: Wed, 19 Oct 2016 08:46:47 -0400 -Subject: [PATCH 10/21] localectl: use /etc/X11/xkb for list-x11-* +Subject: [PATCH 10/19] localectl: use /etc/X11/xkb for list-x11-* NixOS has an option to link the xkb data files to /etc/X11, but not to /usr/share/X11. @@ -23,5 +23,5 @@ index 548ac8eb2c..5e372f1566 100644 return log_error_errno(errno, "Failed to open keyboard mapping list. %m"); -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index a03c5a14ad898..5aa22d988952d 100644 --- a/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0011-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -1,17 +1,17 @@ -From bce75eb4cdeb0b86df6b0a577e886c49a88303f6 Mon Sep 17 00:00:00 2001 +From 43a363f30b6012d600cfb62a3851c4ac7af4d1d5 Mon Sep 17 00:00:00 2001 From: Franz Pletz <fpletz@fnordicwalking.de> Date: Sun, 11 Feb 2018 04:37:44 +0100 -Subject: [PATCH 11/21] build: don't create statedir and don't touch prefixdir +Subject: [PATCH 11/19] build: don't create statedir and don't touch prefixdir --- meson.build | 3 --- 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index b5a51b6d0d..99b071542c 100644 +index 5bdfd9753d..5bf6afc7b7 100644 --- a/meson.build +++ b/meson.build -@@ -3540,9 +3540,6 @@ install_data('LICENSE.GPL2', +@@ -3539,9 +3539,6 @@ install_data('LICENSE.GPL2', 'docs/GVARIANT-SERIALIZATION.md', install_dir : docdir) @@ -22,5 +22,5 @@ index b5a51b6d0d..99b071542c 100644 # Ensure that changes to the docs/ directory do not break the -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch index 0576f7a62f2c9..a2bdfcf8ec3fd 100644 --- a/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0012-inherit-systemd-environment-when-calling-generators.patch @@ -1,7 +1,7 @@ -From ecdf0c5d9f88f526521f093cc9ee85f43efab4b7 Mon Sep 17 00:00:00 2001 +From 7ea935a5ac4f31106ce9347227d4eb59b77b02cd Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Fri, 2 Nov 2018 21:15:42 +0100 -Subject: [PATCH 12/21] inherit systemd environment when calling generators. +Subject: [PATCH 12/19] inherit systemd environment when calling generators. Systemd generators need access to the environment configured in stage-2-init.sh since it schedules fsck and mkfs executions based on @@ -40,5 +40,5 @@ index b9b4789720..79239afe4a 100644 finish: -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch index a424cf1061cc0..20372a5dbad58 100644 --- a/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0013-add-rootprefix-to-lookup-dir-paths.patch @@ -1,7 +1,7 @@ -From 39969a1b01d6c223a21c770093209b7f4047aaa4 Mon Sep 17 00:00:00 2001 +From eb93778af78a127e8e20d6ed7fd9f91fd22dc7c9 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Thu, 9 May 2019 11:15:22 +0200 -Subject: [PATCH 13/21] add rootprefix to lookup dir paths +Subject: [PATCH 13/19] add rootprefix to lookup dir paths systemd does not longer use the UDEVLIBEXEC directory as root for discovery default udev rules. By adding `$out/lib` to the lookup paths @@ -34,5 +34,5 @@ index 2e60abb4f1..732ec51d36 100644 #define CONF_PATHS(n) \ CONF_PATHS_USR(n) \ -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index 5610d4d3ecc61..a22566eb4cc30 100644 --- a/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0014-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -1,7 +1,7 @@ -From e7c960789b0ca97b24a66e9eeaa56ea645d9c66b Mon Sep 17 00:00:00 2001 +From 1d623def80a3532ac1445499c9d4673e21ae8195 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:45:55 +0300 -Subject: [PATCH 14/21] systemd-shutdown: execute scripts in +Subject: [PATCH 14/19] systemd-shutdown: execute scripts in /etc/systemd/system-shutdown This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -23,5 +23,5 @@ index a98cfc4d8a..b0b34edda7 100644 /* The log target defaults to console, but the original systemd process will pass its log target in through a * command line argument, which will override this default. Also, ensure we'll never log to the journal or -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 11848a623a327..1a21d1005ee04 100644 --- a/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0015-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -1,7 +1,7 @@ -From 6124720aa2b9dbc07f2fb898f0db150a44a86041 Mon Sep 17 00:00:00 2001 +From 5a96c4a98be971d84a12ae04e42bc3cb889d5191 Mon Sep 17 00:00:00 2001 From: Nikolay Amiantov <ab@fmap.me> Date: Thu, 25 Jul 2019 20:46:58 +0300 -Subject: [PATCH 15/21] systemd-sleep: execute scripts in +Subject: [PATCH 15/19] systemd-sleep: execute scripts in /etc/systemd/system-sleep This is needed for NixOS to use such scripts as systemd directory is immutable. @@ -22,5 +22,5 @@ index a3aeb24633..0ed6a34d79 100644 }; -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch index 156195d9a9009..12624cb5548fc 100644 --- a/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch +++ b/pkgs/os-specific/linux/systemd/0016-kmod-static-nodes.service-Update-ConditionFileNotEmp.patch @@ -1,27 +1,32 @@ -From bee1d855d4fb7f2d6f6b9beb1dfd14b1dea31887 Mon Sep 17 00:00:00 2001 +From 775a2a8940c07f4af33a2a11bfa17e0257b427cb Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sat, 7 Mar 2020 22:40:27 +0100 -Subject: [PATCH 16/21] kmod-static-nodes.service: Update ConditionFileNotEmpty +Subject: [PATCH 16/19] kmod-static-nodes.service: Update ConditionFileNotEmpty -On NixOS, kernel modules of the currently booted systems are located at -/run/booted-system/kernel-modules/lib/modules/%v/, not /lib/modules/%v/. +kmod loads modules from not only /lib/modules but also from +/run/booted-system/kernel-modules/lib/modules and +/run/current-system/kernel-modules/lib/module + +Co-authored-by: Arian van Putten <arian.vanputten@gmail.com> --- - units/kmod-static-nodes.service.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) + units/kmod-static-nodes.service.in | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in -index 777e82d16b..b6abc2bba0 100644 +index 777e82d16b..9a5e05a1cc 100644 --- a/units/kmod-static-nodes.service.in +++ b/units/kmod-static-nodes.service.in -@@ -12,7 +12,7 @@ Description=Create List of Static Device Nodes +@@ -12,7 +12,9 @@ Description=Create List of Static Device Nodes DefaultDependencies=no Before=sysinit.target systemd-tmpfiles-setup-dev.service ConditionCapability=CAP_SYS_MODULE -ConditionFileNotEmpty=/lib/modules/%v/modules.devname -+ConditionFileNotEmpty=/run/booted-system/kernel-modules/lib/modules/%v/modules.devname ++ConditionFileNotEmpty=|/lib/modules/%v/modules.devname ++ConditionFileNotEmpty=|/run/booted-system/kernel-modules/lib/modules/%v/modules.devname ++ConditionFileNotEmpty=|/run/current-system/kernel-modules/lib/modules/%v/modules.devname [Service] Type=oneshot -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index 1f21b628e9236..52b74284fe26d 100644 --- a/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0017-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -1,7 +1,7 @@ -From 62198599bbc559eeb8e2a3caebce7b9135085270 Mon Sep 17 00:00:00 2001 +From 6ddb2011b379f3232374327517af874b68c434b5 Mon Sep 17 00:00:00 2001 From: Florian Klink <flokli@flokli.de> Date: Sun, 8 Mar 2020 01:05:54 +0100 -Subject: [PATCH 17/21] path-util.h: add placeholder for DEFAULT_PATH_NORMAL +Subject: [PATCH 17/19] path-util.h: add placeholder for DEFAULT_PATH_NORMAL This will be the $PATH used to lookup ExecStart= etc. options, which systemd itself uses extensively. @@ -29,5 +29,5 @@ index 26e7362d1f..a8f8a863ec 100644 #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch index 344b8b3952ff6..58eb7f96e642c 100644 --- a/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch +++ b/pkgs/os-specific/linux/systemd/0018-pkg-config-derive-prefix-from-prefix.patch @@ -1,7 +1,7 @@ -From 7654964344ba083529cb232ab229db7c0888f782 Mon Sep 17 00:00:00 2001 +From 50f2ada6cbfafa75b628410e8834f29581854e6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> Date: Sun, 6 Dec 2020 08:34:19 +0100 -Subject: [PATCH 18/21] pkg-config: derive prefix from --prefix +Subject: [PATCH 18/19] pkg-config: derive prefix from --prefix Point prefix to the one configured, instead of `/usr` `systemd` has limited support for making the pkgconfig prefix overridable, and interpolates those @@ -29,5 +29,5 @@ index 162432e77f..2fc20daf03 100644 rootprefix=${root_prefix} sysconf_dir={{SYSCONF_DIR}} -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch index 4f950650d3206..54e5c32aeb446 100644 --- a/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch +++ b/pkgs/os-specific/linux/systemd/0019-core-handle-lookup-paths-being-symlinks.patch @@ -1,7 +1,7 @@ -From 4e9b4aa87d299be08cffc77a86d6f473a7a4109a Mon Sep 17 00:00:00 2001 +From 2ab388cf0be320879e668a6206cb15d002b55f98 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold <andreas@rammhold.de> Date: Wed, 18 Aug 2021 19:10:08 +0200 -Subject: [PATCH 19/21] core: handle lookup paths being symlinks +Subject: [PATCH 19/19] core: handle lookup paths being symlinks With a recent change paths leaving the statically known lookup paths would be treated differently then those that remained within those. That @@ -76,5 +76,5 @@ index 0d58b1c4fe..7314f1245f 100644 log_debug("%s: linked unit file: %s → %s", __func__, filename, simplified); -- -2.33.0 +2.33.1 diff --git a/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch b/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch deleted file mode 100644 index 5c82cdbd6fab3..0000000000000 --- a/pkgs/os-specific/linux/systemd/0020-sd-boot-Unify-error-handling.patch +++ /dev/null @@ -1,401 +0,0 @@ -From 3cf1b5fb6d1dc342e836cf0990df3170d2e9db49 Mon Sep 17 00:00:00 2001 -From: Jan Janssen <medhefgo@web.de> -Date: Wed, 11 Aug 2021 14:59:46 +0200 -Subject: [PATCH 20/21] sd-boot: Unify error handling - -log_error_stall() and log_error_status_stall() will ensure the user has -a chance to catch an error message by stalling and also forcing a -lightred/black color on it. Also, convert several Print() calls to it -since they are actually error messages. - -(cherry picked from commit 8aba0eec499b762657f528988c2f093ac490620d) ---- - src/boot/efi/boot.c | 62 ++++++++++---------------------- - src/boot/efi/random-seed.c | 73 +++++++++++++------------------------- - src/boot/efi/stub.c | 24 ++++--------- - src/boot/efi/util.c | 17 +++++++-- - src/boot/efi/util.h | 9 +++++ - 5 files changed, 75 insertions(+), 110 deletions(-) - -diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c -index 13940a6df7..54d704f0d1 100644 ---- a/src/boot/efi/boot.c -+++ b/src/boot/efi/boot.c -@@ -527,7 +527,7 @@ static BOOLEAN menu_run( - err = console_set_mode(&config->console_mode, config->console_mode_change); - if (EFI_ERROR(err)) { - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -- Print(L"Error switching console mode to %ld: %r.\r", (UINT64)config->console_mode, err); -+ log_error_stall(L"Error switching console mode to %lu: %r", (UINT64)config->console_mode, err); - } - } else - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -@@ -1221,8 +1221,7 @@ static VOID config_entry_bump_counters( - break; - - if (r != EFI_BUFFER_TOO_SMALL || file_info_size * 2 < file_info_size) { -- Print(L"\nFailed to get file info for '%s': %r\n", old_path, r); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to get file info for '%s': %r", old_path, r); - return; - } - -@@ -1234,8 +1233,7 @@ static VOID config_entry_bump_counters( - StrCpy(file_info->FileName, entry->next_name); - r = uefi_call_wrapper(handle->SetInfo, 4, handle, &EfiFileInfoGuid, file_info_size, file_info); - if (EFI_ERROR(r)) { -- Print(L"\nFailed to rename '%s' to '%s', ignoring: %r\n", old_path, entry->next_name, r); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to rename '%s' to '%s', ignoring: %r", old_path, entry->next_name, r); - return; - } - -@@ -2165,18 +2163,12 @@ static EFI_STATUS image_start( - EFI_STATUS err; - - path = FileDevicePath(entry->device, entry->loader); -- if (!path) { -- Print(L"Error getting device path."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return EFI_INVALID_PARAMETER; -- } -+ if (!path) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Error getting device path."); - - err = uefi_call_wrapper(BS->LoadImage, 6, FALSE, parent_image, path, NULL, 0, &image); -- if (EFI_ERROR(err)) { -- Print(L"Error loading %s: %r", entry->loader, err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error loading %s: %r", entry->loader, err); - - if (config->options_edit) - options = config->options_edit; -@@ -2190,8 +2182,7 @@ static EFI_STATUS image_start( - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - parent_image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); - if (EFI_ERROR(err)) { -- Print(L"Error getting LoadedImageProtocol handle: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Error getting LoadedImageProtocol handle: %r", err); - goto out_unload; - } - loaded_image->LoadOptions = options; -@@ -2202,10 +2193,8 @@ static EFI_STATUS image_start( - err = tpm_log_event(SD_TPM_PCR, - (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); -- if (EFI_ERROR(err)) { -- Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); -- } -+ if (EFI_ERROR(err)) -+ log_error_stall(L"Unable to add image options measurement: %r", err); - #endif - } - -@@ -2231,9 +2220,7 @@ static EFI_STATUS reboot_into_firmware(VOID) { - return err; - - err = uefi_call_wrapper(RT->ResetSystem, 4, EfiResetCold, EFI_SUCCESS, 0, NULL); -- Print(L"Error calling ResetSystem: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ return log_error_status_stall(err, L"Error calling ResetSystem: %r", err); - } - - static VOID config_free(Config *config) { -@@ -2305,30 +2292,21 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); -- if (EFI_ERROR(err)) { -- Print(L"Error getting a LoadedImageProtocol handle: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); - - /* export the device path this image is started from */ - if (disk_get_part_uuid(loaded_image->DeviceHandle, uuid) == EFI_SUCCESS) - efivar_set(LOADER_GUID, L"LoaderDevicePartUUID", uuid, 0); - - root_dir = LibOpenRoot(loaded_image->DeviceHandle); -- if (!root_dir) { -- Print(L"Unable to open root directory."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return EFI_LOAD_ERROR; -- } -+ if (!root_dir) -+ return log_error_status_stall(EFI_LOAD_ERROR, L"Unable to open root directory.", EFI_LOAD_ERROR); - - if (secure_boot_enabled() && shim_loaded()) { - err = security_policy_install(); -- if (EFI_ERROR(err)) { -- Print(L"Error installing security policy: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error installing security policy: %r", err); - } - - /* the filesystem path to this image, to prevent adding ourselves to the menu */ -@@ -2367,8 +2345,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - } - - if (config.entry_count == 0) { -- Print(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"No loader found. Configuration files in \\loader\\entries\\*.conf are needed."); - goto out; - } - -@@ -2440,8 +2417,7 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - err = image_start(image, &config, entry); - if (EFI_ERROR(err)) { - graphics_mode(FALSE); -- Print(L"\nFailed to execute %s (%s): %r\n", entry->title, entry->loader, err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Failed to execute %s (%s): %r", entry->title, entry->loader, err); - goto out; - } - -diff --git a/src/boot/efi/random-seed.c b/src/boot/efi/random-seed.c -index 3e179851b0..939daf3e41 100644 ---- a/src/boot/efi/random-seed.c -+++ b/src/boot/efi/random-seed.c -@@ -35,10 +35,8 @@ static EFI_STATUS acquire_rng(UINTN size, VOID **ret) { - return log_oom(); - - err = uefi_call_wrapper(rng->GetRNG, 3, rng, NULL, size, data); -- if (EFI_ERROR(err)) { -- Print(L"Failed to acquire RNG data: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to acquire RNG data: %r", err); - - *ret = TAKE_PTR(data); - return EFI_SUCCESS; -@@ -149,14 +147,12 @@ static EFI_STATUS acquire_system_token(VOID **ret, UINTN *ret_size) { - err = efivar_get_raw(LOADER_GUID, L"LoaderSystemToken", &data, &size); - if (EFI_ERROR(err)) { - if (err != EFI_NOT_FOUND) -- Print(L"Failed to read LoaderSystemToken EFI variable: %r", err); -+ log_error_stall(L"Failed to read LoaderSystemToken EFI variable: %r", err); - return err; - } - -- if (size <= 0) { -- Print(L"System token too short, ignoring."); -- return EFI_NOT_FOUND; -- } -+ if (size <= 0) -+ return log_error_status_stall(EFI_NOT_FOUND, L"System token too short, ignoring."); - - *ret = TAKE_PTR(data); - *ret_size = size; -@@ -209,8 +205,7 @@ static VOID validate_sha256(void) { - sha256_finish_ctx(&hash, result); - - if (CompareMem(result, array[i].hash, HASH_VALUE_SIZE) != 0) { -- Print(L"SHA256 failed validation.\n"); -- uefi_call_wrapper(BS->Stall, 1, 120 * 1000 * 1000); -+ log_error_stall(L"SHA256 failed validation."); - return; - } - } -@@ -246,7 +241,7 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &handle, (CHAR16*) L"\\loader\\random-seed", EFI_FILE_MODE_READ|EFI_FILE_MODE_WRITE, 0ULL); - if (EFI_ERROR(err)) { - if (err != EFI_NOT_FOUND && err != EFI_WRITE_PROTECTED) -- Print(L"Failed to open random seed file: %r\n", err); -+ log_error_stall(L"Failed to open random seed file: %r", err); - return err; - } - -@@ -255,15 +250,11 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - return log_oom(); - - size = info->FileSize; -- if (size < RANDOM_MAX_SIZE_MIN) { -- Print(L"Random seed file is too short?\n"); -- return EFI_INVALID_PARAMETER; -- } -+ if (size < RANDOM_MAX_SIZE_MIN) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too short."); - -- if (size > RANDOM_MAX_SIZE_MAX) { -- Print(L"Random seed file is too large?\n"); -- return EFI_INVALID_PARAMETER; -- } -+ if (size > RANDOM_MAX_SIZE_MAX) -+ return log_error_status_stall(EFI_INVALID_PARAMETER, L"Random seed file is too large."); - - seed = AllocatePool(size); - if (!seed) -@@ -271,20 +262,14 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - - rsize = size; - err = uefi_call_wrapper(handle->Read, 3, handle, &rsize, seed); -- if (EFI_ERROR(err)) { -- Print(L"Failed to read random seed file: %r\n", err); -- return err; -- } -- if (rsize != size) { -- Print(L"Short read on random seed file\n"); -- return EFI_PROTOCOL_ERROR; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to read random seed file: %r", err); -+ if (rsize != size) -+ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short read on random seed file."); - - err = uefi_call_wrapper(handle->SetPosition, 2, handle, 0); -- if (EFI_ERROR(err)) { -- Print(L"Failed to seek to beginning of random seed file: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to seek to beginning of random seed file: %r", err); - - /* Request some random data from the UEFI RNG. We don't need this to work safely, but it's a good - * idea to use it because it helps us for cases where users mistakenly include a random seed in -@@ -299,27 +284,19 @@ EFI_STATUS process_random_seed(EFI_FILE *root_dir, RandomSeedMode mode) { - /* Update the random seed on disk before we use it */ - wsize = size; - err = uefi_call_wrapper(handle->Write, 3, handle, &wsize, new_seed); -- if (EFI_ERROR(err)) { -- Print(L"Failed to write random seed file: %r\n", err); -- return err; -- } -- if (wsize != size) { -- Print(L"Short write on random seed file\n"); -- return EFI_PROTOCOL_ERROR; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to write random seed file: %r", err); -+ if (wsize != size) -+ return log_error_status_stall(EFI_PROTOCOL_ERROR, L"Short write on random seed file."); - - err = uefi_call_wrapper(handle->Flush, 1, handle); -- if (EFI_ERROR(err)) { -- Print(L"Failed to flush random seed file: %r\n"); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to flush random seed file: %r", err); - - /* We are good to go */ - err = efivar_set_raw(LOADER_GUID, L"LoaderRandomSeed", for_kernel, size, 0); -- if (EFI_ERROR(err)) { -- Print(L"Failed to write random seed to EFI variable: %r\n", err); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Failed to write random seed to EFI variable: %r", err); - - return EFI_SUCCESS; - } -diff --git a/src/boot/efi/stub.c b/src/boot/efi/stub.c -index 082fe91c9e..82da1d3ec4 100644 ---- a/src/boot/efi/stub.c -+++ b/src/boot/efi/stub.c -@@ -36,18 +36,12 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - - err = uefi_call_wrapper(BS->OpenProtocol, 6, image, &LoadedImageProtocol, (VOID **)&loaded_image, - image, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); -- if (EFI_ERROR(err)) { -- Print(L"Error getting a LoadedImageProtocol handle: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err); - - err = pe_memory_locate_sections(loaded_image->ImageBase, sections, addrs, offs, szs); -- if (EFI_ERROR(err)) { -- Print(L"Unable to locate embedded .linux section: %r ", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -- } -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Unable to locate embedded .linux section: %r", err); - - if (szs[0] > 0) - cmdline = (CHAR8 *)(loaded_image->ImageBase) + addrs[0]; -@@ -72,10 +66,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - err = tpm_log_event(SD_TPM_PCR, - (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->LoadOptions, - loaded_image->LoadOptionsSize, loaded_image->LoadOptions); -- if (EFI_ERROR(err)) { -- Print(L"Unable to add image options measurement: %r", err); -- uefi_call_wrapper(BS->Stall, 1, 200 * 1000); -- } -+ if (EFI_ERROR(err)) -+ log_error_stall(L"Unable to add image options measurement: %r", err); - #endif - } - -@@ -126,7 +118,5 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - (UINTN)loaded_image->ImageBase + addrs[2], szs[2]); - - graphics_mode(FALSE); -- Print(L"Execution of embedded linux image failed: %r\n", err); -- uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -- return err; -+ return log_error_status_stall(err, L"Execution of embedded linux image failed: %r", err); - } -diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c -index 6f4e5933d3..aee076060b 100644 ---- a/src/boot/efi/util.c -+++ b/src/boot/efi/util.c -@@ -411,8 +411,21 @@ EFI_STATUS file_read(EFI_FILE_HANDLE dir, const CHAR16 *name, UINTN off, UINTN s - return err; - } - -+VOID log_error_stall(const CHAR16 *fmt, ...) { -+ va_list args; -+ -+ uefi_call_wrapper(ST->ConOut->SetAttribute, 2, ST->ConOut, EFI_LIGHTRED|EFI_BACKGROUND_BLACK); -+ -+ Print(L"\n"); -+ va_start(args, fmt); -+ VPrint(fmt, args); -+ va_end(args); -+ Print(L"\n"); -+ -+ uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+} -+ - EFI_STATUS log_oom(void) { -- Print(L"Out of memory."); -- (void) uefi_call_wrapper(BS->Stall, 1, 3 * 1000 * 1000); -+ log_error_stall(L"Out of memory."); - return EFI_OUT_OF_RESOURCES; - } -diff --git a/src/boot/efi/util.h b/src/boot/efi/util.h -index 1a42b01033..d3bf848a95 100644 ---- a/src/boot/efi/util.h -+++ b/src/boot/efi/util.h -@@ -74,4 +74,13 @@ static inline void FileHandleClosep(EFI_FILE_HANDLE *handle) { - #define UINT64_MAX ((UINT64) -1) - #endif - -+VOID log_error_stall(const CHAR16 *fmt, ...); - EFI_STATUS log_oom(void); -+ -+/* This works just like log_error_errno() from userspace, but requires you -+ * to provide err a second time if you want to use %r in the message! */ -+#define log_error_status_stall(err, fmt, ...) \ -+ ({ \ -+ log_error_stall(fmt, ##__VA_ARGS__); \ -+ err; \ -+ }) --- -2.33.0 - diff --git a/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch b/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch deleted file mode 100644 index 7cdc2491fa33e..0000000000000 --- a/pkgs/os-specific/linux/systemd/0021-sd-boot-Rework-console-input-handling.patch +++ /dev/null @@ -1,320 +0,0 @@ -From 2d9fcfcfa38667ada306e095599944f941576e53 Mon Sep 17 00:00:00 2001 -From: Jan Janssen <medhefgo@web.de> -Date: Wed, 11 Aug 2021 14:59:46 +0200 -Subject: [PATCH 21/21] sd-boot: Rework console input handling - -Fixes: #15847 -Probably fixes: #19191 - -(cherry picked from commit e98d271e57f3d0356e444b6ea2d48836ee2769b0) ---- - src/boot/efi/boot.c | 55 +++++++--------------- - src/boot/efi/console.c | 102 +++++++++++++++++++++++++++++------------ - src/boot/efi/console.h | 2 +- - 3 files changed, 91 insertions(+), 68 deletions(-) - -diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c -index 54d704f0d1..b4f3b9605a 100644 ---- a/src/boot/efi/boot.c -+++ b/src/boot/efi/boot.c -@@ -134,7 +134,7 @@ static BOOLEAN line_edit( - uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, print); - uefi_call_wrapper(ST->ConOut->SetCursorPosition, 3, ST->ConOut, cursor, y_pos); - -- err = console_key_read(&key, TRUE); -+ err = console_key_read(&key, 0); - if (EFI_ERROR(err)) - continue; - -@@ -387,7 +387,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - Print(L"OsIndicationsSupported: %d\n", indvar); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - - Print(L"timeout: %u\n", config->timeout_sec); - if (config->timeout_sec_efivar >= 0) -@@ -432,7 +432,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - Print(L"LoaderEntryDefault: %s\n", defaultstr); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - - for (UINTN i = 0; i < config->entry_count; i++) { - ConfigEntry *entry; -@@ -482,7 +482,7 @@ static VOID print_status(Config *config, CHAR16 *loaded_image_path) { - entry->path, entry->next_name); - - Print(L"\n--- press key ---\n\n"); -- console_key_read(&key, TRUE); -+ console_key_read(&key, 0); - } - - uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut); -@@ -509,11 +509,10 @@ static BOOLEAN menu_run( - UINTN y_max; - CHAR16 *status; - CHAR16 *clearline; -- INTN timeout_remain; -+ UINTN timeout_remain = config->timeout_sec; - INT16 idx; - BOOLEAN exit = FALSE; - BOOLEAN run = TRUE; -- BOOLEAN wait = FALSE; - - graphics_mode(FALSE); - uefi_call_wrapper(ST->ConIn->Reset, 2, ST->ConIn, FALSE); -@@ -538,12 +537,6 @@ static BOOLEAN menu_run( - y_max = 25; - } - -- /* we check 10 times per second for a keystroke */ -- if (config->timeout_sec > 0) -- timeout_remain = config->timeout_sec * 10; -- else -- timeout_remain = -1; -- - idx_highlight = config->idx_default; - idx_highlight_prev = 0; - -@@ -643,7 +636,7 @@ static BOOLEAN menu_run( - - if (timeout_remain > 0) { - FreePool(status); -- status = PoolPrint(L"Boot in %d sec.", (timeout_remain + 5) / 10); -+ status = PoolPrint(L"Boot in %d s.", timeout_remain); - } - - /* print status at last line of screen */ -@@ -664,27 +657,18 @@ static BOOLEAN menu_run( - uefi_call_wrapper(ST->ConOut->OutputString, 2, ST->ConOut, clearline+1 + x + len); - } - -- err = console_key_read(&key, wait); -- if (EFI_ERROR(err)) { -- /* timeout reached */ -+ err = console_key_read(&key, timeout_remain > 0 ? 1000 * 1000 : 0); -+ if (err == EFI_TIMEOUT) { -+ timeout_remain--; - if (timeout_remain == 0) { - exit = TRUE; - break; - } - -- /* sleep and update status */ -- if (timeout_remain > 0) { -- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); -- timeout_remain--; -- continue; -- } -- -- /* timeout disabled, wait for next key */ -- wait = TRUE; -+ /* update status */ - continue; -- } -- -- timeout_remain = -1; -+ } else -+ timeout_remain = 0; - - /* clear status after keystroke */ - if (status) { -@@ -787,7 +771,7 @@ static BOOLEAN menu_run( - config->timeout_sec_efivar, - EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_efivar > 0) -- status = PoolPrint(L"Menu timeout set to %d sec.", config->timeout_sec_efivar); -+ status = PoolPrint(L"Menu timeout set to %d s.", config->timeout_sec_efivar); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); - } else if (config->timeout_sec_efivar <= 0){ -@@ -795,7 +779,7 @@ static BOOLEAN menu_run( - efivar_set( - LOADER_GUID, L"LoaderConfigTimeout", NULL, EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_config > 0) -- status = PoolPrint(L"Menu timeout of %d sec is defined by configuration file.", -+ status = PoolPrint(L"Menu timeout of %d s is defined by configuration file.", - config->timeout_sec_config); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); -@@ -813,7 +797,7 @@ static BOOLEAN menu_run( - config->timeout_sec_efivar, - EFI_VARIABLE_NON_VOLATILE); - if (config->timeout_sec_efivar > 0) -- status = PoolPrint(L"Menu timeout set to %d sec.", -+ status = PoolPrint(L"Menu timeout set to %d s.", - config->timeout_sec_efivar); - else - status = StrDuplicate(L"Menu disabled. Hold down key at bootup to show menu."); -@@ -2369,13 +2353,8 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) { - else { - UINT64 key; - -- err = console_key_read(&key, FALSE); -- -- if (err == EFI_NOT_READY) { -- uefi_call_wrapper(BS->Stall, 1, 100 * 1000); -- err = console_key_read(&key, FALSE); -- } -- -+ /* Block up to 100ms to give firmware time to get input working. */ -+ err = console_key_read(&key, 100 * 1000); - if (!EFI_ERROR(err)) { - INT16 idx; - -diff --git a/src/boot/efi/console.c b/src/boot/efi/console.c -index 83619d2147..369c549daf 100644 ---- a/src/boot/efi/console.c -+++ b/src/boot/efi/console.c -@@ -11,61 +11,105 @@ - - #define EFI_SIMPLE_TEXT_INPUT_EX_GUID &(EFI_GUID) EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL_GUID - --EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait) { -+static inline void EventClosep(EFI_EVENT *event) { -+ if (!*event) -+ return; -+ -+ uefi_call_wrapper(BS->CloseEvent, 1, *event); -+} -+ -+/* -+ * Reading input from the console sounds like an easy task to do, but thanks to broken -+ * firmware it is actually a nightmare. -+ * -+ * There is a ConIn and TextInputEx API for this. Ideally we want to use TextInputEx, -+ * because that gives us Ctrl/Alt/Shift key state information. Unfortunately, it is not -+ * always available and sometimes just non-functional. -+ * -+ * On the other hand we have ConIn, where some firmware likes to just freeze on us -+ * if we call ReadKeyStroke on it. -+ * -+ * Therefore, we use WaitForEvent on both ConIn and TextInputEx (if available) along -+ * with a timer event. The timer ensures there is no need to call into functions -+ * that might freeze on us, while still allowing us to show a timeout counter. -+ */ -+EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec) { - static EFI_SIMPLE_TEXT_INPUT_EX_PROTOCOL *TextInputEx; - static BOOLEAN checked; - UINTN index; - EFI_INPUT_KEY k; - EFI_STATUS err; -+ _cleanup_(EventClosep) EFI_EVENT timer = NULL; -+ EFI_EVENT events[3] = { ST->ConIn->WaitForKey }; -+ UINTN n_events = 1; - - if (!checked) { - err = LibLocateProtocol(EFI_SIMPLE_TEXT_INPUT_EX_GUID, (VOID **)&TextInputEx); -- if (EFI_ERROR(err)) -+ if (EFI_ERROR(err) || -+ uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx) == EFI_INVALID_PARAMETER) -+ /* If WaitForKeyEx fails here, the firmware pretends it talks this -+ * protocol, but it really doesn't. */ - TextInputEx = NULL; -+ else -+ events[n_events++] = TextInputEx->WaitForKeyEx; - - checked = TRUE; - } - -- /* wait until key is pressed */ -- if (wait) -- uefi_call_wrapper(BS->WaitForEvent, 3, 1, &ST->ConIn->WaitForKey, &index); -+ if (timeout_usec > 0) { -+ err = uefi_call_wrapper(BS->CreateEvent, 5, EVT_TIMER, 0, NULL, NULL, &timer); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error creating timer event: %r", err); -+ -+ /* SetTimer expects 100ns units for some reason. */ -+ err = uefi_call_wrapper(BS->SetTimer, 3, timer, TimerRelative, timeout_usec * 10); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error arming timer event: %r", err); - -- if (TextInputEx) { -+ events[n_events++] = timer; -+ } -+ -+ err = uefi_call_wrapper(BS->WaitForEvent, 3, n_events, events, &index); -+ if (EFI_ERROR(err)) -+ return log_error_status_stall(err, L"Error waiting for events: %r", err); -+ -+ if (timeout_usec > 0 && timer == events[index]) -+ return EFI_TIMEOUT; -+ -+ /* TextInputEx might be ready too even if ConIn got to signal first. */ -+ if (TextInputEx && !EFI_ERROR(uefi_call_wrapper(BS->CheckEvent, 1, TextInputEx->WaitForKeyEx))) { - EFI_KEY_DATA keydata; - UINT64 keypress; -+ UINT32 shift = 0; - - err = uefi_call_wrapper(TextInputEx->ReadKeyStrokeEx, 2, TextInputEx, &keydata); -- if (!EFI_ERROR(err)) { -- UINT32 shift = 0; -- -- /* do not distinguish between left and right keys */ -- if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { -- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) -- shift |= EFI_CONTROL_PRESSED; -- if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) -- shift |= EFI_ALT_PRESSED; -- }; -- -- /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ -- keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); -- if (keypress > 0) { -- *key = keypress; -- return 0; -- } -+ if (EFI_ERROR(err)) -+ return err; -+ -+ /* do not distinguish between left and right keys */ -+ if (keydata.KeyState.KeyShiftState & EFI_SHIFT_STATE_VALID) { -+ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_CONTROL_PRESSED|EFI_LEFT_CONTROL_PRESSED)) -+ shift |= EFI_CONTROL_PRESSED; -+ if (keydata.KeyState.KeyShiftState & (EFI_RIGHT_ALT_PRESSED|EFI_LEFT_ALT_PRESSED)) -+ shift |= EFI_ALT_PRESSED; -+ }; -+ -+ /* 32 bit modifier keys + 16 bit scan code + 16 bit unicode */ -+ keypress = KEYPRESS(shift, keydata.Key.ScanCode, keydata.Key.UnicodeChar); -+ if (keypress > 0) { -+ *key = keypress; -+ return EFI_SUCCESS; - } -+ -+ return EFI_NOT_READY; - } - -- /* fallback for firmware which does not support SimpleTextInputExProtocol -- * -- * This is also called in case ReadKeyStrokeEx did not return a key, because -- * some broken firmwares offer SimpleTextInputExProtocol, but never actually -- * handle any key. */ - err = uefi_call_wrapper(ST->ConIn->ReadKeyStroke, 2, ST->ConIn, &k); - if (EFI_ERROR(err)) - return err; - - *key = KEYPRESS(0, k.ScanCode, k.UnicodeChar); -- return 0; -+ return EFI_SUCCESS; - } - - static EFI_STATUS change_mode(UINTN mode) { -diff --git a/src/boot/efi/console.h b/src/boot/efi/console.h -index 2c69af552a..23848a9c58 100644 ---- a/src/boot/efi/console.h -+++ b/src/boot/efi/console.h -@@ -16,5 +16,5 @@ enum console_mode_change_type { - CONSOLE_MODE_MAX, - }; - --EFI_STATUS console_key_read(UINT64 *key, BOOLEAN wait); -+EFI_STATUS console_key_read(UINT64 *key, UINT64 timeout_usec); - EFI_STATUS console_set_mode(UINTN *mode, enum console_mode_change_type how); --- -2.33.0 - diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 70036127fc896..3a3a419093b75 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -123,7 +123,7 @@ assert withHomed -> withCryptsetup; assert withCryptsetup -> (cryptsetup != null); let wantCurl = withRemote || withImportd; - version = "249.5"; + version = "249.7"; in stdenv.mkDerivation { inherit pname version; @@ -134,7 +134,7 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "0bir2syy20rdi59sv8xp8nw1c92zl9z0wmv7ggsll8dca7niqwbp"; + sha256 = "sha256-y33/BvvI+JyhsvuT1Cbm6J2Z72j71oXgLw6X9NwCMPE="; }; # If these need to be regenerated, `git am path/to/00*.patch` them into a @@ -166,15 +166,8 @@ stdenv.mkDerivation { # systemd. With the below patch we mitigate that effect by special casing # all our root unit dirs if they are symlinks. This does exactly what we # need (AFAICT). + # See https://github.com/systemd/systemd/pull/20479 for upsteam discussion. ./0019-core-handle-lookup-paths-being-symlinks.patch - - # In v248 compiler weirdness and refactoring lead to the bootloader - # erroring out handling keyboard input on some systems. See - # https://github.com/systemd/systemd/issues/19191 - # This should be redundant in v249.6 when it offically gets tagged in - # systemd-stable - ./0020-sd-boot-Unify-error-handling.patch - ./0021-sd-boot-Rework-console-input-handling.patch ] ++ lib.optional stdenv.hostPlatform.isMusl (let oe-core = fetchzip { url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-14c6e5a4b72d0e4665279158a0740dd1dc21f72f.tar.bz2"; @@ -422,7 +415,7 @@ stdenv.mkDerivation { "-Dnetworkd=${lib.boolToString withNetworkd}" "-Doomd=${lib.boolToString withOomd}" "-Dpolkit=${lib.boolToString withPolkit}" - "-Dcryptsetup=${lib.boolToString withCryptsetup}" + "-Dlibcryptsetup=${lib.boolToString withCryptsetup}" "-Dportabled=${lib.boolToString withPortabled}" "-Dhwdb=${lib.boolToString withHwdb}" "-Dremote=${lib.boolToString withRemote}" @@ -460,7 +453,6 @@ stdenv.mkDerivation { "-Dsysvinit-path=" "-Dsysvrcnd-path=" - "-Dkill-path=${coreutils}/bin/kill" "-Dkmod-path=${kmod}/bin/kmod" "-Dsulogin-path=${util-linux}/bin/sulogin" "-Dmount-path=${util-linux}/bin/mount" @@ -478,7 +470,6 @@ stdenv.mkDerivation { ] ++ lib.optionals withEfi [ "-Defi-libdir=${toString gnu-efi}/lib" "-Defi-includedir=${toString gnu-efi}/include/efi" - "-Defi-ldsdir=${toString gnu-efi}/lib" ] ++ lib.optionals (withShellCompletions == false) [ "-Dbashcompletiondir=no" "-Dzshcompletiondir=no" @@ -584,12 +575,6 @@ stdenv.mkDerivation { ''; postInstall = '' - # sysinit.target: Don't depend on - # systemd-tmpfiles-setup.service. This interferes with NixOps's - # send-keys feature (since sshd.service depends indirectly on - # sysinit.target). - mv $out/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service $out/lib/systemd/system/multi-user.target.wants/ - mkdir -p $out/example/systemd mv $out/lib/{modules-load.d,binfmt.d,sysctl.d,tmpfiles.d} $out/example mv $out/lib/systemd/{system,user} $out/example/systemd @@ -609,16 +594,20 @@ stdenv.mkDerivation { rm -rf $out/share/doc ''; - # The interface version prevents NixOS from switching to an - # incompatible systemd at runtime. (Switching across reboots is - # fine, of course.) It should be increased whenever systemd changes - # in a backwards-incompatible way. If the interface version of two - # systemd builds is the same, then we can switch between them at - # runtime; otherwise we can't and we need to reboot. - passthru.interfaceVersion = 2; + passthru = { + # The interface version prevents NixOS from switching to an + # incompatible systemd at runtime. (Switching across reboots is + # fine, of course.) It should be increased whenever systemd changes + # in a backwards-incompatible way. If the interface version of two + # systemd builds is the same, then we can switch between them at + # runtime; otherwise we can't and we need to reboot. + interfaceVersion = 2; - passthru.tests = { - inherit (nixosTests) switchTest; + inherit withCryptsetup; + + tests = { + inherit (nixosTests) switchTest; + }; }; meta = with lib; { @@ -627,6 +616,6 @@ stdenv.mkDerivation { license = licenses.lgpl21Plus; platforms = platforms.linux; priority = 10; - maintainers = with maintainers; [ andir eelco flokli kloenk ]; + maintainers = with maintainers; [ flokli kloenk mic92 ]; }; } diff --git a/pkgs/os-specific/linux/sysvinit/default.nix b/pkgs/os-specific/linux/sysvinit/default.nix index 5f4f6069bcc6f..091584a93cf44 100644 --- a/pkgs/os-specific/linux/sysvinit/default.nix +++ b/pkgs/os-specific/linux/sysvinit/default.nix @@ -1,9 +1,8 @@ { lib, stdenv, fetchurl, withoutInitTools ? false }: -let version = "3.01"; in - -stdenv.mkDerivation { - name = (if withoutInitTools then "sysvtools" else "sysvinit") + "-" + version; +stdenv.mkDerivation rec { + pname = if withoutInitTools then "sysvtools" else "sysvinit"; + version = "3.01"; src = fetchurl { url = "mirror://savannah/sysvinit/sysvinit-${version}.tar.xz"; diff --git a/pkgs/os-specific/linux/tmon/default.nix b/pkgs/os-specific/linux/tmon/default.nix index 5a14d3d2ee340..3a2697e0a712a 100644 --- a/pkgs/os-specific/linux/tmon/default.nix +++ b/pkgs/os-specific/linux/tmon/default.nix @@ -1,7 +1,8 @@ { lib, stdenv, kernel, ncurses }: stdenv.mkDerivation { - name = "tmon-${kernel.version}"; + pname = "tmon"; + version = kernel.version; inherit (kernel) src; diff --git a/pkgs/os-specific/linux/trace-cmd/default.nix b/pkgs/os-specific/linux/trace-cmd/default.nix index 129ec31223c75..ad012b0e06a3d 100644 --- a/pkgs/os-specific/linux/trace-cmd/default.nix +++ b/pkgs/os-specific/linux/trace-cmd/default.nix @@ -1,12 +1,12 @@ { lib, stdenv, fetchgit, pkg-config, asciidoc, xmlto, docbook_xsl, libxslt, libtraceevent, libtracefs }: stdenv.mkDerivation rec { pname = "trace-cmd"; - version = "2.9.5"; + version = "2.9.6"; src = fetchgit { url = "git://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/"; rev = "trace-cmd-v${version}"; - sha256 = "0kc5cldk5i7q2zr2nyz3mvs5v7w0km6lpx7g39sy3pmhshp0wqlq"; + sha256 = "sha256-rI6zD54NoArQbSJOINu9hifj/DJehCcqBpGI0TeoDLA="; }; # Don't build and install html documentation @@ -47,7 +47,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "User-space tools for the Linux kernel ftrace subsystem"; homepage = "https://www.trace-cmd.org/"; - license = licenses.gpl2; + license = with licenses; [ lgpl21Only gpl2Only ]; platforms = platforms.linux; maintainers = with maintainers; [ thoughtpolice basvandijk ]; }; diff --git a/pkgs/os-specific/linux/trace-cmd/kernelshark.nix b/pkgs/os-specific/linux/trace-cmd/kernelshark.nix index 4d0412edbeeeb..e59e37c0b3cfc 100644 --- a/pkgs/os-specific/linux/trace-cmd/kernelshark.nix +++ b/pkgs/os-specific/linux/trace-cmd/kernelshark.nix @@ -5,12 +5,12 @@ mkDerivation rec { pname = "kernelshark"; - version = "2.0.2"; + version = "2.1.0"; src = fetchgit { url = "https://git.kernel.org/pub/scm/utils/trace-cmd/kernel-shark.git/"; rev = "kernelshark-v${version}"; - sha256 = "0vy5wa1kccrxr973l870jy5hl6lac7sk3zyg3hxrwmivin1yf0cv"; + sha256 = "18yx8bp2996hiy026ncw2z5yfihvkjfl6m09y19yvs72crgvpyn8"; }; outputs = [ "out" ]; diff --git a/pkgs/os-specific/linux/tuigreet/default.nix b/pkgs/os-specific/linux/tuigreet/default.nix index 5911305c0d8bb..581b89fb1c648 100644 --- a/pkgs/os-specific/linux/tuigreet/default.nix +++ b/pkgs/os-specific/linux/tuigreet/default.nix @@ -5,22 +5,22 @@ rustPlatform.buildRustPackage rec { pname = "tuigreet"; - version = "0.6.1"; + version = "0.7.2"; src = fetchFromGitHub { owner = "apognu"; repo = pname; rev = version; - sha256 = "sha256-Exw3HPNFh1yiUfDfaIDiz2PemnVLRmefD4ydgMiHQAc="; + sha256 = "sha256-Mu4GGlX7ZjBaBECXRD6iJCqDMSzcj17BriJ6Nas0J70="; }; - cargoSha256 = "sha256-/JNGyAEZlb4YilsoXtaXekXNVev6sdVxS4pEcPFh7Bg="; + cargoSha256 = "sha256-H5xqk7Yd3M8sFGHlmhAS0fhh3eM4dkvkNQGVxRSXUJs="; meta = with lib; { description = "Graphical console greter for greetd"; homepage = "https://github.com/apognu/tuigreet"; license = licenses.gpl3Plus; - maintainers = with maintainers; [ luc65r ]; + maintainers = with maintainers; [ luc65r ivar ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/tuxedo-keyboard/default.nix b/pkgs/os-specific/linux/tuxedo-keyboard/default.nix index 563e1333b87f8..f122aaf641db2 100644 --- a/pkgs/os-specific/linux/tuxedo-keyboard/default.nix +++ b/pkgs/os-specific/linux/tuxedo-keyboard/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "tuxedo-keyboard-${kernel.version}"; - version = "3.0.8"; + version = "3.0.9"; src = fetchFromGitHub { owner = "tuxedocomputers"; repo = "tuxedo-keyboard"; rev = "v${version}"; - sha256 = "1rv3ns4n61v18cpnp36zi47jpnqhj410yzi8b307ghiyriapbijv"; + sha256 = "HGN2CKJ76FzgKkOsU5pLMsRl7hEGMcZ8Loa2YP0P558="; }; buildInputs = [ linuxHeaders ]; @@ -24,7 +24,13 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - description = "Full color keyboard driver for tuxedo computers laptops"; + description = "Keyboard and hardware I/O driver for TUXEDO Computers laptops"; + longDescription = '' + This driver provides support for Fn keys, brightness/color/mode for most TUXEDO + keyboards (except white backlight-only models). + + Can be used with the "hardware.tuxedo-keyboard" NixOS module. + ''; homepage = "https://github.com/tuxedocomputers/tuxedo-keyboard/"; license = licenses.gpl3Plus; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/uclibc/default.nix b/pkgs/os-specific/linux/uclibc/default.nix index a0b748be2149e..1d4166e4083d8 100644 --- a/pkgs/os-specific/linux/uclibc/default.nix +++ b/pkgs/os-specific/linux/uclibc/default.nix @@ -54,7 +54,7 @@ let in stdenv.mkDerivation { - name = "uclibc-ng-${version}"; + pname = "uclibc-ng"; inherit version; src = fetchurl { diff --git a/pkgs/os-specific/linux/udisks/2-default.nix b/pkgs/os-specific/linux/udisks/2-default.nix index e5a5ff971a35b..fd321d90cb2a8 100644 --- a/pkgs/os-specific/linux/udisks/2-default.nix +++ b/pkgs/os-specific/linux/udisks/2-default.nix @@ -41,7 +41,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoconf automake pkg-config libtool gettext which gobject-introspection - gtk-doc libxslt docbook_xml_dtd_412 docbook_xml_dtd_43 docbook_xsl util-linux + gtk-doc libxslt docbook_xml_dtd_412 docbook_xml_dtd_43 docbook_xsl ]; postPatch = lib.optionalString stdenv.hostPlatform.isMusl '' @@ -51,7 +51,7 @@ stdenv.mkDerivation rec { ''; buildInputs = [ - expat libgudev libblockdev acl systemd glib libatasmart polkit + expat libgudev libblockdev acl systemd glib libatasmart polkit util-linux ]; preConfigure = "NOCONFIGURE=1 ./autogen.sh"; diff --git a/pkgs/os-specific/linux/unstick/default.nix b/pkgs/os-specific/linux/unstick/default.nix index 7d839f8acdb80..7856456a3c361 100644 --- a/pkgs/os-specific/linux/unstick/default.nix +++ b/pkgs/os-specific/linux/unstick/default.nix @@ -1,12 +1,12 @@ { stdenv, lib, fetchFromGitHub, meson, ninja, pkg-config, libseccomp }: stdenv.mkDerivation rec { - name = "unstick"; + pname = "unstick"; version = "0.1.0"; src = fetchFromGitHub { owner = "kwohlfahrt"; - repo = name; + repo = "unstick"; rev = "effee9aa242ca12dc94cc6e96bc073f4cc9e8657"; sha256 = "08la3jmmzlf4pm48bf9zx4cqj9gbqalpqy0s57bh5vfsdk74nnhv"; }; diff --git a/pkgs/os-specific/linux/usb-blaster-udev-rules/default.nix b/pkgs/os-specific/linux/usb-blaster-udev-rules/default.nix new file mode 100644 index 0000000000000..d04c8ddb93985 --- /dev/null +++ b/pkgs/os-specific/linux/usb-blaster-udev-rules/default.nix @@ -0,0 +1,26 @@ +{ lib, stdenvNoCC }: + +stdenvNoCC.mkDerivation rec { + name = "usb-blaster-udev-rules"; + + udevRules = ./usb-blaster.rules; + dontUnpack = true; + + installPhase = '' + install -Dm 644 "${udevRules}" "$out/lib/udev/rules.d/51-usbblaster.rules" + ''; + + meta = with lib; { + description = "udev rules that give NixOS permission to communicate with usb blasters"; + longDescription = '' + udev rules that give NixOS permission to communicate with usb blasters. + To use it under NixOS, add + + services.udev.packages = [ pkgs.usb-blaster-udev-rules ]; + + to the system configuration. + ''; + license = licenses.free; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/usb-blaster-udev-rules/usb-blaster.rules b/pkgs/os-specific/linux/usb-blaster-udev-rules/usb-blaster.rules new file mode 100644 index 0000000000000..0add604ee819a --- /dev/null +++ b/pkgs/os-specific/linux/usb-blaster-udev-rules/usb-blaster.rules @@ -0,0 +1,8 @@ +# USB-Blaster +ATTRS{idVendor}=="09fb", ATTRS{idProduct}=="6001", TAG+="uaccess" +ATTRS{idVendor}=="09fb", ATTRS{idProduct}=="6002", TAG+="uaccess" +ATTRS{idVendor}=="09fb", ATTRS{idProduct}=="6003", TAG+="uaccess" + +# USB-Blaster II +ATTRS{idVendor}=="09fb", ATTRS{idProduct}=="6010", TAG+="uaccess" +ATTRS{idVendor}=="09fb", ATTRS{idProduct}=="6810", TAG+="uaccess" diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index b3536e038f0bb..8485565e0a88b 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -1,18 +1,15 @@ { lib, stdenv, fetchurl, pkg-config, zlib, shadow, libcap_ng , ncurses ? null, pam, systemd ? null , nlsSupport ? true -, audit ? null }: -assert stdenv.hostPlatform.isStatic -> audit != null; - stdenv.mkDerivation rec { pname = "util-linux"; - version = "2.37.2"; + version = "2.37.3"; src = fetchurl { url = "mirror://kernel/linux/utils/util-linux/v${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "sha256-agdkwarn+2B++KbdLA9sR9Xl/SeqCIIKuq2ewU4o6dk="; + sha256 = "sha256-WQxZLljNa/OFGctGevBc5qGrGAQOPjQY8kvPsvVfl3Y="; }; patches = [ @@ -20,6 +17,7 @@ stdenv.mkDerivation rec { ]; outputs = [ "bin" "dev" "out" "lib" "man" ]; + separateDebugInfo = true; postPatch = '' patchShebangs tests/run.sh @@ -60,17 +58,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkg-config ]; buildInputs = [ zlib pam libcap_ng ] - ++ lib.filter (p: p != null) [ ncurses systemd ] - # not sure how util-linux is linking with linux-pam, - # probably just with a simplistic -lpam. - # linux-pam doesn't seem to have a .pc file so I can't - # add -laudit to the Requires.private. - # libaudit is also needed directly anyway cf login-utils/login.c - # and sys-utils/hwclock.c, not sure how we got it working - # without audit on dynamic builds. - ++ lib.optionals stdenv.hostPlatform.isStatic [ audit ]; - - NIX_CFLAGS_LINK = lib.optionalString stdenv.hostPlatform.isStatic "-laudit"; + ++ lib.filter (p: p != null) [ ncurses systemd ]; doCheck = false; # "For development purpose only. Don't execute on production system!" diff --git a/pkgs/os-specific/linux/virtio_vmmci/default.nix b/pkgs/os-specific/linux/virtio_vmmci/default.nix new file mode 100644 index 0000000000000..ccf462702fd3c --- /dev/null +++ b/pkgs/os-specific/linux/virtio_vmmci/default.nix @@ -0,0 +1,37 @@ +{ stdenv, lib, fetchFromGitHub, kernel }: + +stdenv.mkDerivation rec { + name = "virtio_vmmci"; + version = "0.4.0"; + + src = fetchFromGitHub { + owner = "voutilad"; + repo = "virtio_vmmci"; + rev = "${version}"; + sha256 = "104xnpcy5kb4y7ipy1fx1v6byddzs63bv2dqjy3yl23n764fsy43"; + }; + + hardeningDisable = [ "pic" "format" ]; + nativeBuildInputs = kernel.moduleBuildDependencies; + + extraConfig = '' + CONFIG_RTC_HCTOSYS yes + ''; + + makeFlags = kernel.makeFlags ++ [ + "DEPMOD=echo" + "INSTALL_MOD_PATH=$(out)" + "KERNELRELEASE=${kernel.modDirVersion}" + "KERNELDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + meta = with lib; { + description = "An OpenBSD VMM Control Interface (vmmci) for Linux"; + homepage = "https://github.com/voutilad/virtio_vmmci"; + license = licenses.gpl2; + maintainers = with maintainers; [ qbit ]; + platforms = platforms.linux; + }; + + enableParallelBuilding = true; +} diff --git a/pkgs/os-specific/linux/vmm_clock/default.nix b/pkgs/os-specific/linux/vmm_clock/default.nix new file mode 100644 index 0000000000000..a9cc266f6c536 --- /dev/null +++ b/pkgs/os-specific/linux/vmm_clock/default.nix @@ -0,0 +1,38 @@ +{ stdenv, lib, fetchFromGitHub, kernel }: + +stdenv.mkDerivation rec { + name = "vmm_clock"; + version = "0.1.0"; + + src = fetchFromGitHub { + owner = "voutilad"; + repo = "vmm_clock"; + rev = "${version}"; + sha256 = "0hg7ywznh6v11fywsz6f7w298bxph0wwm046zqaqncjvr4aizla4"; + }; + + hardeningDisable = [ "pic" "format" ]; + nativeBuildInputs = kernel.moduleBuildDependencies; + + extraConfig = '' + CONFIG_RTC_HCTOSYS yes + ''; + + makeFlags = kernel.makeFlags ++ [ + "DEPMOD=echo" + "INSTALL_MOD_PATH=$(out)" + "KERNELRELEASE=${kernel.modDirVersion}" + "KERNELDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + meta = with lib; { + description = + "Experimental implementation of a kvmclock-derived clocksource for Linux guests under OpenBSD's hypervisor"; + homepage = "https://github.com/voutilad/vmm_clock"; + license = licenses.gpl2; + maintainers = with maintainers; [ qbit ]; + platforms = platforms.linux; + }; + + enableParallelBuilding = true; +} diff --git a/pkgs/os-specific/linux/wlgreet/default.nix b/pkgs/os-specific/linux/wlgreet/default.nix index 4758945e41abb..932aa47fd7146 100644 --- a/pkgs/os-specific/linux/wlgreet/default.nix +++ b/pkgs/os-specific/linux/wlgreet/default.nix @@ -4,17 +4,17 @@ }: rustPlatform.buildRustPackage rec { - pname = "wlgreet"; - version = "0.3"; + pname = "wlgreet-unstable"; + version = "2022-01-25"; src = fetchFromSourcehut { owner = "~kennylevinsen"; - repo = pname; - rev = version; - sha256 = "0n0lzg3y1z5s9s6kfkdj5q8w67bqpw08hqfccc5kz0ninzy9j0cc"; + repo = "wlgreet"; + rev = "8517e578cb64a8fb3bd8f8a438cdbe46f208b87c"; + sha256 = "0la4xlikw61cxvbkil1d22dgvazi7rs17n5i2z02090fvnfxxzxh"; }; - cargoSha256 = "1lwy8xmkl9n3fj3wlf80wp728nn9p5rjnbgmm2cbpqxklcgbmxhm"; + cargoSha256 = "651d2bf01612534f1c4b0472c812095a86eb064d16879380c87f684c04fe0d8d"; meta = with lib; { description = "Raw wayland greeter for greetd, to be run under sway or similar"; diff --git a/pkgs/os-specific/linux/wpa_supplicant/default.nix b/pkgs/os-specific/linux/wpa_supplicant/default.nix index 656fa477768a3..380fca42975a4 100644 --- a/pkgs/os-specific/linux/wpa_supplicant/default.nix +++ b/pkgs/os-specific/linux/wpa_supplicant/default.nix @@ -1,5 +1,5 @@ -{ lib, stdenv, fetchurl, fetchpatch, openssl, pkg-config, libnl -, nixosTests +{ lib, stdenv, fetchurl, openssl, pkg-config, libnl +, nixosTests, wpa_supplicant_gui , withDbus ? true, dbus , withReadline ? true, readline , withPcsclite ? true, pcsclite @@ -8,45 +8,16 @@ with lib; stdenv.mkDerivation rec { - version = "2.9"; + version = "2.10"; pname = "wpa_supplicant"; src = fetchurl { url = "https://w1.fi/releases/${pname}-${version}.tar.gz"; - sha256 = "05qzak1mssnxcgdrafifxh9w86a4ha69qabkg4bsigk499xyxggw"; + sha256 = "sha256-IN965RVLODA1X4q0JpEjqHr/3qWf50/pKSqR0Nfhey8="; }; patches = [ - (fetchurl { - name = "CVE-2019-16275.patch"; - url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch"; - sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz"; - }) - (fetchpatch { - # Expose OWE key management capability over DBus, remove >= 2.10 - name = "dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch"; - url = "https://w1.fi/cgit/hostap/patch/?id=7800725afb27397f7d6033d4969e2aeb61af4737"; - sha256 = "0c1la7inf4m5y9gzdjjdnhpkx32pm8vi6m5knih8p77q4mbrdgg8"; - }) - # P2P: Fix copying of secondary device types for P2P group client (https://w1.fi/security/2020-2/) - (fetchurl { - name = "CVE-2021-0326.patch"; - url = "https://w1.fi/security/2020-2/0001-P2P-Fix-copying-of-secondary-device-types-for-P2P-gr.patch"; - sha256 = "19f4hx0p547mdx8y8arb3vclwyy4w9c8a6a40ryj7q33730mrmn4"; - }) - # P2P: Fix a corner case in peer addition based on PD Request (https://w1.fi/security/2021-1/) - (fetchurl { - name = "CVE-2021-27803.patch"; - url = "https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch"; - sha256 = "04cnds7hmbqc44jasabjvrdnh66i5hwvk2h2m5z94pmgbzncyh3z"; - }) - # In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. - (fetchpatch { - name = "CVE-2021-30004.patch"; - url = "https://w1.fi/cgit/hostap/patch/?id=a0541334a6394f8237a4393b7372693cd7e96f15"; - sha256 = "1gbhlz41x1ar1hppnb76pqxj6vimiypy7c4kq6h658637s4am3xg"; - }) ] ++ lib.optionals readOnlyModeSSIDs [ # Allow read-only networks ./0001-Implement-read-only-mode-for-ssids.patch @@ -142,6 +113,7 @@ stdenv.mkDerivation rec { passthru.tests = { inherit (nixosTests) wpa_supplicant; + inherit wpa_supplicant_gui; # inherits the src+version updates }; meta = with lib; { diff --git a/pkgs/os-specific/linux/wpa_supplicant/gui.nix b/pkgs/os-specific/linux/wpa_supplicant/gui.nix index 8ec7519bf1ad1..82e104cac3aad 100644 --- a/pkgs/os-specific/linux/wpa_supplicant/gui.nix +++ b/pkgs/os-specific/linux/wpa_supplicant/gui.nix @@ -2,18 +2,7 @@ mkDerivation { pname = "wpa_gui"; - version = wpa_supplicant.version; - - inherit (wpa_supplicant) src; - - patches = [ - # Fix build with Inkscape 1.0 - # https://github.com/NixOS/nixpkgs/issues/86930 - (fetchpatch { - url = "https://w1.fi/cgit/hostap/patch/?id=0388992905a5c2be5cba9497504eaea346474754"; - sha256 = "05hs74qawa433adripzhycm45g7yvxr6074nd4zcl4gabzp9hd30"; - }) - ]; + inherit (wpa_supplicant) version src; buildInputs = [ qtbase ]; nativeBuildInputs = [ qmake inkscape imagemagick ]; diff --git a/pkgs/os-specific/linux/x86info/default.nix b/pkgs/os-specific/linux/x86info/default.nix index dbda35670f661..e842b59651e7e 100644 --- a/pkgs/os-specific/linux/x86info/default.nix +++ b/pkgs/os-specific/linux/x86info/default.nix @@ -1,4 +1,4 @@ -{lib, stdenv, fetchurl, pciutils, python}: +{lib, stdenv, fetchurl, pciutils, python2}: stdenv.mkDerivation rec { version = "1.30"; @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { sed -i 's/-Werror -Wall//' Makefile ''; - buildInputs = [ pciutils python ]; + buildInputs = [ pciutils python2 ]; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/os-specific/linux/xf86-input-wacom/default.nix b/pkgs/os-specific/linux/xf86-input-wacom/default.nix index 4ebc4ed766382..80762aa784eb9 100644 --- a/pkgs/os-specific/linux/xf86-input-wacom/default.nix +++ b/pkgs/os-specific/linux/xf86-input-wacom/default.nix @@ -19,13 +19,13 @@ stdenv.mkDerivation rec { pname = "xf86-input-wacom"; - version = "0.40.0"; + version = "1.0.0"; src = fetchFromGitHub { owner = "linuxwacom"; repo = pname; rev = "${pname}-${version}"; - sha256 = "sha256-0U4pAB5vsIlBewCBqQ4SLHDrwqtr9nh7knZpXZMkzck="; + sha256 = "sha256-WitvT1y9KpXJriMr6Z9CrmAQdKPBZ5g9fP2nIgzJzAc="; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/pkgs/os-specific/linux/zenmonitor/default.nix b/pkgs/os-specific/linux/zenmonitor/default.nix index 603cdf7ceec71..8414ac7a1e14e 100644 --- a/pkgs/os-specific/linux/zenmonitor/default.nix +++ b/pkgs/os-specific/linux/zenmonitor/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "zenmonitor"; - version = "1.5.0"; + version = "2.0.0"; src = fetchFromGitHub { owner = "Ta180m"; repo = "zenmonitor3"; rev = "v${version}"; - sha256 = "sha256-dbjLpfflIsEU+wTApghJYBPxBXqS/7MJqcMBcj50o6I="; + sha256 = "sha256-2EsuSMXnnMg0e0JD1TXJplsi7sOg9em0qqge2WlC6ro="; }; buildInputs = [ gtk3 ]; |