Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

virtualbox: 6.0.14 -> 6.1.4 #82479

Merged
merged 1 commit into from Mar 13, 2020
Merged

virtualbox: 6.0.14 -> 6.1.4 #82479

merged 1 commit into from Mar 13, 2020

Conversation

winterdeaf
Copy link
Contributor

@winterdeaf winterdeaf commented Mar 13, 2020
edited

Motivation for this change

Update Virtualbox to its latest version. This allows compilation against kernel >= 5.4 to succeed without further patches (see #74260, build would fail for linux-5.5.5 to 5.5.9).

I removed the 5.4 patches, amended the 'hardened' patch to reflect the current code, and added a patch to correctly set KBUILD_EXTRA_SYMBOLS when building the kernel modules. I tested against kernel 5.4 (linuxPackages), 5.5.8 (linuxPackages_5_8) and 5.5.9 (linuxPackages_latest).

Note: the workaround for #24512, hardened.patch, works but is quite hard to maintain. I maybe spent three days before figuring out how that worked.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
nix-build --no-out-link -I nixpkgs=$NIXPKGS '<nixpkgs/nixos/tests/virtualbox.nix>'
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
2 package marked as broken and skipped:
linuxPackages_hardkernel_4_14.virtualbox linuxPackages_hardkernel_4_14.virtualboxGuestAdditions

2 package failed to build:
linuxPackages_testing_hardened.virtualbox linuxPackages_testing_hardened.virtualboxGuestAdditions

30 package built:
linuxPackages-libre.virtualbox linuxPackages-libre.virtualboxGuestAdditions linuxPackages.virtualbox linuxPackages.virtualboxGuestAdditions linuxPackages_4_14.virtualbox linuxPackages_4_14.virtualboxGuestAdditions linuxPackages_4_19.virtualbox linuxPackages_4_19.virtualboxGuestAdditions linuxPackages_4_4.virtualbox linuxPackages_4_4.virtualboxGuestAdditions linuxPackages_4_9.virtualbox linuxPackages_4_9.virtualboxGuestAdditions linuxPackages_5_5.virtualbox linuxPackages_5_5.virtualboxGuestAdditions linuxPackages_hardened.virtualbox linuxPackages_hardened.virtualboxGuestAdditions linuxPackages_latest-libre.virtualbox linuxPackages_latest-libre.virtualboxGuestAdditions linuxPackages_latest_hardened.virtualbox linuxPackages_latest_hardened.virtualboxGuestAdditions linuxPackages_latest_xen_dom0.virtualbox linuxPackages_latest_xen_dom0.virtualboxGuestAdditions linuxPackages_testing_bcachefs.virtualbox linuxPackages_testing_bcachefs.virtualboxGuestAdditions linuxPackages_xen_dom0.virtualbox linuxPackages_xen_dom0.virtualboxGuestAdditions virtualbox virtualboxHardened virtualboxHeadless virtualboxWithExtpack
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@winterdeaf
virtualbox: 6.0.14 -> 6.1.4
3132c23 
Update Virtualbox to its latest version. This allows compilation against
kernel >= 5.4 to succeed without further patches (see NixOS#74260, build
would fail for linux-5.5.5 to 5.5.9).
@ofborg ofborg bot requested a review from svanderburg March 13, 2020 10:45
@alyssais
Copy link
Member

Hey — have you made sure you’re happy with the email addresses associated with this commit? They don’t seem to be associated with your GitHub account. You can check with git show --format=fuller. If you need to change them after configuring Git to use the right address, you can do git commit --amend --no-edit --reset-author.

@winterdeaf
Copy link
Contributor Author

Hey — have you made sure you’re happy with the email addresses associated with this commit?

Oh, thank you, I didn't notice that! Yes, I'm happy with that email, I updated my github now.

@alyssais alyssais merged commit 2b99b29 into NixOS:master Mar 13, 2020
@alyssais
Copy link
Member

alyssais commented Mar 13, 2020
edited

Does that mean #24512 can be closed?

@winterdeaf
Copy link
Contributor Author

Thank you for the merge! I guess #24512 can be closed. It is still relevant in the sense that we still have a problem with shell script wrappers and setuid programs, and I don't know whether this is documented elsewhere. The workaround for virtualbox is a patch that makes it look for setuid wrappers in /var/run/wrappers, but this can be hard to maintain in the case vbox devs make significant changes to their codebase.

@winterdeaf winterdeaf deleted the vbox-6.1.4 branch March 14, 2020 23:11
@vdot0x23
Copy link
Contributor

Great work :)

Will this get backported to 20.03?

@winterdeaf winterdeaf restored the vbox-6.1.4 branch March 15, 2020 12:31
@winterdeaf
Copy link
Contributor Author

@vdot0x23 I just opened #82693, still needs some testing.

@B4dM4n B4dM4n mentioned this pull request Mar 17, 2020
Merged
10 tasks
@winterdeaf winterdeaf mentioned this pull request Mar 19, 2020
Merged
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@svanderburg svanderburg Awaiting requested review from svanderburg

Assignees
No one assigned
Labels
10.rebuild-darwin: 0 10.rebuild-linux: 11-100 12. first-time contribution
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@winterdeaf @alyssais @vdot0x23 @Janik-Haag