Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8ce7f9f

Browse files
alyssaisemilazy
alyssais
and
emilazy
committed
qemu: 9.0.2 -> 9.1.0
The macOS deployment target has been set to 12.0, and the collection of patches and reverts to keep older macOS versions working has been dropped, as maintaining what is effectively a fork of QEMU solely for the sake of versions no longer supported by Apple has become untenable. It may or may not still work on older macOS versions, potentially with reduced functionality. Upstream only officially supports the latest two versions of macOS, so this is still extending support further back than QEMU will support. To continue supporting back to macOS 10.12, at least the following upstream commits would have to be reverted, and possibly more: * <https://gitlab.com/qemu-project/qemu/-/commit/2d27c91e2b72ac7a65504ac207c89262d92464eb> * <https://gitlab.com/qemu-project/qemu/-/commit/e9c9d8dc3ba993384bc9553b617120ad4717345c> * <https://gitlab.com/qemu-project/qemu/-/commit/7b60b971cc2f52ed2a69006a2ad709df2831cd67> However, if you want to do that, you should be prepared to take up the burden of maintaining the monotonically‐increasing set of patches that will be required to keep this working in future. Fixes: CVE-2024-7409 Co-authored-by: Emily <[email protected]>
1 parent f0010d7 commit 8ce7f9f

7 files changed

Lines changed: 68 additions & 602 deletions

pkgs/applications/virtualization/qemu/default.nix

Lines changed: 17 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
1-
{ lib, stdenv, fetchurl, fetchpatch, python3Packages, zlib, pkg-config, glib, buildPackages
1+
{ lib, stdenv, fetchurl, fetchpatch, python3Packages, zlib, pkg-config, glib, overrideSDK, buildPackages
22
, pixman, vde2, alsa-lib, flex, pcre2
33
, bison, lzo, snappy, libaio, libtasn1, gnutls, nettle, curl, dtc, ninja, meson
44
, sigtool
55
, makeWrapper, removeReferencesTo
66
, attr, libcap, libcap_ng, socat, libslirp
7-
, CoreServices, Cocoa, Hypervisor, rez, setfile, vmnet
7+
, CoreServices, Cocoa, Hypervisor, Kernel, rez, setfile, vmnet
88
, guestAgentSupport ? (with stdenv.hostPlatform; isLinux || isNetBSD || isOpenBSD || isSunOS || isWindows) && !minimal
99
, numaSupport ? stdenv.isLinux && !stdenv.isAarch32 && !minimal, numactl
1010
, seccompSupport ? stdenv.isLinux && !minimal, libseccomp
@@ -52,6 +52,16 @@
5252

5353
let
5454
hexagonSupport = hostCpuTargets == null || lib.elem "hexagon" hostCpuTargets;
55+
56+
buildPlatformStdenv =
57+
if stdenv.buildPlatform.isDarwin then
58+
overrideSDK buildPackages.stdenv {
59+
# Keep these values in sync with `all-packages.nix`.
60+
darwinSdkVersion = "12.3";
61+
darwinMinVersion = "12.0";
62+
}
63+
else
64+
buildPackages.stdenv;
5565
in
5666

5767
stdenv.mkDerivation (finalAttrs: {
@@ -61,14 +71,14 @@ stdenv.mkDerivation (finalAttrs: {
6171
+ lib.optionalString nixosTestRunner "-for-vm-tests"
6272
+ lib.optionalString toolsOnly "-utils"
6373
+ lib.optionalString userOnly "-user";
64-
version = "9.0.2";
74+
version = "9.1.0";
6575

6676
src = fetchurl {
6777
url = "https://download.qemu.org/qemu-${finalAttrs.version}.tar.xz";
68-
hash = "sha256-qMP1lq7Olto7AMr7dLqvoNFFFer7jtHuP39cLQ6/ArY=";
78+
hash = "sha256-gWtwIqi6fCrDDi4M+XPoJva8yFBTOWAyEsXt6OlNeDQ=";
6979
};
7080

71-
depsBuildBuild = [ buildPackages.stdenv.cc ]
81+
depsBuildBuild = [ buildPlatformStdenv.cc ]
7282
++ lib.optionals hexagonSupport [ pkg-config ];
7383

7484
nativeBuildInputs = [
@@ -82,16 +92,14 @@ stdenv.mkDerivation (finalAttrs: {
8292
++ lib.optionals enableDocs [ python3Packages.sphinx python3Packages.sphinx-rtd-theme ]
8393
++ lib.optionals hexagonSupport [ glib ]
8494
++ lib.optionals stdenv.isDarwin [ sigtool ]
85-
++ lib.optionals (!userOnly) [ dtc ]
86-
# workaround, remove once this patch lands: https://lore.kernel.org/qemu-devel/[email protected]/
87-
++ lib.optionals (hexagonSupport && stdenv.hostPlatform.isStatic) [ pcre2 ];
95+
++ lib.optionals (!userOnly) [ dtc ];
8896

8997
buildInputs = [ zlib glib pixman
9098
vde2 lzo snappy libtasn1
9199
gnutls nettle curl libslirp
92100
]
93101
++ lib.optionals ncursesSupport [ ncurses ]
94-
++ lib.optionals stdenv.isDarwin [ CoreServices Cocoa Hypervisor rez setfile vmnet ]
102+
++ lib.optionals stdenv.isDarwin [ CoreServices Cocoa Hypervisor Kernel rez setfile vmnet ]
95103
++ lib.optionals seccompSupport [ libseccomp ]
96104
++ lib.optionals numaSupport [ numactl ]
97105
++ lib.optionals alsaSupport [ alsa-lib ]
@@ -129,17 +137,6 @@ stdenv.mkDerivation (finalAttrs: {
129137
patches = [
130138
./fix-qemu-ga.patch
131139

132-
# QEMU upstream does not demand compatibility to pre-10.13, so 9p-darwin
133-
# support on nix requires utimensat fallback. The patch adding this fallback
134-
# set was removed during the process of upstreaming this functionality, and
135-
# will still be needed in nix until the macOS SDK reaches 10.13+.
136-
./provide-fallback-for-utimensat.patch
137-
# Cocoa clipboard support only works on macOS 10.14+
138-
./revert-ui-cocoa-add-clipboard-support.patch
139-
# Standard about panel requires AppKit and macOS 10.13+
140-
./revert-ui-cocoa-use-the-standard-about-panel.patch
141-
# Safe area insets require macOS 11+
142-
./remove-ui-cocoa-use-safe-area-insets.patch
143140
# Workaround for upstream issue with nested virtualisation: https://gitlab.com/qemu-project/qemu/-/issues/1008
144141
(fetchpatch {
145142
url = "https://gitlab.com/qemu-project/qemu/-/commit/3e4546d5bd38a1e98d4bd2de48631abf0398a3a2.diff";

pkgs/applications/virtualization/qemu/fix-qemu-ga.patch

Lines changed: 42 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -1,36 +1,45 @@
1-
diff --git i/qga/commands-posix.c w/qga/commands-posix.c
2-
index 954efed01b..39c4b916ce 100644
3-
--- i/qga/commands-posix.c
4-
+++ w/qga/commands-posix.c
5-
@@ -123,6 +123,8 @@ void qmp_guest_shutdown(bool has_mode, const char *mode, Error **errp)
6-
execl("/sbin/shutdown", "shutdown", shutdown_flag, "-g0", "-y",
7-
"hypervisor initiated shutdown", (char *)NULL);
8-
#else
9-
+ execl("/run/current-system/sw/bin/shutdown", "shutdown", "-h", shutdown_flag, "+0",
10-
+ "hypervisor initiated shutdown", (char *)NULL);
11-
execl("/sbin/shutdown", "shutdown", "-h", shutdown_flag, "+0",
12-
"hypervisor initiated shutdown", (char *)NULL);
13-
#endif
14-
@@ -158,11 +160,13 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
15-
pid_t pid;
16-
Error *local_err = NULL;
17-
struct timeval tv;
18-
+ static const char hwclock_path_nix[] = "/run/current-system/sw/bin/hwclock";
19-
static const char hwclock_path[] = "/sbin/hwclock";
20-
static int hwclock_available = -1;
21-
22-
if (hwclock_available < 0) {
23-
- hwclock_available = (access(hwclock_path, X_OK) == 0);
24-
+ hwclock_available = (access(hwclock_path_nix, X_OK) == 0) ||
25-
+ (access(hwclock_path, X_OK) == 0);
1+
diff --git a/qga/commands-posix.c b/qga/commands-posix.c
2+
index c2bd0b4316..47cee1c351 100644
3+
--- a/qga/commands-posix.c
4+
+++ b/qga/commands-posix.c
5+
@@ -246,7 +246,7 @@ void qmp_guest_shutdown(const char *mode, Error **errp)
6+
return;
267
}
278

28-
if (!hwclock_available) {
29-
@@ -208,6 +212,7 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
9+
- const char *argv[] = {"/sbin/shutdown",
10+
+ const char *argv[] = {"/run/current-system/sw/bin/shutdown",
11+
#ifdef CONFIG_SOLARIS
12+
shutdown_flag, "-g0", "-y",
13+
#elif defined(CONFIG_BSD)
14+
@@ -257,6 +257,10 @@ void qmp_guest_shutdown(const char *mode, Error **errp)
15+
"hypervisor initiated shutdown", (char *) NULL};
16+
17+
ga_run_command(argv, NULL, "shutdown", &local_err);
18+
+ if (local_err) {
19+
+ argv[0] = "/sbin/shutdown";
20+
+ ga_run_command(argv, NULL, "shutdown", &local_err);
21+
+ }
22+
if (local_err) {
23+
error_propagate(errp, local_err);
24+
return;
25+
@@ -270,7 +274,7 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
26+
int ret;
27+
Error *local_err = NULL;
28+
struct timeval tv;
29+
- const char *argv[] = {"/sbin/hwclock", has_time ? "-w" : "-s", NULL};
30+
+ const char *argv[] = {"/run/current-system/sw/bin/hwclock", has_time ? "-w" : "-s", NULL};
3031

31-
/* Use '/sbin/hwclock -w' to set RTC from the system time,
32-
* or '/sbin/hwclock -s' to set the system time from RTC. */
33-
+ execl(hwclock_path_nix, "hwclock", has_time ? "-w" : "-s", NULL);
34-
execl(hwclock_path, "hwclock", has_time ? "-w" : "-s", NULL);
35-
_exit(EXIT_FAILURE);
36-
} else if (pid < 0) {
32+
/* If user has passed a time, validate and set it. */
33+
if (has_time) {
34+
@@ -303,6 +307,11 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp)
35+
* hardware clock (RTC). */
36+
ga_run_command(argv, NULL, "set hardware clock to system time",
37+
&local_err);
38+
+ if (local_err) {
39+
+ argv[0] = "/sbin/hwclock";
40+
+ ga_run_command(argv, NULL, "set hardware clock to system time",
41+
+ &local_err);
42+
+ }
43+
if (local_err) {
44+
error_propagate(errp, local_err);
45+
return;

pkgs/applications/virtualization/qemu/provide-fallback-for-utimensat.patch

Lines changed: 0 additions & 189 deletions
This file was deleted.

pkgs/applications/virtualization/qemu/remove-ui-cocoa-use-safe-area-insets.patch

Lines changed: 0 additions & 14 deletions
This file was deleted.

0 commit comments

Comments
 (0)