virtualbox: Split kernel modules into own package

Putting the kernel modules into the same output path as the main
VirtualBox derivation causes all of VirtualBox to be rebuilt on every
single kernel update.

The build process of VirtualBox already outputs the kernel module source
along with the generated files for the configuration of the main
VirtualBox package. We put this into a different output called "modsrc"
which we re-use from linuxPackages.virtualbox, which is now only
containing the resulting kernel modules without the main user space
implementation.

This not only has the advantage of decluttering the Nix expression for
the user space portions but also gets rid of the need to nuke references
and the need to patch out "depmod -a".

Signed-off-by: aszlig <aszlig@redmoonstudios.org>

nixos/modules/virtualisation/virtualbox-host.nix

@@ -4,10 +4,15 @@ with lib;
 
 let
   cfg = config.virtualisation.virtualbox.host;
-  virtualbox = config.boot.kernelPackages.virtualbox.override {
+
+  virtualbox = pkgs.virtualbox.override {
     inherit (cfg) enableHardening headless;
   };
 
+  kernelModules = config.boot.kernelPackages.virtualbox.override {
+    inherit virtualbox;
+  };
+
 in
 
 {
@@ -60,7 +65,7 @@ in
 
   config = mkIf cfg.enable (mkMerge [{
     boot.kernelModules = [ "vboxdrv" "vboxnetadp" "vboxnetflt" ];
-    boot.extraModulePackages = [ virtualbox ];
+    boot.extraModulePackages = [ kernelModules ];
     environment.systemPackages = [ virtualbox ];
 
     security.setuidOwners = let

pkgs/applications/virtualization/virtualbox/default.nix

@@ -1,8 +1,8 @@
 { stdenv, buildEnv, fetchurl, lib, iasl, dev86, pam, libxslt, libxml2, libX11, xproto, libXext
-, libXcursor, libXmu, qt5, libIDL, SDL, libcap, zlib, libpng, glib, kernel, lvm2
+, libXcursor, libXmu, qt5, libIDL, SDL, libcap, zlib, libpng, glib, lvm2
 , libXrandr, libXinerama
 , which, alsaLib, curl, libvpx, gawk, nettools, dbus
-, xorriso, makeself, perl, pkgconfig, nukeReferences
+, xorriso, makeself, perl, pkgconfig
 , javaBindings ? false, jdk ? null
 , pythonBindings ? false, python ? null
 , enableExtensionPack ? false, requireFile ? null, patchelf ? null, fakeroot ? null
@@ -18,24 +18,6 @@ let
 
   inherit (importJSON ./upstream-info.json) version extpackRev extpack main;
 
-  forEachModule = action: ''
-    for mod in \
-      out/linux.*/${buildType}/bin/src/vboxdrv \
-      out/linux.*/${buildType}/bin/src/vboxpci \
-      out/linux.*/${buildType}/bin/src/vboxnetadp \
-      out/linux.*/${buildType}/bin/src/vboxnetflt
-    do
-      if [ "x$(basename "$mod")" != xvboxdrv -a ! -e "$mod/Module.symvers" ]
-      then
-        cp -v out/linux.*/${buildType}/bin/src/vboxdrv/Module.symvers \
-          "$mod/Module.symvers"
-      fi
-      INSTALL_MOD_PATH="$out" INSTALL_MOD_DIR=misc \
-      make -j $NIX_BUILD_CORES -C "$MODULES_BUILD_DIR" DEPMOD=/do_not_use_depmod \
-        "M=\$(PWD)/$mod" BUILD_TYPE="${buildType}" ${action}
-    done
-  '';
-
   # See https://github.com/NixOS/nixpkgs/issues/672 for details
   extensionPack = requireFile rec {
     name = "Oracle_VM_VirtualBox_Extension_Pack-${version}-${extpackRev}.vbox-extpack";
@@ -59,17 +41,19 @@ let
   };
 
 in stdenv.mkDerivation {
-  name = "virtualbox-${version}-${kernel.version}";
+  name = "virtualbox-${version}";
 
   src = fetchurl {
     url = "http://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
     sha256 = main;
   };
 
+  outputs = [ "out" "modsrc" ];
+
   buildInputs =
     [ iasl dev86 libxslt libxml2 xproto libX11 libXext libXcursor libIDL
       libcap glib lvm2 python alsaLib curl libvpx pam xorriso makeself perl
-      pkgconfig which libXmu nukeReferences libpng ]
+      pkgconfig which libXmu libpng ]
     ++ optional javaBindings jdk
     ++ optional pythonBindings python
     ++ optional pulseSupport libpulseaudio
@@ -80,14 +64,11 @@ in stdenv.mkDerivation {
 
   prePatch = ''
     set -x
-    MODULES_BUILD_DIR=`echo ${kernel.dev}/lib/modules/*/build`
-    sed -e 's@/lib/modules/`uname -r`/build@'$MODULES_BUILD_DIR@ \
-        -e 's@MKISOFS --version@MKISOFS -version@' \
+    sed -e 's@MKISOFS --version@MKISOFS -version@' \
         -e 's@PYTHONDIR=.*@PYTHONDIR=${if pythonBindings then python else ""}@' \
         -i configure
     ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.glibc.out}/lib/ld-linux.so.2
     ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.glibc.out}/lib/ld-linux-x86-64.so.2
-    find . -type f -iname '*makefile*' -exec sed -i -e 's/depmod -a/:/g' {} +
     sed -i -e '
       s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g
       s@"libasound\.so\.2"@"${alsaLib.out}/lib/libasound.so.2"@g
@@ -152,7 +133,6 @@ in stdenv.mkDerivation {
   buildPhase = ''
     source env.sh
     kmk -j $NIX_BUILD_CORES BUILD_TYPE="${buildType}"
-    ${forEachModule "modules"}
   '';
 
   installPhase = ''
@@ -164,9 +144,6 @@ in stdenv.mkDerivation {
     find out/linux.*/${buildType}/bin -mindepth 1 -maxdepth 1 \
       -name src -o -exec cp -avt "$libexec" {} +
 
-    # Install kernel modules
-    ${forEachModule "modules_install"}
-
     # Create wrapper script
     mkdir -p $out/bin
     for file in VirtualBox VBoxManage VBoxSDL VBoxBalloonCtrl VBoxBFE VBoxHeadless; do
@@ -198,8 +175,7 @@ in stdenv.mkDerivation {
       done
     ''}
 
-    # Get rid of a reference to linux.dev.
-    nuke-refs $out/lib/modules/*/misc/*.ko
+    cp -rv out/linux.*/${buildType}/bin/src "$modsrc"
   '';
 
   passthru = { inherit version; /* for guest additions */ };

pkgs/os-specific/linux/virtualbox/default.nix

@@ -0,0 +1,23 @@
+{ stdenv, virtualbox, kernel, strace }:
+
+stdenv.mkDerivation {
+  name = "virtualbox-modules-${virtualbox.version}-${kernel.version}";
+  src = virtualbox.modsrc;
+  hardeningDisable = [
+    "fortify" "pic" "stackprotector"
+  ];
+
+  makeFlags = [
+    "-C ${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
+    "INSTALL_MOD_PATH=$(out)"
+  ];
+  preBuild = "makeFlagsArray+=(\"M=$(pwd)\")";
+  buildFlags = [ "modules" ];
+  installTargets = [ "modules_install" ];
+
+  enableParallelBuilding = true;
+
+  meta = virtualbox.meta // {
+    description = virtualbox.meta.description + " (kernel modules)";
+  };
+}

pkgs/top-level/all-packages.nix

@@ -11399,23 +11399,13 @@ in
 
     vhba = callPackage ../misc/emulators/cdemu/vhba.nix { };
 
-    virtualbox = callPackage ../applications/virtualization/virtualbox {
-      stdenv = stdenv_32bit;
-      inherit (gnome) libIDL;
-      enableExtensionPack = config.virtualbox.enableExtensionPack or false;
-      pulseSupport = config.pulseaudio or false;
+    virtualbox = callPackage ../os-specific/linux/virtualbox {
+      virtualbox = pkgs.virtualboxHardened;
     };
 
-    virtualboxHardened = lowPrio (virtualbox.override {
-      enableHardening = true;
-    });
-
-    virtualboxHeadless = lowPrio (virtualbox.override {
-      enableHardening = true;
-      headless = true;
-    });
-
-    virtualboxGuestAdditions = callPackage ../applications/virtualization/virtualbox/guest-additions { };
+    virtualboxGuestAdditions = callPackage ../applications/virtualization/virtualbox/guest-additions {
+      virtualbox = pkgs.virtualboxHardened;
+    };
 
     wireguard = callPackage ../os-specific/linux/wireguard { };
 
@@ -15224,6 +15214,22 @@ in
 
   virtinst = callPackage ../applications/virtualization/virtinst {};
 
+  virtualbox = callPackage ../applications/virtualization/virtualbox {
+    stdenv = stdenv_32bit;
+    inherit (gnome) libIDL;
+    enableExtensionPack = config.virtualbox.enableExtensionPack or false;
+    pulseSupport = config.pulseaudio or false;
+  };
+
+  virtualboxHardened = lowPrio (virtualbox.override {
+    enableHardening = true;
+  });
+
+  virtualboxHeadless = lowPrio (virtualbox.override {
+    enableHardening = true;
+    headless = true;
+  });
+
   virtualglLib = callPackage ../tools/X11/virtualgl/lib.nix {
     fltk = fltk13;
   };