Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/virtualbox/versions.
These checks were done:
- built on NixOS
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxManage -h’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxManage --help’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxManage help’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxBalloonCtrl -h’ got 0 exit code
- ran ‘/nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12/bin/VBoxBalloonCtrl --help’ got 0 exit code
- found 5.2.12 with grep in /nix/store/6769l9s88jlcv3qgxpjsfr1ybkq3yvvb-virtualbox-5.2.12
- directory tree listing: https://gist.github.com/f9bf852a0a8e6e0b4c44a9b68764850b
Upstream changes without issue IDs:
* GUI: fixed occasional screen corruption when host screen resolution
is changed
* User interface: increase proposed disk size when creating new VMs for
Windows 7 and newer
* User interface: various improvements for high resolution screens
* VMM: Fixed problems using 256MB VRAM in raw-mode VMs
* Audio: implemented support for audio playback and recording for macOS
guests
* Audio: further timing improvements for Windows 10 guests
* Linux hosts: fixed problem accessing mini-toolbar under XFCE
The full changelog including issue IDs can be found at:
https://www.virtualbox.org/wiki/Changelog#v6
What was not mentioned in the changelog is that this release fixes
compiling the VirtualBox modules against kernel 4.15, which was added in
commit 61043ad4d1.
Tested this by running all of the tests in nixos/tests/virtualbox.nix.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @flokli, @svanderburg
[...]
make modules -C /nix/store/h1vzl6bq4wif3m8dd1bw2p3fv4shjg3n-linux-4.14.9-dev/lib/modules/4.14.9/build EXTRA_CFLAGS=-Werror-implicit-function-declaration M=/tmp/nix-build-spl-kernel-2017-11-16-4.14.9.drv-0/source/build
/nix/store/h1vzl6bq4wif3m8dd1bw2p3fv4shjg3n-linux-4.14.9-dev/lib/modules/4.14.9/source/Makefile:939: *** "Cannot generate ORC metadata for CONFIG_UNWINDER_ORC=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel". Stop.
This patch introduces kernel.moduleBuildDependencies to avoid the logic "stdenv.lib.optional (stdenv.lib.versionAtLeast kernel.version "4.14") libelf" in multiple places.
[dezgeg did some minor tweaks on top]
Upstream changes without issue IDs:
* User interface: various improvements for high resolution screens
* User interface: added functionality to duplicate optical and floppy
images
* User interface: various improvements for the virtual media manager
* VMM: fixed emulation so that Plan 9 guests can start once more (5.1.0
regression)
* Storage: fixed regression breaking iSCSI
* Audio: added HDA support for more exotic guests (e.g. Haiku)
* Serial: fixed hanging I/O when using named pipes on Windows (5.2.0
regression)
* Serial: fixed broken communication with certain devices on Linux
hosts
* USB/OHCI: improved behavior so that the controller state after a VM
reset is closer to the initial state after VM start
* EFI: fixed HFS+ driver which in rare cases failed to access most
files on a volume
* Shared clipboard: fixed hang with OS X host and Linux guest
* Linux hosts: fixed kernel module compilation and start failures with
Linux kernel 4.14
* X11 hosts: better handle WM_CLASS setting
* Linux guests: fixed kernel module compilation and other problems with
Linux kernel 4.14
* Linux guests: fixed various 5.2.0 regressions
* Bridged networking: fixed duplicate EtherType in VLAN/priority tags
on Linux (5.2.0 regression)
The full changelog including issue IDs can be found at:
https://www.virtualbox.org/wiki/Changelog
Aside from just bumping the version number I also had to strip 3 levels
of the paths included in the guest-additions patches, because the
version was hardcoded in there and the patches still apply as-is.
I've re-added the stripped path using patchFlags and the -d option of
the patch utility.
Tested this by running all of the tests in the "virtualbox" NixOS VM
test module, here is the URL to the finished evaluation on my Hydra:
https://headcounter.org/hydra/eval/380191
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @NeQuissimus, @orivej, @etu, @vcunat
Issue: https://github.com/NixOS/nixpkgs/issues/31640
Issue: https://github.com/NixOS/nixpkgs/pull/31037
Compiling the kernel modules on Linux 4.12 fails, so I've included an
upstream patch from:
https://www.virtualbox.org/changeset/66927/vbox
The patch is applied against the guest additions as well, where we need
to transform the patch a bit so that we get CR LF line endings (DOS
format), which is what is the case for the guest additions ISO.
I've tested this with all the subtests of the "virtualbox" NixOS VM
tests and they all succeed on x86_64-linux.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The merge of the version bump in
6fb9f89238 didn't take care of our patch
for the hardening mode and thus enabling VirtualBox without also
force-disabling hardening mode will result in a build error.
While the patch is largely identical with the old version, I've removed
one particular change around the following code:
if (pFsObjState->Stat.st_mode & S_IWOTH)
return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo,
"World writable: '", pszPath, "'");
In the old version of the patch we have checked whether the path is
within the Nix store and suppressed the error return if that's the case.
The reason why I did that in the first place was because we had a bunch
of symlinks which were writable.
In VirtualBox 5.1.22 the code specifically checks whether the file is a
symlink, so we can safely drop our change.
Tested via all of the "virtualbox" NixOS VM subtests and they now all
succeed.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Putting information in external JSON files is IMHO not an improvement
over the idiomatic style of Nix expressions. The use of JSON doesn't
add anything over Nix expressions (in fact it removes expressive
power). And scattering package info over lots of little files makes
packages less readable over having the info in one file.
From LWN:
From the NVD entries:
CVE-2016-5501: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality,
integrity, and availability via vectors related to Core, a different
vulnerability than CVE-2016-5538.
CVE-2016-5538: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality,
integrity, and availability via vectors related to Core, a different
vulnerability than CVE-2016-5501.
CVE-2016-5605: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.1.4 in Oracle Virtualization allows remote
attackers to affect confidentiality and integrity via vectors related
to VRDE.
CVE-2016-5608: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect availability via vectors
related to Core, a different vulnerability than CVE-2016-5613.
CVE-2016-5610: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality,
integrity, and availability via vectors related to Core.
CVE-2016-5611: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect confidentiality via
vectors related to Core.
CVE-2016-5613: Unspecified vulnerability in the Oracle VM VirtualBox
component before 5.0.28 and 5.1.x before 5.1.8 in Oracle
Virtualization allows local users to affect availability via vectors
related to Core, a different vulnerability than CVE-2016-5608.
