Commit Graph

48 Commits

Author SHA1 Message Date
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Robin Gloster
3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
Domen Kožar
9ad60eae48 xen: remove unneeded depds now that stubdom is disabled 2016-03-09 18:56:25 +00:00
Domen Kožar
086a7d138d xen: disable stubdom due to #13590 2016-03-09 13:51:45 +00:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster
a53bd9daa8 xen: turn off pic hardening 2016-02-11 01:44:23 +00:00
Robin Gloster
82daf82e61 xen: turn off fortify 2016-02-09 01:10:57 +00:00
Vladimír Čunát
ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Robin Gloster
359b1726a5 xen: turn off stackprotector hardening 2016-01-30 16:36:57 +00:00
Robin Gloster
f6d3b7a2ae switch hardening flags 2016-01-30 16:36:57 +00:00
Franz Pletz
954e9903ad Use a hardened stdenv by default 2016-01-30 16:36:57 +00:00
aszlig
c92d7481a5
multipath_tools: Rename to multipath-tools
See http://nixos.org/nixpkgs/manual/#sec-package-naming

I've added an alias for multipath_tools to make sure that we don't break
existing configurations referencing the old name.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-21 16:18:38 +01:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Michael Weiss
73058eb946 xen: 4.5.1 -> 4.5.2
Excerpt from upstream release notes:
This release also contains the security fixes for XSA-137, XSA-138, XSA-141 to XSA-153.
XSA-139 and XSA-140 only apply to QEMU Upstream and are fixed from versions 2.3.1 and 2.4.0 of QEMU.
The qemu portion of XSA-135 has also been applied to qemu-traditional.
2015-11-20 16:57:27 +01:00
Vladimír Čunát
91407a8bdf ncurses: split into multiple outputs
Some programs (e.g. tput) might better be moved somewhere else than
$dev/bin, but that can be improved later if need be.
2015-10-13 20:18:44 +02:00
Vladimír Čunát
88c9f8b574 xlibs: replace occurrences by xorg
This seems to have been confusing people, using both xlibs and xorg, etc.
- Avoided renaming local (and different) xlibs binding in gcc*.
- Fixed cases where both xorg and xlibs were used.
Hopefully everything still works as before.
2015-09-15 12:54:34 +02:00
Thomas Strobel
e80b41e94f xen: remove 4.4.1 + fixes compilation of 4.5.x, fixes #9572 2015-09-02 08:33:24 +02:00
Thomas Strobel
2ff9129337 xen: fixes (authored by michalpalka)
Xen required a few changes in order to be usable:
* Include xenfs module in initrd as loading it in the activation
  script was failing.
* Include /etc/default/xendomains, which is needed by
  xen-domains service.
* Create /var/log/xen and /var/lib/xen directories in
  the xen-store service, which are needed by the xl command.
  The directories could be created by any other script as long as
  they are guaranteed to exist before xl is called.
* Fix a reference to /bin/ls in the xendomains script.
2015-07-15 12:38:37 +02:00
Thomas Strobel
649697ddcf Xen: add XEN 4.5.1 2015-07-02 16:37:03 +02:00
Thomas Strobel
6bd694321d Xen: enable Spice/QXL + add libhvm + minor fixes 2015-07-02 16:33:01 +02:00
Thomas Strobel
6ad73af7a2 Fix: Build Xen only for x86_64 Linux platforms. 2015-02-27 08:13:05 +01:00
Bjørn Forsman
34f8d2597c Fix eval (xen: bridge_utils => bridge-utils) 2015-02-26 20:49:33 +01:00
Thomas Strobel
3d4fbb874c Update: add new Xen versions + update NixOS Xen modules
Versions of XEN:
- Xen 4.5
- Xen 4.5 + XenServer patches
- Xen 4.4.1
2015-02-25 23:30:44 +01:00
Bjørn Forsman
97875ac175 bridge-utils: align attrname with pkgname 2015-02-20 22:30:51 +01:00
Thomas Strobel
732c303bb8 Update: Xen -> 4.4.1 2014-12-22 09:51:27 +01:00
Domen Kožar
58b6c4fce9 xen: note about security for next bump 2014-10-02 10:23:09 +02:00
Eelco Dolstra
8a7f3c3618 Mark a bunch of packages as broken or not supported on Darwin 2014-08-08 17:59:02 +02:00
Rob Vermaas
64561b437d Remove broken flag for xen, build with gcc45. 2014-08-01 17:18:27 +02:00
Eelco Dolstra
754704ea18 Allow packages to be marked as "broken" by setting meta.broken
The effect is that they won't show up in "nix-env -qa" anymore.
2013-11-04 21:11:00 +01:00
Jan Malakhovski
da7408e105 xen: Support PCI passthrough.
Previous commit reverted Xen back to 4.0.3 because xend from 4.1.* and newer
hangs for unknown reasons.
The new "xl" toolstack from 4.1.* and unstable works, yet PCI passthrough is not
supported by xl in 4.1.* and is broken in the unstable.

With this patch I was able to passthrough ATI Radeon HD 6950 without 3D
acceleration, though, to both Linux and Windows guests. Which is the best
archived result with Xen PCI passthrough on NixOS after trying out all possible
Xen versions.
Same VGA card works fine if passed through into a guest with KVM (acceleration,
GPGPU, everything works). I should have tried KVM from the start.
2012-08-08 03:16:57 +04:00
Jan Malakhovski
bff9f2720f Revert "xen: update to version 4.1.2"
This reverts commit af32fd6ce3.
2012-08-08 02:30:25 +04:00
Peter Simons
af32fd6ce3 xen: update to version 4.1.2
Patch submitted by Jan Malakhovski <oxij@oxij.org>.
2012-07-02 17:45:47 +02:00
Eelco Dolstra
a0bc441980 * Updated Xen to 4.0.3 (mostly to get it to build with GCC 4.6).
svn path=/nixpkgs/branches/stdenv-updates/; revision=32380
2012-02-18 00:18:26 +00:00
Eelco Dolstra
ed58c55155 * xen: Build succesfully if $out already exists (needed for WCRE).
svn path=/nixpkgs/trunk/; revision=27580
2011-07-02 19:21:28 +00:00
Eelco Dolstra
353d450867 * wrapPythonPrograms: don't hard-code the Python library prefix.
svn path=/nixpkgs/branches/modular-python/; revision=26594
2011-03-29 15:19:59 +00:00
Eelco Dolstra
c1b64da1c9 * xen: use wrapPython.
svn path=/nixpkgs/branches/modular-python/; revision=26584
2011-03-28 18:12:32 +00:00
Eelco Dolstra
770ca317ba * Get Xen to build with GCC 4.5 and Glibc 2.12.
svn path=/nixpkgs/branches/stdenv-updates/; revision=25247
2010-12-22 19:38:26 +00:00
Eelco Dolstra
3137cb5c59 * Apply some fixes to the xendomains script.
svn path=/nixpkgs/trunk/; revision=24120
2010-10-06 16:04:04 +00:00
Eelco Dolstra
d11c271dcb * Install the Xen manpages.
svn path=/nixpkgs/trunk/; revision=24109
2010-10-06 11:04:07 +00:00
Eelco Dolstra
b801c21d1f * Build Xen's stubdoms, in particular pv-grub (needed to securely boot
from a kernel/initrd stored on a guest filesystem).

svn path=/nixpkgs/trunk/; revision=24062
2010-10-04 23:25:03 +00:00
Eelco Dolstra
fd538ef53d * Fix some more paths in Xen, and make it use /etc/xen for its
configuration files.

svn path=/nixpkgs/trunk/; revision=23821
2010-09-16 15:21:28 +00:00
Eelco Dolstra
cdecced3b0 * Fix various references to /usr.
svn path=/nixpkgs/trunk/; revision=23788
2010-09-14 13:50:32 +00:00
Eelco Dolstra
cea083bec9 * Set the Python search path for Xen's Python scripts. As an
experiment, do this by patching a line setting sys.path into the
  script, rather than using makeWrapper.
* Xen requires pythonFull because it needs https/ssl support.

svn path=/nixpkgs/trunk/; revision=23710
2010-09-10 10:53:17 +00:00
Eelco Dolstra
c1867fe704 * Get Xen to build. It's not tested yet and doesn't include a Dom0
kernel.

svn path=/nixpkgs/trunk/; revision=23698
2010-09-09 16:45:18 +00:00
Marc Weber
f7f938a1d1 big breaking change: renaming lib.getAttr to lib.attrByPath
getAttr was ambiguous. It's also a builtin function

fix

svn path=/nixpkgs/trunk/; revision=15692
2009-05-24 10:57:41 +00:00
Marc Weber
52647ea3b0 FullDepEntry -> fullDepEntry, PackEntry -> packEntry
svn path=/nixpkgs/trunk/; revision=15662
2009-05-19 23:25:58 +00:00
Michael Raskin
3a7ffa5c58 Some of preparation work for adding Xen. Troubles: 1. Xen Dom0 support not complete in mainline. 2. Xen's love to check for headers in /usr/include. To do afterwards: We need to change bootloading setup a bit.
svn path=/nixpkgs/trunk/; revision=12941
2008-10-04 15:24:08 +00:00