3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

101 commits

Author SHA1 Message Date
obadz 24a9183f90 Merge branch 'hardened-stdenv' into staging
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
Jan Malakhovski fdca71776a xen: cleanup 4.5.0 expression a bit 2016-08-13 21:53:25 +00:00
Jan Malakhovski 16ce708555 xen: fix urls and hashes (fallout from #15469) 2016-08-13 21:53:24 +00:00
Robin Gloster d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Vladimír Čunát ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Robin Gloster 3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
Domen Kožar 9ad60eae48 xen: remove unneeded depds now that stubdom is disabled 2016-03-09 18:56:25 +00:00
Domen Kožar 086a7d138d xen: disable stubdom due to #13590 2016-03-09 13:51:45 +00:00
Franz Pletz aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster a53bd9daa8 xen: turn off pic hardening 2016-02-11 01:44:23 +00:00
Robin Gloster 82daf82e61 xen: turn off fortify 2016-02-09 01:10:57 +00:00
Vladimír Čunát ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Robin Gloster 359b1726a5 xen: turn off stackprotector hardening 2016-01-30 16:36:57 +00:00
Robin Gloster f6d3b7a2ae switch hardening flags 2016-01-30 16:36:57 +00:00
Franz Pletz 954e9903ad Use a hardened stdenv by default 2016-01-30 16:36:57 +00:00
aszlig c92d7481a5
multipath_tools: Rename to multipath-tools
See http://nixos.org/nixpkgs/manual/#sec-package-naming

I've added an alias for multipath_tools to make sure that we don't break
existing configurations referencing the old name.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-21 16:18:38 +01:00
Luca Bruno 5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Michael Weiss 73058eb946 xen: 4.5.1 -> 4.5.2
Excerpt from upstream release notes:
This release also contains the security fixes for XSA-137, XSA-138, XSA-141 to XSA-153.
XSA-139 and XSA-140 only apply to QEMU Upstream and are fixed from versions 2.3.1 and 2.4.0 of QEMU.
The qemu portion of XSA-135 has also been applied to qemu-traditional.
2015-11-20 16:57:27 +01:00
Vladimír Čunát 91407a8bdf ncurses: split into multiple outputs
Some programs (e.g. tput) might better be moved somewhere else than
$dev/bin, but that can be improved later if need be.
2015-10-13 20:18:44 +02:00
Vladimír Čunát 88c9f8b574 xlibs: replace occurrences by xorg
This seems to have been confusing people, using both xlibs and xorg, etc.
- Avoided renaming local (and different) xlibs binding in gcc*.
- Fixed cases where both xorg and xlibs were used.
Hopefully everything still works as before.
2015-09-15 12:54:34 +02:00
Thomas Strobel e80b41e94f xen: remove 4.4.1 + fixes compilation of 4.5.x, fixes #9572 2015-09-02 08:33:24 +02:00
Thomas Strobel 2ff9129337 xen: fixes (authored by michalpalka)
Xen required a few changes in order to be usable:
* Include xenfs module in initrd as loading it in the activation
  script was failing.
* Include /etc/default/xendomains, which is needed by
  xen-domains service.
* Create /var/log/xen and /var/lib/xen directories in
  the xen-store service, which are needed by the xl command.
  The directories could be created by any other script as long as
  they are guaranteed to exist before xl is called.
* Fix a reference to /bin/ls in the xendomains script.
2015-07-15 12:38:37 +02:00
Thomas Strobel 649697ddcf Xen: add XEN 4.5.1 2015-07-02 16:37:03 +02:00
Thomas Strobel 6bd694321d Xen: enable Spice/QXL + add libhvm + minor fixes 2015-07-02 16:33:01 +02:00
Thomas Strobel 6ad73af7a2 Fix: Build Xen only for x86_64 Linux platforms. 2015-02-27 08:13:05 +01:00
Bjørn Forsman 34f8d2597c Fix eval (xen: bridge_utils => bridge-utils) 2015-02-26 20:49:33 +01:00
Thomas Strobel 3d4fbb874c Update: add new Xen versions + update NixOS Xen modules
Versions of XEN:
- Xen 4.5
- Xen 4.5 + XenServer patches
- Xen 4.4.1
2015-02-25 23:30:44 +01:00
Bjørn Forsman 97875ac175 bridge-utils: align attrname with pkgname 2015-02-20 22:30:51 +01:00
Thomas Strobel 732c303bb8 Update: Xen -> 4.4.1 2014-12-22 09:51:27 +01:00
Domen Kožar 58b6c4fce9 xen: note about security for next bump 2014-10-02 10:23:09 +02:00
Eelco Dolstra 8a7f3c3618 Mark a bunch of packages as broken or not supported on Darwin 2014-08-08 17:59:02 +02:00
Rob Vermaas 64561b437d Remove broken flag for xen, build with gcc45. 2014-08-01 17:18:27 +02:00
Eelco Dolstra 754704ea18 Allow packages to be marked as "broken" by setting meta.broken
The effect is that they won't show up in "nix-env -qa" anymore.
2013-11-04 21:11:00 +01:00
Jan Malakhovski da7408e105 xen: Support PCI passthrough.
Previous commit reverted Xen back to 4.0.3 because xend from 4.1.* and newer
hangs for unknown reasons.
The new "xl" toolstack from 4.1.* and unstable works, yet PCI passthrough is not
supported by xl in 4.1.* and is broken in the unstable.

With this patch I was able to passthrough ATI Radeon HD 6950 without 3D
acceleration, though, to both Linux and Windows guests. Which is the best
archived result with Xen PCI passthrough on NixOS after trying out all possible
Xen versions.
Same VGA card works fine if passed through into a guest with KVM (acceleration,
GPGPU, everything works). I should have tried KVM from the start.
2012-08-08 03:16:57 +04:00
Jan Malakhovski bff9f2720f Revert "xen: update to version 4.1.2"
This reverts commit af32fd6ce3.
2012-08-08 02:30:25 +04:00
Peter Simons af32fd6ce3 xen: update to version 4.1.2
Patch submitted by Jan Malakhovski <oxij@oxij.org>.
2012-07-02 17:45:47 +02:00
Eelco Dolstra a0bc441980 * Updated Xen to 4.0.3 (mostly to get it to build with GCC 4.6).
svn path=/nixpkgs/branches/stdenv-updates/; revision=32380
2012-02-18 00:18:26 +00:00
Eelco Dolstra ed58c55155 * xen: Build succesfully if $out already exists (needed for WCRE).
svn path=/nixpkgs/trunk/; revision=27580
2011-07-02 19:21:28 +00:00
Eelco Dolstra 353d450867 * wrapPythonPrograms: don't hard-code the Python library prefix.
svn path=/nixpkgs/branches/modular-python/; revision=26594
2011-03-29 15:19:59 +00:00
Eelco Dolstra c1b64da1c9 * xen: use wrapPython.
svn path=/nixpkgs/branches/modular-python/; revision=26584
2011-03-28 18:12:32 +00:00
Eelco Dolstra 770ca317ba * Get Xen to build with GCC 4.5 and Glibc 2.12.
svn path=/nixpkgs/branches/stdenv-updates/; revision=25247
2010-12-22 19:38:26 +00:00
Eelco Dolstra 3137cb5c59 * Apply some fixes to the xendomains script.
svn path=/nixpkgs/trunk/; revision=24120
2010-10-06 16:04:04 +00:00
Eelco Dolstra d11c271dcb * Install the Xen manpages.
svn path=/nixpkgs/trunk/; revision=24109
2010-10-06 11:04:07 +00:00
Eelco Dolstra b801c21d1f * Build Xen's stubdoms, in particular pv-grub (needed to securely boot
from a kernel/initrd stored on a guest filesystem).

svn path=/nixpkgs/trunk/; revision=24062
2010-10-04 23:25:03 +00:00
Eelco Dolstra fd538ef53d * Fix some more paths in Xen, and make it use /etc/xen for its
configuration files.

svn path=/nixpkgs/trunk/; revision=23821
2010-09-16 15:21:28 +00:00
Eelco Dolstra cdecced3b0 * Fix various references to /usr.
svn path=/nixpkgs/trunk/; revision=23788
2010-09-14 13:50:32 +00:00
Eelco Dolstra cea083bec9 * Set the Python search path for Xen's Python scripts. As an
experiment, do this by patching a line setting sys.path into the
  script, rather than using makeWrapper.
* Xen requires pythonFull because it needs https/ssl support.

svn path=/nixpkgs/trunk/; revision=23710
2010-09-10 10:53:17 +00:00
Eelco Dolstra c1867fe704 * Get Xen to build. It's not tested yet and doesn't include a Dom0
kernel.

svn path=/nixpkgs/trunk/; revision=23698
2010-09-09 16:45:18 +00:00
Marc Weber f7f938a1d1 big breaking change: renaming lib.getAttr to lib.attrByPath
getAttr was ambiguous. It's also a builtin function

fix

svn path=/nixpkgs/trunk/; revision=15692
2009-05-24 10:57:41 +00:00
Marc Weber 52647ea3b0 FullDepEntry -> fullDepEntry, PackEntry -> packEntry
svn path=/nixpkgs/trunk/; revision=15662
2009-05-19 23:25:58 +00:00
Michael Raskin 3a7ffa5c58 Some of preparation work for adding Xen. Troubles: 1. Xen Dom0 support not complete in mainline. 2. Xen's love to check for headers in /usr/include. To do afterwards: We need to change bootloading setup a bit.
svn path=/nixpkgs/trunk/; revision=12941
2008-10-04 15:24:08 +00:00