From 303883a7b64b7cd78d8ff1228976109efe0d178f Mon Sep 17 00:00:00 2001
From: Fernando Rodrigues <alpha@sigmasquadron.net>
Date: Sun, 8 Sep 2024 21:50:10 +0000
Subject: [PATCH 1/2] xen: use lib.optional for knownVulnerabilities

Tiny cosmetic change. It's a singleton list so lib.lists.optionals is
unecessary.

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
---
 pkgs/applications/virtualization/xen/generic/default.nix | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/pkgs/applications/virtualization/xen/generic/default.nix b/pkgs/applications/virtualization/xen/generic/default.nix
index d273f9b1f381..c677c56bae25 100644
--- a/pkgs/applications/virtualization/xen/generic/default.nix
+++ b/pkgs/applications/virtualization/xen/generic/default.nix
@@ -711,8 +711,6 @@ stdenv.mkDerivation (finalAttrs: {
     mainProgram = "xl";
     # Evaluates to x86_64-linux.
     platforms = lib.lists.intersectLists lib.platforms.linux lib.platforms.x86_64;
-    knownVulnerabilities = lib.lists.optionals (lib.strings.versionOlder version minSupportedVersion) [
-      "Xen ${version} is no longer supported by the Xen Security Team. See https://xenbits.xenproject.org/docs/unstable/support-matrix.html"
-    ];
+    knownVulnerabilities = lib.lists.optional (lib.strings.versionOlder version minSupportedVersion) "Xen ${version} is no longer supported by the Xen Security Team. See https://xenbits.xenproject.org/docs/unstable/support-matrix.html";
   };
 })

From ffeb03cc5048b1473570e98d3fb8f56e4651b44e Mon Sep 17 00:00:00 2001
From: Fernando Rodrigues <alpha@sigmasquadron.net>
Date: Sun, 8 Sep 2024 21:50:19 +0000
Subject: [PATCH 2/2] xen: drop 4.16

While Xen 4.16 has not yet reached EOL, it isn't convenient
for us to keep shipping it, as it'll reach EOL a couple
of days after NixOS 24.11 releases.

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
---
 .../virtualization/xen/4.16/default.nix       | 57 -------------------
 .../virtualization/xen/generic/default.nix    |  2 +-
 .../virtualization/xen/packages.nix           |  9 ---
 pkgs/top-level/all-packages.nix               |  1 -
 4 files changed, 1 insertion(+), 68 deletions(-)
 delete mode 100644 pkgs/applications/virtualization/xen/4.16/default.nix

diff --git a/pkgs/applications/virtualization/xen/4.16/default.nix b/pkgs/applications/virtualization/xen/4.16/default.nix
deleted file mode 100644
index 27139ca06e8e..000000000000
--- a/pkgs/applications/virtualization/xen/4.16/default.nix
+++ /dev/null
@@ -1,57 +0,0 @@
-{
-  lib,
-  fetchpatch,
-  callPackage,
-  ocaml-ng,
-  ...
-}@genericDefinition:
-
-let
-  upstreamPatches = import ../generic/patches.nix {
-    inherit lib;
-    inherit fetchpatch;
-  };
-
-  upstreamPatchList = lib.lists.flatten (
-    with upstreamPatches;
-    [
-      XSA_458
-      XSA_460
-      XSA_461
-    ]
-  );
-in
-
-callPackage (import ../generic/default.nix {
-  pname = "xen";
-  branch = "4.16";
-  version = "4.16.6";
-  latest = false;
-  pkg = {
-    xen = {
-      rev = "4b33780de790bd438dd7cbb6143b410d94f0f049";
-      hash = "sha256-2kcmfKwBo3w1U5CSxLSYSteqvzcJaB+cA7keVb3amyA=";
-      patches = [ ] ++ upstreamPatchList;
-    };
-    qemu = {
-      rev = "c02cb236b5e4a76cf74e641cc35a0e3ebd3e52f3";
-      hash = "sha256-LwlPry04az9QQowaDG2la8PYlGOUMbZaQAsCHxj+pwM=";
-      patches = [ ];
-    };
-    seaBIOS = {
-      rev = "d239552ce7220e448ae81f41515138f7b9e3c4db";
-      hash = "sha256-UKMceJhIprN4/4Xe4EG2EvKlanxVcEi5Qcrrk3Ogiik=";
-      patches = [ ];
-    };
-    ovmf = {
-      rev = "7b4a99be8a39c12d3a7fc4b8db9f0eab4ac688d5";
-      hash = "sha256-Qq2RgktCkJZBsq6Ch+6tyRHhme4lfcN7d2oQfxwhQt8=";
-      patches = [ ];
-    };
-    ipxe = {
-      rev = "3c040ad387099483102708bb1839110bc788cefb";
-      hash = "sha256-y2QdZEoGsGUQjrrvD8YRa8VoqcZSr4tjLM//I/MrsLI=";
-      patches = [ ];
-    };
-  };
-}) ({ ocamlPackages = ocaml-ng.ocamlPackages_4_14; } // genericDefinition)
diff --git a/pkgs/applications/virtualization/xen/generic/default.nix b/pkgs/applications/virtualization/xen/generic/default.nix
index c677c56bae25..4c879e38d2a8 100644
--- a/pkgs/applications/virtualization/xen/generic/default.nix
+++ b/pkgs/applications/virtualization/xen/generic/default.nix
@@ -105,7 +105,7 @@ let
   inherit (versionDefinition) pkg;
 
   # Mark versions older than minSupportedVersion as EOL.
-  minSupportedVersion = "4.16";
+  minSupportedVersion = "4.17";
 
   ## Pre-fetched Source Handling ##
 
diff --git a/pkgs/applications/virtualization/xen/packages.nix b/pkgs/applications/virtualization/xen/packages.nix
index 5f0f50ecd736..77c9cbf099a3 100644
--- a/pkgs/applications/virtualization/xen/packages.nix
+++ b/pkgs/applications/virtualization/xen/packages.nix
@@ -53,13 +53,4 @@ rec {
     withInternalIPXE = false;
     inherit (slim) meta;
   };
-
-  xen_4_16 = callPackage ./4.16/default.nix { inherit (standard) meta; };
-  xen_4_16-slim = xen_4_16.override {
-    withInternalQEMU = false;
-    withInternalSeaBIOS = false;
-    withInternalOVMF = false;
-    withInternalIPXE = false;
-    inherit (slim) meta;
-  };
 }
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 57e5ee790858..3be93777c211 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -26922,7 +26922,6 @@ with pkgs;
   qemu_xen_4_19 = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xenPackages.xen_4_19-slim; });
   qemu_xen_4_18 = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xenPackages.xen_4_18-slim; });
   qemu_xen_4_17 = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xenPackages.xen_4_17-slim; });
-  qemu_xen_4_16 = lowPrio (qemu.override { hostCpuOnly = true; xenSupport = true; xen = xenPackages.xen_4_16-slim; });
   qemu_xen = qemu_xen_4_19;
 
   qemu_test = lowPrio (qemu.override { hostCpuOnly = true; nixosTestRunner = true; });