Commit graph

62 commits

Author SHA1 Message Date
Graham Christensen
4e6c7faf36
xen: patch for many XSAs
- XSA-190
 - XSA-191
 - XSA-192
 - XSA-193
 - XSA-195
 - XSA-196
 - XSA-198
 - XSA-200
 - XSA_202
 - XSA-204
2016-12-21 14:37:47 -05:00
Graham Christensen
a2d6e8a2eb
xen: Fix patch hashes
I had used nix-prefetch-url, where fetchpatch doesn't support it.
2016-12-09 07:22:35 -05:00
Graham Christensen
86da9839b1
xen: Patch for CVE-2016-9385, CVE-2016-9377, and CVE-2016-9378 2016-12-07 20:16:05 -05:00
Frederik Rietdijk
4833f8bada xen: use python2 2016-10-22 16:47:21 +02:00
Vladimír Čunát
4d5b893002 Merge #19081: gnome-3.22
Also master commits are brought in.
2016-10-20 23:04:10 +02:00
Graham Christensen
4e89b237bc
xen: 4.5.2 -> 4.5.5, drop old versions 2016-10-14 17:09:18 -04:00
Vladimír Čunát
6eeea6effd Python: more evaluation fixups. 2016-10-14 00:03:12 +02:00
Kirill Boltaev
e61663a233 treewide: move to ocaml-ng system 2016-09-26 02:36:49 +03:00
Robin Gloster
29c5ccea4a
xen: remove obsolete substituteInPlace 2016-08-27 21:54:30 +00:00
obadz
0e8d2725dc Merge branch 'master' into staging 2016-08-23 18:50:06 +01:00
Franz Pletz
a12b2bfb8b xen: Fix build on Glibc 2.24 2016-08-23 19:17:36 +02:00
obadz
24a9183f90 Merge branch 'hardened-stdenv' into staging
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
2016-08-22 01:19:35 +01:00
Jan Malakhovski
fdca71776a xen: cleanup 4.5.0 expression a bit 2016-08-13 21:53:25 +00:00
Jan Malakhovski
16ce708555 xen: fix urls and hashes (fallout from #15469) 2016-08-13 21:53:24 +00:00
Robin Gloster
d020caa5b2 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-04-18 13:49:22 +00:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
2016-04-01 10:06:01 +02:00
Robin Gloster
3f45f0948d Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-03-15 01:44:24 +00:00
Domen Kožar
9ad60eae48 xen: remove unneeded depds now that stubdom is disabled 2016-03-09 18:56:25 +00:00
Domen Kožar
086a7d138d xen: disable stubdom due to #13590 2016-03-09 13:51:45 +00:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster
a53bd9daa8 xen: turn off pic hardening 2016-02-11 01:44:23 +00:00
Robin Gloster
82daf82e61 xen: turn off fortify 2016-02-09 01:10:57 +00:00
Vladimír Čunát
ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Robin Gloster
359b1726a5 xen: turn off stackprotector hardening 2016-01-30 16:36:57 +00:00
Robin Gloster
f6d3b7a2ae switch hardening flags 2016-01-30 16:36:57 +00:00
Franz Pletz
954e9903ad Use a hardened stdenv by default 2016-01-30 16:36:57 +00:00
aszlig
c92d7481a5
multipath_tools: Rename to multipath-tools
See http://nixos.org/nixpkgs/manual/#sec-package-naming

I've added an alias for multipath_tools to make sure that we don't break
existing configurations referencing the old name.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-21 16:18:38 +01:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Michael Weiss
73058eb946 xen: 4.5.1 -> 4.5.2
Excerpt from upstream release notes:
This release also contains the security fixes for XSA-137, XSA-138, XSA-141 to XSA-153.
XSA-139 and XSA-140 only apply to QEMU Upstream and are fixed from versions 2.3.1 and 2.4.0 of QEMU.
The qemu portion of XSA-135 has also been applied to qemu-traditional.
2015-11-20 16:57:27 +01:00
Vladimír Čunát
91407a8bdf ncurses: split into multiple outputs
Some programs (e.g. tput) might better be moved somewhere else than
$dev/bin, but that can be improved later if need be.
2015-10-13 20:18:44 +02:00
Vladimír Čunát
88c9f8b574 xlibs: replace occurrences by xorg
This seems to have been confusing people, using both xlibs and xorg, etc.
- Avoided renaming local (and different) xlibs binding in gcc*.
- Fixed cases where both xorg and xlibs were used.
Hopefully everything still works as before.
2015-09-15 12:54:34 +02:00
Thomas Strobel
e80b41e94f xen: remove 4.4.1 + fixes compilation of 4.5.x, fixes #9572 2015-09-02 08:33:24 +02:00
Thomas Strobel
2ff9129337 xen: fixes (authored by michalpalka)
Xen required a few changes in order to be usable:
* Include xenfs module in initrd as loading it in the activation
  script was failing.
* Include /etc/default/xendomains, which is needed by
  xen-domains service.
* Create /var/log/xen and /var/lib/xen directories in
  the xen-store service, which are needed by the xl command.
  The directories could be created by any other script as long as
  they are guaranteed to exist before xl is called.
* Fix a reference to /bin/ls in the xendomains script.
2015-07-15 12:38:37 +02:00
Thomas Strobel
649697ddcf Xen: add XEN 4.5.1 2015-07-02 16:37:03 +02:00
Thomas Strobel
6bd694321d Xen: enable Spice/QXL + add libhvm + minor fixes 2015-07-02 16:33:01 +02:00
Thomas Strobel
6ad73af7a2 Fix: Build Xen only for x86_64 Linux platforms. 2015-02-27 08:13:05 +01:00
Bjørn Forsman
34f8d2597c Fix eval (xen: bridge_utils => bridge-utils) 2015-02-26 20:49:33 +01:00
Thomas Strobel
3d4fbb874c Update: add new Xen versions + update NixOS Xen modules
Versions of XEN:
- Xen 4.5
- Xen 4.5 + XenServer patches
- Xen 4.4.1
2015-02-25 23:30:44 +01:00
Bjørn Forsman
97875ac175 bridge-utils: align attrname with pkgname 2015-02-20 22:30:51 +01:00
Thomas Strobel
732c303bb8 Update: Xen -> 4.4.1 2014-12-22 09:51:27 +01:00
Domen Kožar
58b6c4fce9 xen: note about security for next bump 2014-10-02 10:23:09 +02:00
Eelco Dolstra
8a7f3c3618 Mark a bunch of packages as broken or not supported on Darwin 2014-08-08 17:59:02 +02:00
Rob Vermaas
64561b437d Remove broken flag for xen, build with gcc45. 2014-08-01 17:18:27 +02:00
Eelco Dolstra
754704ea18 Allow packages to be marked as "broken" by setting meta.broken
The effect is that they won't show up in "nix-env -qa" anymore.
2013-11-04 21:11:00 +01:00
Jan Malakhovski
da7408e105 xen: Support PCI passthrough.
Previous commit reverted Xen back to 4.0.3 because xend from 4.1.* and newer
hangs for unknown reasons.
The new "xl" toolstack from 4.1.* and unstable works, yet PCI passthrough is not
supported by xl in 4.1.* and is broken in the unstable.

With this patch I was able to passthrough ATI Radeon HD 6950 without 3D
acceleration, though, to both Linux and Windows guests. Which is the best
archived result with Xen PCI passthrough on NixOS after trying out all possible
Xen versions.
Same VGA card works fine if passed through into a guest with KVM (acceleration,
GPGPU, everything works). I should have tried KVM from the start.
2012-08-08 03:16:57 +04:00
Jan Malakhovski
bff9f2720f Revert "xen: update to version 4.1.2"
This reverts commit af32fd6ce3.
2012-08-08 02:30:25 +04:00
Peter Simons
af32fd6ce3 xen: update to version 4.1.2
Patch submitted by Jan Malakhovski <oxij@oxij.org>.
2012-07-02 17:45:47 +02:00
Eelco Dolstra
a0bc441980 * Updated Xen to 4.0.3 (mostly to get it to build with GCC 4.6).
svn path=/nixpkgs/branches/stdenv-updates/; revision=32380
2012-02-18 00:18:26 +00:00
Eelco Dolstra
ed58c55155 * xen: Build succesfully if $out already exists (needed for WCRE).
svn path=/nixpkgs/trunk/; revision=27580
2011-07-02 19:21:28 +00:00
Eelco Dolstra
353d450867 * wrapPythonPrograms: don't hard-code the Python library prefix.
svn path=/nixpkgs/branches/modular-python/; revision=26594
2011-03-29 15:19:59 +00:00