Merge pull request #18567 (VirtualBox 5.1.6)

This introduces VirtualBox version 5.1.6 along with a few refactored
stuff, notably:

  * Kernel modules and user space applications are now separate
    derivations.
  * If config.pulseaudio doesn't exist in nixpkgs config, the default is
    now to build with PulseAudio modules.
  * A new updater to keep VirtualBox up to date.

All subtests in nixos/tests/virtualbox.nix succeed on my machine and
VirtualBox was reported to be working by @DamienCassou (although with
unrelated audio problems for another fix/branch) and @calbrecht.

nixos/doc/manual/release-notes/rl-1609.xml

@@ -90,6 +90,15 @@ following incompatible changes:</para>
     Use <literal>security.audit.enable = true;</literal> to explicitly enable it.</para>
   </listitem>
 
+  <listitem>
+    <para>
+      <literal>pkgs.linuxPackages.virtualbox</literal> now contains only the
+      kernel modules instead of the VirtualBox user space binaries.
+      If you want to reference the user space binaries, you have to use the new
+      <literal>pkgs.virtualbox</literal> instead.
+    </para>
+  </listitem>
+
 </itemizedlist>
 
 

nixos/modules/virtualisation/virtualbox-host.nix

@@ -4,10 +4,15 @@ with lib;
 
 let
   cfg = config.virtualisation.virtualbox.host;
-  virtualbox = config.boot.kernelPackages.virtualbox.override {
+
+  virtualbox = pkgs.virtualbox.override {
     inherit (cfg) enableHardening headless;
   };
 
+  kernelModules = config.boot.kernelPackages.virtualbox.override {
+    inherit virtualbox;
+  };
+
 in
 
 {
@@ -60,7 +65,7 @@ in
 
   config = mkIf cfg.enable (mkMerge [{
     boot.kernelModules = [ "vboxdrv" "vboxnetadp" "vboxnetflt" ];
-    boot.extraModulePackages = [ virtualbox ];
+    boot.extraModulePackages = [ kernelModules ];
     environment.systemPackages = [ virtualbox ];
 
     security.setuidOwners = let

nixos/modules/virtualisation/virtualbox-image.nix

@@ -34,7 +34,7 @@ in {
       postVM =
         ''
           export HOME=$PWD
-          export PATH=${pkgs.linuxPackages.virtualbox}/bin:$PATH
+          export PATH=${pkgs.virtualbox}/bin:$PATH
 
           echo "creating VirtualBox pass-through disk wrapper (no copying invovled)..."
           VBoxManage internalcommands createrawvmdk -filename disk.vmdk -rawdisk $diskImage

nixos/tests/virtualbox.nix

@@ -144,6 +144,7 @@ let
       "--uart1 0x3F8 4"
       "--uartmode1 client /run/virtualbox-log-${name}.sock"
       "--memory 768"
+      "--audio none"
     ] ++ (attrs.vmFlags or []));
 
     controllerFlags = mkFlags [
@@ -273,9 +274,12 @@ let
 
       sub shutdownVM_${name} {
         $machine->succeed(ru "touch ${sharePath}/shutdown");
-        $machine->waitUntilSucceeds(
-          "test ! -e ${sharePath}/shutdown ".
-          "  -a ! -e ${sharePath}/boot-done"
+        $machine->execute(
+          'set -e; i=0; '.
+          'while test -e ${sharePath}/shutdown '.
+          '        -o -e ${sharePath}/boot-done; do '.
+          'sleep 1; i=$(($i + 1)); [ $i -le 3600 ]; '.
+          'done'
         );
         waitForShutdown_${name};
       }
@@ -386,6 +390,7 @@ in mapAttrs mkVBoxTest {
     $machine->sendKeys("ctrl-q");
     $machine->sleep(5);
     $machine->screenshot("gui_manager_stopped");
+    destroyVM_simple;
   '';
 
   simple-cli = ''
@@ -403,6 +408,7 @@ in mapAttrs mkVBoxTest {
     });
 
     shutdownVM_simple;
+    destroyVM_simple;
   '';
 
   headless = ''
@@ -411,6 +417,7 @@ in mapAttrs mkVBoxTest {
     waitForStartup_headless;
     waitForVMBoot_headless;
     shutdownVM_headless;
+    destroyVM_headless;
   '';
 
   host-usb-permissions = ''

pkgs/applications/virtualization/virtualbox/default.nix

@@ -1,8 +1,8 @@
 { stdenv, fetchurl, lib, iasl, dev86, pam, libxslt, libxml2, libX11, xproto, libXext
-, libXcursor, libXmu, qt4, libIDL, SDL, libcap, zlib, libpng, glib, kernel, lvm2
-, libXrandr
+, libXcursor, libXmu, qt5, libIDL, SDL, libcap, zlib, libpng, glib, lvm2
+, libXrandr, libXinerama
 , which, alsaLib, curl, libvpx, gawk, nettools, dbus
-, xorriso, makeself, perl, pkgconfig, nukeReferences
+, xorriso, makeself, perl, pkgconfig
 , javaBindings ? false, jdk ? null
 , pythonBindings ? false, python ? null
 , enableExtensionPack ? false, requireFile ? null, patchelf ? null, fakeroot ? null
@@ -16,37 +16,12 @@ with stdenv.lib;
 let
   buildType = "release";
 
-  # When changing this, update ./guest-additions and the extpack
-  # revision/hash as well. See
-  # http://download.virtualbox.org/virtualbox/${version}/SHA256SUMS
-  # for hashes.
-  version = "5.0.26";
-
-  forEachModule = action: ''
-    for mod in \
-      out/linux.*/${buildType}/bin/src/vboxdrv \
-      out/linux.*/${buildType}/bin/src/vboxpci \
-      out/linux.*/${buildType}/bin/src/vboxnetadp \
-      out/linux.*/${buildType}/bin/src/vboxnetflt
-    do
-      if [ "x$(basename "$mod")" != xvboxdrv -a ! -e "$mod/Module.symvers" ]
-      then
-        cp -v out/linux.*/${buildType}/bin/src/vboxdrv/Module.symvers \
-          "$mod/Module.symvers"
-      fi
-      INSTALL_MOD_PATH="$out" INSTALL_MOD_DIR=misc \
-      make -j $NIX_BUILD_CORES -C "$MODULES_BUILD_DIR" DEPMOD=/do_not_use_depmod \
-        "M=\$(PWD)/$mod" BUILD_TYPE="${buildType}" ${action}
-    done
-  '';
+  inherit (importJSON ./upstream-info.json) version extpackRev extpack main;
 
   # See https://github.com/NixOS/nixpkgs/issues/672 for details
-  extpackRevision = "108824";
   extensionPack = requireFile rec {
-    name = "Oracle_VM_VirtualBox_Extension_Pack-${version}-${extpackRevision}.vbox-extpack";
-    # IMPORTANT: Hash must be base16 encoded because it's used as an input to
-    # VBoxExtPackHelperApp!
-    sha256 = "2f2302c7ba3d00a1258fe8e7767a6eb08dccdc3c31f6e3eeb74063c2c268b104";
+    name = "Oracle_VM_VirtualBox_Extension_Pack-${version}-${extpackRev}.vbox-extpack";
+    sha256 = extpack;
     message = ''
       In order to use the extension pack, you need to comply with the VirtualBox Personal Use
       and Evaluation License (PUEL) available at:
@@ -61,35 +36,36 @@ let
   };
 
 in stdenv.mkDerivation {
-  name = "virtualbox-${version}-${kernel.version}";
+  name = "virtualbox-${version}";
 
   src = fetchurl {
     url = "http://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
-    sha256 = "78dec1369d2c8feefea3c682d95e76c0e99414c56626388035cf4061d4dad62e";
+    sha256 = main;
   };
 
+  outputs = [ "out" "modsrc" ];
+
   buildInputs =
     [ iasl dev86 libxslt libxml2 xproto libX11 libXext libXcursor libIDL
       libcap glib lvm2 python alsaLib curl libvpx pam xorriso makeself perl
-      pkgconfig which libXmu nukeReferences ]
+      pkgconfig which libXmu libpng ]
     ++ optional javaBindings jdk
     ++ optional pythonBindings python
     ++ optional pulseSupport libpulseaudio
-    ++ optionals (headless) [ libXrandr libpng ]
-    ++ optionals (!headless) [ qt4 SDL ];
+    ++ optionals (headless) [ libXrandr ]
+    ++ optionals (!headless) [ qt5.qtbase qt5.qtx11extras libXinerama SDL ];
 
   hardeningDisable = [ "fortify" "pic" "stackprotector" ];
 
   prePatch = ''
     set -x
-    MODULES_BUILD_DIR=`echo ${kernel.dev}/lib/modules/*/build`
-    sed -e 's@/lib/modules/`uname -r`/build@'$MODULES_BUILD_DIR@ \
-        -e 's@MKISOFS --version@MKISOFS -version@' \
+    sed -e 's@MKISOFS --version@MKISOFS -version@' \
         -e 's@PYTHONDIR=.*@PYTHONDIR=${if pythonBindings then python else ""}@' \
-        -i configure
+        ${optionalString (!headless) ''
+        -e 's@TOOLQT5BIN=.*@TOOLQT5BIN="${getDev qt5.qtbase}/bin"@' \
+        ''} -i configure
     ls kBuild/bin/linux.x86/k* tools/linux.x86/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.glibc.out}/lib/ld-linux.so.2
     ls kBuild/bin/linux.amd64/k* tools/linux.amd64/bin/* | xargs -n 1 patchelf --set-interpreter ${stdenv.glibc.out}/lib/ld-linux-x86-64.so.2
-    find . -type f -iname '*makefile*' -exec sed -i -e 's/depmod -a/:/g' {} +
     sed -i -e '
       s@"libdbus-1\.so\.3"@"${dbus.lib}/lib/libdbus-1.so.3"@g
       s@"libasound\.so\.2"@"${alsaLib.out}/lib/libasound.so.2"@g
@@ -103,11 +79,12 @@ in stdenv.mkDerivation {
     set +x
   '';
 
-  patches = optional enableHardening ./hardened.patch;
+  patches = optional enableHardening ./hardened.patch
+    ++ [ ./libressl.patch ./qtx11extras.patch ];
 
   postPatch = ''
     sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \
-      src/apps/adpctl/VBoxNetAdpCtl.cpp
+      src/VBox/HostDrivers/adpctl/VBoxNetAdpCtl.cpp
   '';
 
   # first line: ugly hack, and it isn't yet clear why it's a problem
@@ -131,11 +108,15 @@ in stdenv.mkDerivation {
     ${optionalString javaBindings ''
     VBOX_JAVA_HOME                 := ${jdk}
     ''}
+    ${optionalString (!headless) ''
+    PATH_QT5_X11_EXTRAS_LIB        := ${getLib qt5.qtx11extras}/lib
+    PATH_QT5_X11_EXTRAS_INC        := ${getDev qt5.qtx11extras}/include
+    TOOL_QT5_LRC                   := ${getDev qt5.qttools}/bin/lrelease
+    ''}
     LOCAL_CONFIG
 
     ./configure \
       ${optionalString headless "--build-headless"} \
-      ${optionalString (!headless) "--with-qt4-dir=${qt4}"} \
       ${optionalString (!javaBindings) "--disable-java"} \
       ${optionalString (!pythonBindings) "--disable-python"} \
       ${optionalString (!pulseSupport) "--disable-pulse"} \
@@ -153,7 +134,6 @@ in stdenv.mkDerivation {
   buildPhase = ''
     source env.sh
     kmk -j $NIX_BUILD_CORES BUILD_TYPE="${buildType}"
-    ${forEachModule "modules"}
   '';
 
   installPhase = ''
@@ -165,9 +145,6 @@ in stdenv.mkDerivation {
     find out/linux.*/${buildType}/bin -mindepth 1 -maxdepth 1 \
       -name src -o -exec cp -avt "$libexec" {} +
 
-    # Install kernel modules
-    ${forEachModule "modules_install"}
-
     # Create wrapper script
     mkdir -p $out/bin
     for file in VirtualBox VBoxManage VBoxSDL VBoxBalloonCtrl VBoxBFE VBoxHeadless; do
@@ -199,8 +176,7 @@ in stdenv.mkDerivation {
       done
     ''}
 
-    # Get rid of a reference to linux.dev.
-    nuke-refs $out/lib/modules/*/misc/*.ko
+    cp -rv out/linux.*/${buildType}/bin/src "$modsrc"
   '';
 
   passthru = { inherit version; /* for guest additions */ };

pkgs/applications/virtualization/virtualbox/guest-additions/default.nix

@@ -12,7 +12,7 @@ stdenv.mkDerivation {
 
   src = fetchurl {
     url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso";
-    sha256 = "7458ee5a7121a7d243fd6a7528ba427945d9120c5efc7cd75b3951fb01f09c59";
+    sha256 = (lib.importJSON ../upstream-info.json).guest;
   };
 
   KERN_DIR = "${kernel.dev}/lib/modules/*/build";

pkgs/applications/virtualization/virtualbox/libressl.patch

@@ -0,0 +1,47 @@
+diff --git a/src/VBox/Runtime/common/crypto/digest-builtin.cpp b/src/VBox/Runtime/common/crypto/digest-builtin.cpp
+index 66b4304..1aaceff 100644
+--- a/src/VBox/Runtime/common/crypto/digest-builtin.cpp
++++ b/src/VBox/Runtime/common/crypto/digest-builtin.cpp
+@@ -561,7 +561,7 @@ static PCRTCRDIGESTDESC const g_apDigestOps[] =
+  * OpenSSL EVP.
+  */
+
+-# if OPENSSL_VERSION_NUMBER >= 0x10100000
++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+ /** @impl_interface_method{RTCRDIGESTDESC::pfnNew} */
+ static DECLCALLBACK(void*) rtCrDigestOsslEvp_New(void)
+ {
+@@ -597,7 +597,7 @@ static DECLCALLBACK(int) rtCrDigestOsslEvp_Init(void *pvState, void *pvOpaque, b
+     if (fReInit)
+     {
+         pEvpType = EVP_MD_CTX_md(pThis);
+-# if OPENSSL_VERSION_NUMBER >= 0x10100000
++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+         EVP_MD_CTX_reset(pThis);
+ # else
+         EVP_MD_CTX_cleanup(pThis);
+@@ -616,7 +616,7 @@ static DECLCALLBACK(int) rtCrDigestOsslEvp_Init(void *pvState, void *pvOpaque, b
+ static DECLCALLBACK(void) rtCrDigestOsslEvp_Delete(void *pvState)
+ {
+     EVP_MD_CTX *pThis = (EVP_MD_CTX *)pvState;
+-# if OPENSSL_VERSION_NUMBER >= 0x10100000
++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+     EVP_MD_CTX_reset(pThis);
+ # else
+     EVP_MD_CTX_cleanup(pThis);
+@@ -661,13 +661,13 @@ static RTCRDIGESTDESC const g_rtCrDigestOpenSslDesc =
+     NULL,
+     RTDIGESTTYPE_UNKNOWN,
+     EVP_MAX_MD_SIZE,
+-# if OPENSSL_VERSION_NUMBER >= 0x10100000
++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+     0,
+ # else
+     sizeof(EVP_MD_CTX),
+ # endif
+     0,
+-# if OPENSSL_VERSION_NUMBER >= 0x10100000
++# if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+     rtCrDigestOsslEvp_New,
+     rtCrDigestOsslEvp_Free,
+ # else

pkgs/applications/virtualization/virtualbox/qtx11extras.patch

@@ -0,0 +1,31 @@
+diff --git a/kBuild/units/qt5.kmk b/kBuild/units/qt5.kmk
+index 71b96a3..73391f0 100644
+--- a/kBuild/units/qt5.kmk
++++ b/kBuild/units/qt5.kmk
+@@ -994,9 +994,10 @@ else
+    $(eval $(target)_LIBS   += $(PATH_SDK_QT5_LIB)/$(qt_prefix)qtmain$(qt_infix)$(SUFF_LIB) )
+   endif
+  else
+-  $(eval $(target)_LIBS    += $(foreach module,$(qt_modules), $(PATH_SDK_QT5_LIB)/lib$(qt_prefix)Qt5$(module)$(qt_infix)$(SUFF_DLL)) )
++  $(eval $(target)_LIBS    += $(foreach module,$(qt_modules), $(PATH_SDK_QT5_LIB)/lib$(qt_prefix)Qt5$(module)$(qt_infix)$(SUFF_DLL)) \
++                              $(PATH_QT5_X11_EXTRAS_LIB)/lib$(qt_prefix)Qt5X11Extras$(qt_infix)$(SUFF_DLL))
+  endif
+- $(eval $(target)_INCS     += $(addprefix $(PATH_SDK_QT5_INC)/Qt,$(qt_modules)) $(PATH_SDK_QT5_INC) )
++ $(eval $(target)_INCS     += $(addprefix $(PATH_SDK_QT5_INC)/Qt,$(qt_modules)) $(PATH_SDK_QT5_INC) $(PATH_QT5_X11_EXTRAS_INC)/QtX11Extras )
+ endif
+ $(eval $(target)_DEFS      += $(foreach module,$(toupper $(qt_modules)), QT_$(module)_LIB) )
+
+diff --git a/src/VBox/Frontends/VirtualBox/Makefile.kmk b/src/VBox/Frontends/VirtualBox/Makefile.kmk
+index 38db6b0..7dd446b 100644
+--- a/src/VBox/Frontends/VirtualBox/Makefile.kmk
++++ b/src/VBox/Frontends/VirtualBox/Makefile.kmk
+@@ -912,9 +912,6 @@ VirtualBox_QT_MODULES = Core Gui
+ ifdef VBOX_WITH_QTGUI_V5
+  # Qt5 requires additional modules:
+  VirtualBox_QT_MODULES += Widgets PrintSupport
+- VirtualBox_QT_MODULES.linux   += X11Extras
+- VirtualBox_QT_MODULES.solaris += X11Extras
+- VirtualBox_QT_MODULES.freebsd += X11Extras
+  VirtualBox_QT_MODULES.darwin  += MacExtras
+  VirtualBox_QT_MODULES.win     += WinExtras
+ endif # VBOX_WITH_QTGUI_V5