Skip to content

xen: delete patching infrastructure, 4.19.0 -> 4.19.0-unstable-2024-11-12#355535

Merged
emilazy merged 4 commits into
NixOS:masterfrom
SigmaSquadron:push-leznytsvqigy
Nov 12, 2024
Merged

xen: delete patching infrastructure, 4.19.0 -> 4.19.0-unstable-2024-11-12#355535
emilazy merged 4 commits into
NixOS:masterfrom
SigmaSquadron:push-leznytsvqigy

Conversation

@SigmaSquadron

@SigmaSquadron SigmaSquadron commented Nov 12, 2024
edited
Loading

Copy link
Copy Markdown
Contributor

As discussed in the Xen room and #355434

(hopefully) fixes #350179
fixes CVE-2024-45818 (XSA 463)

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review pr 355535". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

nope, despite the branch name, i'm still not using jj. I thought it would be a funny reference to a certain discussion in the Nixpkgs contributions room.

@SigmaSquadron
xen: fix IPXE sourcing
e3b83d4 
`xl` needs a full path to the efirom executable.
This does not fix the qemu-dm issue. A stubdom is still required.

Reported-by: HeHongbo <hehongbo@mail.com>
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
@SigmaSquadron
xen: resolve some TODO comments
ffd38a7 
- Migrates to the new platform declaration style.
- Removes the separate output TODO, as it is an impossible task.
- Removes some superfluous comments.

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
@github-actions github-actions Bot added the 6.topic: xen-project Issues and PRs related to the Xen Project Hypervisor. label Nov 12, 2024
@SigmaSquadron SigmaSquadron marked this pull request as ready for review November 12, 2024 22:06
@SigmaSquadron SigmaSquadron added 1.severity: security Issues which raise a security issue, or PRs that fix one and removed 2.status: work-in-progress labels Nov 12, 2024
@nix-owners nix-owners Bot requested a review from philiptaron November 12, 2024 22:07
@SigmaSquadron
xen: delete patching infrastructure
a1f03a0 
Overengineered for no good reason, especially since upstream Xen
recommends downstreams to use the latest stable branch anyway (instead
of the pinned release revision)

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
@SigmaSquadron
xen: 4.19.0 -> 4.19.0-unstable-2024-11-12
e4ab3bf 
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
emilazy
emilazy approved these changes Nov 12, 2024
View reviewed changes

@emilazy emilazy left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 355535

x86_64-linux

⏩ 1 package marked as broken and skipped:
  • qubes-core-vchan-xen
❌ 1 package failed to build:
  • vagrant
✅ 64 packages built:
  • appvm
  • collectd
  • diffoscope
  • diffoscope.dist
  • diffoscope.man
  • docker-machine-kvm2
  • fdroidserver
  • fdroidserver.dist
  • garble
  • gnome-boxes
  • guestfs-tools
  • htcondor
  • libguestfs
  • libguestfs-with-appliance
  • libguestfs-with-appliance.guestfsd
  • libguestfs.guestfsd
  • librenms
  • libvirt
  • libvirt-glib
  • libvirt-glib.dev
  • libvirt-glib.devdoc
  • libvmi
  • libvmi.dev
  • libvmi.lib
  • mgmt
  • minikube
  • multipass
  • ocamlPackages.ocaml_libvirt
  • perl538Packages.SysVirt
  • perl538Packages.SysVirt.devdoc
  • perl540Packages.SysVirt
  • perl540Packages.SysVirt.devdoc
  • python311Packages.guestfs
  • python311Packages.guestfs.dist
  • python311Packages.libvirt
  • python311Packages.libvirt.dist
  • python311Packages.xen
  • python311Packages.xen.boot
  • python311Packages.xen.dev
  • python311Packages.xen.doc
  • python311Packages.xen.man
  • python312Packages.guestfs
  • python312Packages.guestfs.dist
  • python312Packages.libvirt
  • python312Packages.libvirt.dist
  • xen (python312Packages.xen)
  • xen.boot (python312Packages.xen.boot)
  • xen.dev (python312Packages.xen.dev)
  • xen.doc (python312Packages.xen.doc)
  • xen.man (python312Packages.xen.man)
  • qemu_xen
  • qemu_xen.debug
  • qemu_xen.ga
  • rubyPackages.ruby-libvirt
  • rubyPackages_3_1.ruby-libvirt
  • rubyPackages_3_2.ruby-libvirt
  • rubyPackages_3_4.ruby-libvirt
  • virt-manager
  • virt-manager-qt
  • virt-manager.dist
  • virt-top
  • virt-v2v
  • virt-viewer
  • xen-guest-agent

@emilazy

emilazy commented Nov 12, 2024

Copy link
Copy Markdown
Member

Vagrant failure is a little scary, but seems unrelated. Building again just to check if it’s flaky.

@SigmaSquadron

SigmaSquadron commented Nov 12, 2024

Copy link
Copy Markdown
Contributor Author

It's not flaky, but it is unrelated. Vagrant has been failing for a while. (#348938)

@emilazy

emilazy commented Nov 12, 2024

Copy link
Copy Markdown
Member

Oh, Hydra doesn’t even build it because it’s non‐Free. Yeah, merging.

@emilazy emilazy merged commit 086e523 into NixOS:master Nov 12, 2024
@SigmaSquadron SigmaSquadron deleted the push-leznytsvqigy branch November 13, 2024 13:51
@SigmaSquadron SigmaSquadron mentioned this pull request Nov 13, 2024
Closed
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@emilazy emilazy emilazy approved these changes

@hehongbo hehongbo Awaiting requested review from hehongbo hehongbo was automatically assigned from NixOS/xen-project

@digitalrane digitalrane Awaiting requested review from digitalrane digitalrane was automatically assigned from NixOS/xen-project

@CertainLach CertainLach Awaiting requested review from CertainLach CertainLach was automatically assigned from NixOS/xen-project

@philiptaron philiptaron Awaiting requested review from philiptaron

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: xen-project Issues and PRs related to the Xen Project Hypervisor.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

xen: ipxe is passed as directory (of the package) but not the firmware file

2 participants

@SigmaSquadron @emilazy