crosvm: 81.12871.0.0-rc1 -> 99.14468.0.0-rc1

crosvm now uses submodules for all of its dependencies to ease out-of-tree builds, so we no longer need to try to reconstruct a partial Chromium OS source tree ourselves. Yay! But, it no longer comes with a Cargo.lock, so we have to bundle that.
2022-03-15 19:48:29 +00:00 · 2022-03-15 19:48:29 +00:00 · 6aefdafbed
commit 6aefdafbed
parent 071e3c9025
4 changed files with 1524 additions and 81 deletions
--- a/pkgs/applications/virtualization/crosvm/Cargo.lock
+++ b/pkgs/applications/virtualization/crosvm/Cargo.lock
--- a/pkgs/applications/virtualization/crosvm/default.nix
+++ b/pkgs/applications/virtualization/crosvm/default.nix
@ -1,5 +1,6 @@
-{ stdenv, lib, rustPlatform, fetchgit, runCommand, symlinkJoin
-, pkg-config, minijail, dtc, libusb1, libcap, linux
+{ stdenv, lib, rustPlatform, fetchgit
+, pkg-config, wayland-scanner, libcap, minijail, wayland, wayland-protocols
+, linux
 }:

 let
@ -11,55 +12,26 @@ let
    else if isx86_64 then "x86_64"
    else throw "no seccomp policy files available for host platform";

-  crosvmSrc = fetchgit {
-    inherit (upstreamInfo.components."chromiumos/platform/crosvm")
-      url rev sha256 fetchSubmodules;
-  };
-
-  adhdSrc = fetchgit {
-    inherit (upstreamInfo.components."chromiumos/third_party/adhd")
-      url rev sha256 fetchSubmodules;
-  };
-
 in

  rustPlatform.buildRustPackage rec {
    pname = "crosvm";
    inherit (upstreamInfo) version;

-    unpackPhase = ''
-      runHook preUnpack
-
-      mkdir -p chromiumos/platform chromiumos/third_party
-
-      pushd chromiumos/platform
-      unpackFile ${crosvmSrc}
-      mv ${crosvmSrc.name} crosvm
-      popd
-
-      pushd chromiumos/third_party
-      unpackFile ${adhdSrc}
-      mv ${adhdSrc.name} adhd
-      popd
-
-      chmod -R u+w -- "$sourceRoot"
-
-      runHook postUnpack
-    '';
-
-    sourceRoot = "chromiumos/platform/crosvm";
+    src = fetchgit (builtins.removeAttrs upstreamInfo.src [ "date" "path" ]);

    patches = [
      ./default-seccomp-policy-dir.diff
    ];

-    cargoSha256 = "0aax0slg59afbyn3ygswwap2anv11k6sr9hfpysb4f8rvymvx7hd";
+    cargoLock.lockFile = ./Cargo.lock;

-    nativeBuildInputs = [ pkg-config ];
+    nativeBuildInputs = [ pkg-config wayland-scanner ];

-    buildInputs = [ dtc libcap libusb1 minijail ];
+    buildInputs = [ libcap minijail wayland wayland-protocols ];

    postPatch = ''
+      cp ${./Cargo.lock} Cargo.lock
      sed -i "s|/usr/share/policy/crosvm/|$out/share/policy/|g" \
             seccomp/*/*.policy
    '';
@ -77,11 +49,7 @@ in
      lib.optionalString (stdenv.buildPlatform == stdenv.hostPlatform)
        "${linux}/${stdenv.hostPlatform.linux-kernel.target}";

-    passthru = {
-      inherit adhdSrc;
-      src = crosvmSrc;
-      updateScript = ./update.py;
-    };
+    passthru.updateScript = ./update.py;

    meta = with lib; {
      description = "A secure virtual machine monitor for KVM";
--- a/pkgs/applications/virtualization/crosvm/update.py
+++ b/pkgs/applications/virtualization/crosvm/update.py
@ -12,9 +12,7 @@ from lxml import etree
 from lxml.etree import HTMLParser
 from urllib.request import urlopen

-# ChromiumOS components required to build crosvm.
-components = ['chromiumos/platform/crosvm', 'chromiumos/third_party/adhd']
-
+git_path = 'chromiumos/platform/crosvm'
 git_root = 'https://chromium.googlesource.com/'
 manifest_versions = f'{git_root}chromiumos/manifest-versions'
 buildspecs_url = f'{manifest_versions}/+/refs/heads/master/full/buildspecs/'
@ -54,32 +52,27 @@ with urlopen(f'{buildspecs_url}{chrome_major_version}/?format=TEXT') as resp:
    buildspecs.sort(reverse=True)
    buildspec = splitext(buildspecs[0])[0]

-revisions = {}
-
-# Read the buildspec, and extract the git revisions for each component.
+# Read the buildspec, and extract the git revision.
 with urlopen(f'{buildspecs_url}{chrome_major_version}/{buildspec}.xml?format=TEXT') as resp:
    xml = base64.decodebytes(resp.read())
    root = etree.fromstring(xml)
-    for project in root.findall('project'):
-        revisions[project.get('name')] = project.get('revision')
+    revision = root.find(f'./project[@name="{git_path}"]').get('revision')

 # Initialize the data that will be output from this script.  Leave the
 # rc number in buildspec so nobody else is subject to the same level
 # of confusion I have been.
-data = {'version': f'{chrome_major_version}.{buildspec}', 'components': {}}
+data = {'version': f'{chrome_major_version}.{buildspec}'}

-# Fill in the 'components' dictionary with the output from
-# nix-prefetch-git, which can be passed straight to fetchGit when
-# imported by Nix.
-for component in components:
-    argv = ['nix-prefetch-git',
-            '--url', git_root + component,
-            '--rev', revisions[component]]
+# Fill in the 'src' key with the output from nix-prefetch-git, which
+# can be passed straight to fetchGit when imported by Nix.
+argv = ['nix-prefetch-git',
+        '--fetch-submodules',
+        '--url', git_root + git_path,
+        '--rev', revision]
+output = subprocess.check_output(argv)
+data['src'] = json.loads(output.decode('utf-8'))

-    output = subprocess.check_output(argv)
-    data['components'][component] = json.loads(output.decode('utf-8'))
-
-# Find the path to crosvm's default.nix, so the srcs data can be
+# Find the path to crosvm's default.nix, so the src data can be
 # written into the same directory.
 argv = ['nix-instantiate', '--eval', '--json', '-A', 'crosvm.meta.position']
 position = json.loads(subprocess.check_output(argv).decode('utf-8'))
--- a/pkgs/applications/virtualization/crosvm/upstream-info.json
+++ b/pkgs/applications/virtualization/crosvm/upstream-info.json
@ -1,23 +1,14 @@
 {
-  "version": "81.12871.0.0-rc1",
-  "components": {
-    "chromiumos/platform/crosvm": {
-      "url": "https://chromium.googlesource.com/chromiumos/platform/crosvm",
-      "rev": "8b8c01e1ad31718932491e4aee63f56109a138e2",
-      "date": "2020-01-25T02:28:10+00:00",
-      "sha256": "1qmf1k06pwynh15c3nr9m6v90z2pkk930xniwvlvbvnazrk4rllg",
-      "fetchSubmodules": false,
-      "deepClone": false,
-      "leaveDotGit": false
-    },
-    "chromiumos/third_party/adhd": {
-      "url": "https://chromium.googlesource.com/chromiumos/third_party/adhd",
-      "rev": "f361d5b02623274723bff251dafa1e2a2887b013",
-      "date": "2020-01-23T18:37:46+00:00",
-      "sha256": "1p8iwjwgmcgmzri03ik2jaid8l0ch0bzn6z9z64dix1hlrvrlliw",
-      "fetchSubmodules": false,
-      "deepClone": false,
-      "leaveDotGit": false
-    }
+  "version": "99.14468.0.0-rc1",
+  "src": {
+    "url": "https://chromium.googlesource.com/chromiumos/platform/crosvm",
+    "rev": "410ea3a1980bfe96968a7dfb7a7d203d43b186b2",
+    "date": "2022-01-11T00:01:17-08:00",
+    "path": "/nix/store/y2rpzh1any8c4nwnwkvir7241kbcj8fn-crosvm-410ea3a",
+    "sha256": "1bgwndh2f60ka1f8c8yqnqqkra510ai9miyfvvm0b3dnsdpy77kd",
+    "fetchLFS": false,
+    "fetchSubmodules": true,
+    "deepClone": false,
+    "leaveDotGit": false
  }
 }