mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-21 20:34:06 +00:00
kvmfr: backport security patch for potential buffer overflow & build fix for linux_6_10 (#331206)
This commit is contained in:
commit
98101aecec
@ -1,57 +0,0 @@
|
||||
From: Geoffrey McRae <geoff@hostfission.com>
|
||||
Date: Wed, 13 Mar 2024 11:17:25 +1100
|
||||
Subject: [PATCH] [client] cmake: move X11 config directives to
|
||||
`displayservers`
|
||||
|
||||
---
|
||||
client/CMakeLists.txt | 7 -------
|
||||
client/displayservers/CMakeLists.txt | 7 +++++++
|
||||
2 files changed, 7 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git client/CMakeLists.txt client/CMakeLists.txt
|
||||
index 3755adcf..eeeb3eb0 100644
|
||||
--- client/CMakeLists.txt
|
||||
+++ client/CMakeLists.txt
|
||||
@@ -42,19 +42,12 @@ add_feature_info(ENABLE_ASAN ENABLE_ASAN "AddressSanitizer support.")
|
||||
option(ENABLE_UBSAN "Build with UndefinedBehaviorSanitizer" OFF)
|
||||
add_feature_info(ENABLE_UBSAN ENABLE_UBSAN "UndefinedBehaviorSanitizer support.")
|
||||
|
||||
-option(ENABLE_X11 "Build with X11 support" ON)
|
||||
-add_feature_info(ENABLE_X11 ENABLE_X11 "X11 support.")
|
||||
-
|
||||
option(ENABLE_PIPEWIRE "Build with PipeWire audio output support" ON)
|
||||
add_feature_info(ENABLE_PIPEWIRE ENABLE_PIPEWIRE "PipeWire audio support.")
|
||||
|
||||
option(ENABLE_PULSEAUDIO "Build with PulseAudio audio output support" ON)
|
||||
add_feature_info(ENABLE_PULSEAUDIO ENABLE_PULSEAUDIO "PulseAudio audio support.")
|
||||
|
||||
-if (NOT ENABLE_X11 AND NOT ENABLE_WAYLAND)
|
||||
- message(FATAL_ERROR "Either ENABLE_X11 or ENABLE_WAYLAND must be on")
|
||||
-endif()
|
||||
-
|
||||
add_compile_options(
|
||||
"-Wall"
|
||||
"-Wextra"
|
||||
diff --git client/displayservers/CMakeLists.txt client/displayservers/CMakeLists.txt
|
||||
index 5b5f827a..e7c4b25a 100644
|
||||
--- client/displayservers/CMakeLists.txt
|
||||
+++ client/displayservers/CMakeLists.txt
|
||||
@@ -18,9 +18,16 @@ function(add_displayserver name)
|
||||
add_subdirectory(${name})
|
||||
endfunction()
|
||||
|
||||
+option(ENABLE_X11 "Build with X11 support" ON)
|
||||
+add_feature_info(ENABLE_X11 ENABLE_X11 "X11 support.")
|
||||
+
|
||||
option(ENABLE_WAYLAND "Build with Wayland support" ON)
|
||||
add_feature_info(ENABLE_WAYLAND ENABLE_WAYLAND "Wayland support.")
|
||||
|
||||
+if (NOT ENABLE_X11 AND NOT ENABLE_WAYLAND)
|
||||
+ message(FATAL_ERROR "Either ENABLE_X11 or ENABLE_WAYLAND must be on")
|
||||
+endif()
|
||||
+
|
||||
# Add/remove displayservers here!
|
||||
if (ENABLE_WAYLAND)
|
||||
add_displayserver(Wayland)
|
||||
--
|
||||
2.43.1
|
@ -1,5 +1,6 @@
|
||||
{ stdenv
|
||||
, lib
|
||||
, fetchpatch
|
||||
, fetchFromGitHub
|
||||
, makeDesktopItem
|
||||
, pkg-config
|
||||
@ -62,7 +63,11 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
|
||||
patches = [
|
||||
# Fix failing cmake assertion when disabling X11 whithout explicitly enabling Wayland.
|
||||
./0001-client-cmake-move-X11-config-directives-to-displayse.patch
|
||||
(fetchpatch {
|
||||
url = "https://github.com/gnif/LookingGlass/commit/20972cfd9b940fddf9e7f3d2887a271d16398979.patch";
|
||||
hash = "sha256-CqB8AmOZ4YxnEsQkyu/ZEaun6ywpSh4B7PM+MFJF0qU=";
|
||||
stripLen = 1;
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config wayland-scanner ];
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ lib, stdenv, kernel, looking-glass-client }:
|
||||
{ lib, stdenv, fetchpatch, kernel, looking-glass-client }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "kvmfr";
|
||||
@ -9,6 +9,23 @@ stdenv.mkDerivation {
|
||||
hardeningDisable = [ "pic" "format" ];
|
||||
nativeBuildInputs = kernel.moduleBuildDependencies;
|
||||
|
||||
patches = [
|
||||
# fix build for linux-6_10
|
||||
(fetchpatch {
|
||||
url = "https://github.com/gnif/LookingGlass/commit/7305ce36af211220419eeab302ff28793d515df2.patch";
|
||||
hash = "sha256-97nZsIH+jKCvSIPf1XPf3i8Wbr24almFZzMOhjhLOYk=";
|
||||
stripLen = 1;
|
||||
})
|
||||
|
||||
# securtiy patch for potential buffer overflow
|
||||
# https://github.com/gnif/LookingGlass/issues/1133
|
||||
(fetchpatch {
|
||||
url = "https://github.com/gnif/LookingGlass/commit/3ea37b86e38a87ee35eefb5d8fcc38b8dc8e2903.patch";
|
||||
hash = "sha256-Kk1gN1uB86ZJA374zmzM9dwwfMZExJcix3hee7ifpp0=";
|
||||
stripLen = 1;
|
||||
})
|
||||
];
|
||||
|
||||
makeFlags = [
|
||||
"KVER=${kernel.modDirVersion}"
|
||||
"KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
|
||||
|
Loading…
Reference in New Issue
Block a user