Loading nixos/modules/config/no-x-libs.nix +1 −0 Original line number Diff line number Diff line Loading @@ -38,6 +38,7 @@ with lib; gpsd = super.gpsd.override { guiSupport = false; }; graphviz = super.graphviz-nox; gst_all_1 = super.gst_all_1 // { gst-plugins-bad = super.gst_all_1.gst-plugins-bad.override { guiSupport = false; }; gst-plugins-base = super.gst_all_1.gst-plugins-base.override { enableX11 = false; }; }; imagemagick = super.imagemagick.override { libX11Support = false; libXtSupport = false; }; Loading nixos/tests/apparmor.nix +8 −2 Original line number Diff line number Diff line import ./make-test-python.nix ({ pkgs, ... } : { import ./make-test-python.nix ({ pkgs, lib, ... } : { name = "apparmor"; meta.maintainers = with lib.maintainers; [ julm ]; Loading Loading @@ -27,7 +27,7 @@ import ./make-test-python.nix ({ pkgs, ... } : { # 4. Using `diff` against the expected output. with subtest("apparmorRulesFromClosure"): machine.succeed( "${pkgs.diffutils}/bin/diff ${pkgs.writeText "expected.rules" '' "${pkgs.diffutils}/bin/diff -u ${pkgs.writeText "expected.rules" '' mr ${pkgs.bash}/lib/**.so*, r ${pkgs.bash}, r ${pkgs.bash}/etc/**, Loading Loading @@ -64,6 +64,12 @@ import ./make-test-python.nix ({ pkgs, ... } : { r ${pkgs.libunistring}/lib/**, r ${pkgs.libunistring}/share/**, x ${pkgs.libunistring}/foo/**, mr ${pkgs.glibc.libgcc}/lib/**.so*, r ${pkgs.glibc.libgcc}, r ${pkgs.glibc.libgcc}/etc/**, r ${pkgs.glibc.libgcc}/lib/**, r ${pkgs.glibc.libgcc}/share/**, x ${pkgs.glibc.libgcc}/foo/**, ''} ${pkgs.runCommand "actual.rules" { preferLocalBuild = true; } '' ${pkgs.gnused}/bin/sed -e 's:^[^ ]* ${builtins.storeDir}/[^,/-]*-\([^/,]*\):\1 \0:' ${ pkgs.apparmorRulesFromClosure { Loading nixos/tests/systemd-boot-ovmf-broken-fat-driver.patch 0 → 100644 +25 −0 Original line number Diff line number Diff line From d87a7513c6f2f2824203032ef27caeb84892ed7e Mon Sep 17 00:00:00 2001 From: Will Fancher <elvishjerricco@gmail.com> Date: Tue, 30 May 2023 16:53:20 -0400 Subject: [PATCH] Intentionally break the fat driver --- FatPkg/EnhancedFatDxe/ReadWrite.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/FatPkg/EnhancedFatDxe/ReadWrite.c b/FatPkg/EnhancedFatDxe/ReadWrite.c index 8f525044d1f1..32c62ff7817b 100644 --- a/FatPkg/EnhancedFatDxe/ReadWrite.c +++ b/FatPkg/EnhancedFatDxe/ReadWrite.c @@ -216,6 +216,11 @@ FatIFileAccess ( Volume = OFile->Volume; Task = NULL; + if (*BufferSize > (10U * 1024U * 1024U)) { + IFile->Position += 10U * 1024U * 1024U; + return EFI_BAD_BUFFER_SIZE; + } + // // Write to a directory is unsupported // nixos/tests/systemd-boot.nix +25 −0 Original line number Diff line number Diff line Loading @@ -251,4 +251,29 @@ in machine.succeed("test -e /boot/efi/nixos/.extra-files/efi/netbootxyz/netboot.xyz.efi") ''; }; # See: [Firmware file size bug] in systemd/default.nix uefiLargeFileWorkaround = makeTest { name = "uefi-large-file-workaround"; nodes.machine = { pkgs, ... }: { imports = [common]; virtualisation.efi.OVMF = pkgs.OVMF.overrideAttrs (old: { # This patch deliberately breaks the FAT driver in EDK2 to # exhibit (part of) the firmware bug that we are testing # for. Files greater than 10MiB will fail to be read in a # single Read() call, so systemd-boot will fail to load the # initrd without a workaround. The number 10MiB was chosen # because if it were smaller than the kernel size, even the # LoadImage call would fail, which is not the failure mode # we're testing for. It needs to be between the kernel size # and the initrd size. patches = old.patches or [] ++ [ ./systemd-boot-ovmf-broken-fat-driver.patch ]; }); }; testScript = '' machine.wait_for_unit("multi-user.target") ''; }; } pkgs/applications/audio/tetraproc/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { ''; postInstall = '' # Make sure Jack is avalable in $PATH for tetraproc # Make sure Jack is available in $PATH for tetraproc wrapProgram $out/bin/tetraproc --prefix PATH : "${jack2}/bin" ''; Loading Loading
nixos/modules/config/no-x-libs.nix +1 −0 Original line number Diff line number Diff line Loading @@ -38,6 +38,7 @@ with lib; gpsd = super.gpsd.override { guiSupport = false; }; graphviz = super.graphviz-nox; gst_all_1 = super.gst_all_1 // { gst-plugins-bad = super.gst_all_1.gst-plugins-bad.override { guiSupport = false; }; gst-plugins-base = super.gst_all_1.gst-plugins-base.override { enableX11 = false; }; }; imagemagick = super.imagemagick.override { libX11Support = false; libXtSupport = false; }; Loading
nixos/tests/apparmor.nix +8 −2 Original line number Diff line number Diff line import ./make-test-python.nix ({ pkgs, ... } : { import ./make-test-python.nix ({ pkgs, lib, ... } : { name = "apparmor"; meta.maintainers = with lib.maintainers; [ julm ]; Loading Loading @@ -27,7 +27,7 @@ import ./make-test-python.nix ({ pkgs, ... } : { # 4. Using `diff` against the expected output. with subtest("apparmorRulesFromClosure"): machine.succeed( "${pkgs.diffutils}/bin/diff ${pkgs.writeText "expected.rules" '' "${pkgs.diffutils}/bin/diff -u ${pkgs.writeText "expected.rules" '' mr ${pkgs.bash}/lib/**.so*, r ${pkgs.bash}, r ${pkgs.bash}/etc/**, Loading Loading @@ -64,6 +64,12 @@ import ./make-test-python.nix ({ pkgs, ... } : { r ${pkgs.libunistring}/lib/**, r ${pkgs.libunistring}/share/**, x ${pkgs.libunistring}/foo/**, mr ${pkgs.glibc.libgcc}/lib/**.so*, r ${pkgs.glibc.libgcc}, r ${pkgs.glibc.libgcc}/etc/**, r ${pkgs.glibc.libgcc}/lib/**, r ${pkgs.glibc.libgcc}/share/**, x ${pkgs.glibc.libgcc}/foo/**, ''} ${pkgs.runCommand "actual.rules" { preferLocalBuild = true; } '' ${pkgs.gnused}/bin/sed -e 's:^[^ ]* ${builtins.storeDir}/[^,/-]*-\([^/,]*\):\1 \0:' ${ pkgs.apparmorRulesFromClosure { Loading
nixos/tests/systemd-boot-ovmf-broken-fat-driver.patch 0 → 100644 +25 −0 Original line number Diff line number Diff line From d87a7513c6f2f2824203032ef27caeb84892ed7e Mon Sep 17 00:00:00 2001 From: Will Fancher <elvishjerricco@gmail.com> Date: Tue, 30 May 2023 16:53:20 -0400 Subject: [PATCH] Intentionally break the fat driver --- FatPkg/EnhancedFatDxe/ReadWrite.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/FatPkg/EnhancedFatDxe/ReadWrite.c b/FatPkg/EnhancedFatDxe/ReadWrite.c index 8f525044d1f1..32c62ff7817b 100644 --- a/FatPkg/EnhancedFatDxe/ReadWrite.c +++ b/FatPkg/EnhancedFatDxe/ReadWrite.c @@ -216,6 +216,11 @@ FatIFileAccess ( Volume = OFile->Volume; Task = NULL; + if (*BufferSize > (10U * 1024U * 1024U)) { + IFile->Position += 10U * 1024U * 1024U; + return EFI_BAD_BUFFER_SIZE; + } + // // Write to a directory is unsupported //
nixos/tests/systemd-boot.nix +25 −0 Original line number Diff line number Diff line Loading @@ -251,4 +251,29 @@ in machine.succeed("test -e /boot/efi/nixos/.extra-files/efi/netbootxyz/netboot.xyz.efi") ''; }; # See: [Firmware file size bug] in systemd/default.nix uefiLargeFileWorkaround = makeTest { name = "uefi-large-file-workaround"; nodes.machine = { pkgs, ... }: { imports = [common]; virtualisation.efi.OVMF = pkgs.OVMF.overrideAttrs (old: { # This patch deliberately breaks the FAT driver in EDK2 to # exhibit (part of) the firmware bug that we are testing # for. Files greater than 10MiB will fail to be read in a # single Read() call, so systemd-boot will fail to load the # initrd without a workaround. The number 10MiB was chosen # because if it were smaller than the kernel size, even the # LoadImage call would fail, which is not the failure mode # we're testing for. It needs to be between the kernel size # and the initrd size. patches = old.patches or [] ++ [ ./systemd-boot-ovmf-broken-fat-driver.patch ]; }); }; testScript = '' machine.wait_for_unit("multi-user.target") ''; }; }
pkgs/applications/audio/tetraproc/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { ''; postInstall = '' # Make sure Jack is avalable in $PATH for tetraproc # Make sure Jack is available in $PATH for tetraproc wrapProgram $out/bin/tetraproc --prefix PATH : "${jack2}/bin" ''; Loading
