Merge pull request #186418 from NickCao/krunvm

{ lib

, stdenv

, rustPlatform

, fetchFromGitHub

, asciidoctor

, libkrun

}:

stdenv.mkDerivation rec {

  pname = "krunvm";

  version = "0.2.1";

  src = fetchFromGitHub {

    owner = "containers";

    repo = pname;

    rev = "v${version}";

    sha256 = "sha256-rR762L8P+7ebE0u4MVCJoXc5mmqXlDFfSas+lFBMVFQ=";

  };

  cargoDeps = rustPlatform.fetchCargoTarball {

    inherit src;

    hash = "sha256-3WiXm90XiQHpCbhlkigg/ZATQeDdUKTstN7hwcsKm4o=";

  };

  nativeBuildInputs = with rustPlatform;[

    cargoSetupHook

    rust.cargo

    rust.rustc

    asciidoctor

  ];

  buildInputs = [ libkrun ];

  makeFlags = [ "PREFIX=${placeholder "out"}" ];

  meta = with lib; {

    description = "A CLI-based utility for creating microVMs from OCI images";

    homepage = "https://github.com/containers/krunvm";

    license = licenses.asl20;

    maintainers = with maintainers; [ nickcao ];

  };

}

{ lib

, stdenv

, fetchFromGitHub

, rustPlatform

, pkg-config

, glibc

, openssl

, libkrunfw

, sevVariant ? false

}:

stdenv.mkDerivation rec {

  pname = "libkrun";

  version = "1.3.0";

  src = fetchFromGitHub {

    owner = "containers";

    repo = pname;

    rev = "v${version}";

    hash = "sha256-qVyEqiqaQ8wfZhL5u+Bsaa1yXlgHUitSj5bo7FJ5Y8c=";

  };

  cargoDeps = rustPlatform.fetchCargoTarball {

    inherit src;

    hash = "sha256-jxSzhj1iU8qY+sZEVCYTaUqpaA4egjJi9qxrapASQF0=";

  };

  nativeBuildInputs = with rustPlatform;[

    cargoSetupHook

    rust.cargo

    rust.rustc

  ] ++ lib.optional sevVariant pkg-config;

  buildInputs = [

    glibc

    glibc.static

    (libkrunfw.override { inherit sevVariant; })

  ] ++ lib.optional sevVariant openssl;

  makeFlags = [ "PREFIX=${placeholder "out"}" ]

    ++ lib.optional sevVariant "SEV=1";

  meta = with lib; {

    description = "A dynamic library providing Virtualization-based process isolation capabilities";

    homepage = "https://github.com/containers/libkrun";

    license = licenses.asl20;

    maintainers = with maintainers; [ nickcao ];

  };

}

{ lib

, stdenv

, fetchFromGitHub

, fetchurl

, flex

, bison

, bc

, elfutils

, python3

, sevVariant ? false

}:

assert sevVariant -> stdenv.isx86_64;

stdenv.mkDerivation rec {

  pname = "libkrunfw";

  version = "3.3.0";

  src = fetchFromGitHub {

    owner = "containers";

    repo = pname;

    rev = "v${version}";

    hash = "sha256-ay+E5AgJeA0i3T4JDosDawwtezDGquzAvYEWHGbPidg=";

  };

  kernelSrc = fetchurl {

    url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.59.tar.xz";

    hash = "sha256-5t3GQgVzQNsGs7khwrMb/tLGETWejxRMPlz5w6wzvMs=";

  };

  preBuild = ''

    substituteInPlace Makefile --replace 'curl $(KERNEL_REMOTE) -o $(KERNEL_TARBALL)' 'ln -s $(kernelSrc) $(KERNEL_TARBALL)'

  '';

  nativeBuildInputs = [ flex bison bc python3 python3.pkgs.pyelftools ];

  buildInputs = [ elfutils ];

  makeFlags = [ "PREFIX=${placeholder "out"}" ]

    ++ lib.optional sevVariant "SEV=1";

  enableParallelBuilding = true;

  meta = with lib; {

    description = "A dynamic library bundling the guest payload consumed by libkrun";

    homepage = "https://github.com/containers/libkrunfw";

    license = with licenses; [ lgpl2Only lgpl21Only ];

    maintainers = with maintainers; [ nickcao ];

    platforms = [ "x86_64-linux" "aarch64-linux" ];

  };

}

  krunner-pass = libsForQt5.callPackage ../tools/security/krunner-pass { };

  krunvm = callPackage ../applications/virtualization/krunvm { };

  kronometer = libsForQt5.callPackage ../tools/misc/kronometer { };

  krop = callPackage ../applications/graphics/krop { };

  libcgroup = callPackage ../os-specific/linux/libcgroup { };

  libkrun = callPackage ../development/libraries/libkrun { };

  libkrun-sev = callPackage ../development/libraries/libkrun { sevVariant = true; };

  libkrunfw = callPackage ../development/libraries/libkrunfw { };

  libnl = callPackage ../os-specific/linux/libnl { };

  libtraceevent = callPackage ../os-specific/linux/libtraceevent {};