virtualbox: 7.0.6 -> 7.0.8

5 files changed, 112 insertions, 38 deletions

diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix
index fc3303baf33..1610fe12007 100644
--- a/pkgs/applications/virtualization/virtualbox/default.nix
+++ b/pkgs/applications/virtualization/virtualbox/default.nix
@@ -1,5 +1,5 @@
 { config, stdenv, fetchurl, lib, acpica-tools, dev86, pam, libxslt, libxml2, wrapQtAppsHook
-, libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL, libcap, libGL
+, libX11, xorgproto, libXext, libXcursor, libXmu, libIDL, SDL2, libcap, libGL, libGLU
 , libpng, glib, lvm2, libXrandr, libXinerama, libopus, qtbase, qtx11extras
 , qttools, qtsvg, qtwayland, pkg-config, which, docbook_xsl, docbook_xml_dtd_43
 , alsa-lib, curl, libvpx, nettools, dbus, substituteAll, gsoap, zlib
@@ -24,14 +24,14 @@ let
   buildType = "release";
   # Use maintainers/scripts/update.nix to update the version and all related hashes or
   # change the hashes in extpack.nix and guest-additions/default.nix as well manually.
-  version = "7.0.6";
+  version = "7.0.8";
 in stdenv.mkDerivation {
   pname = "virtualbox";
   inherit version;
 
   src = fetchurl {
-    url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
-    sha256 = "f146d9a86a35af0abb010e628636fd800cb476cc2ce82f95b0c0ca876e1756ff";
+    url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}a.tar.bz2";
+    sha256 = "7de37359518d467b7f888235175cd388f66e9f16bd9359dd6265fbc95933c1e6";
   };
 
   outputs = [ "out" "modsrc" ];
@@ -45,12 +45,12 @@ in stdenv.mkDerivation {
   buildInputs = [
     acpica-tools dev86 libxslt libxml2 xorgproto libX11 libXext libXcursor libIDL
     libcap glib lvm2 alsa-lib curl libvpx pam makeself perl
-    libXmu libpng libopus python3 ]
+    libXmu libXrandr libpng libopus python3 ]
     ++ optional javaBindings jdk
     ++ optional pythonBindings python3 # Python is needed even when not building bindings
     ++ optional pulseSupport libpulseaudio
-    ++ optionals headless [ libXrandr libGL ]
-    ++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL ]
+    ++ optionals headless [ libGL ]
+    ++ optionals (!headless) [ qtbase qtx11extras libXinerama SDL2 libGLU ]
     ++ optionals enableWebService [ gsoap zlib ];
 
   hardeningDisable = [ "format" "fortify" "pic" "stackprotector" ];
@@ -82,6 +82,8 @@ in stdenv.mkDerivation {
 
   patches =
      optional enableHardening ./hardened.patch
+     # Since VirtualBox 7.0.8, VBoxSDL requires SDL2, but the build framework uses SDL1
+  ++ optional (!headless) ./fix-sdl.patch
   ++ [ ./extra_symbols.patch ]
      # When hardening is enabled, we cannot use wrapQtApp to ensure that VirtualBoxVM sees
      # the correct environment variables needed for Qt to work, specifically QT_PLUGIN_PATH.
diff --git a/pkgs/applications/virtualization/virtualbox/extpack.nix b/pkgs/applications/virtualization/virtualbox/extpack.nix
index 7e27e79d5dd..617fa298beb 100644
--- a/pkgs/applications/virtualization/virtualbox/extpack.nix
+++ b/pkgs/applications/virtualization/virtualbox/extpack.nix
@@ -12,7 +12,7 @@ fetchurl rec {
     # Manually sha256sum the extensionPack file, must be hex!
     # Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`.
     # Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS
-    let value = "292961aa8723b54f96f89f6d8abf7d8e29259d94b7de831dbffb9ae15d346434";
+    let value = "452320f3b1da42b30c32ea5ab5887983b575638ceb4e3beacfefbbb3b0510a48";
     in assert (builtins.stringLength value) == 64; value;
 
   meta = {
diff --git a/pkgs/applications/virtualization/virtualbox/fix-sdl.patch b/pkgs/applications/virtualization/virtualbox/fix-sdl.patch
new file mode 100644
index 00000000000..2f16470c48c
--- /dev/null
+++ b/pkgs/applications/virtualization/virtualbox/fix-sdl.patch
@@ -0,0 +1,72 @@
+diff --git a/configure b/configure
+index 5edefba..a17e8c5 100755
+--- a/configure
++++ b/configure
+@@ -1184,10 +1184,10 @@ check_sdl()
+       fail
+     fi
+   else
+-    if which_wrapper sdl-config > /dev/null; then
+-      FLGSDL=`sdl-config --cflags`
++    if which_wrapper sdl2-config > /dev/null; then
++      FLGSDL=`sdl2-config --cflags`
+       INCSDL=`strip_I "$FLGSDL"`
+-      LIBSDL=`sdl-config --libs`
++      LIBSDL=`sdl2-config --libs`
+       LIBSDLMAIN="-lSDLmain"
+       FLDSDL=
+       foundsdl=1
+diff --git a/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp b/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
+index 16dc282..4889865 100644
+--- a/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
++++ b/src/VBox/Frontends/VBoxSDL/Framebuffer.cpp
+@@ -56,7 +56,7 @@ using namespace com;
+ #  pragma warning(push)
+ #  pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
+ # endif
+-# include <SDL_syswm.h>           /* for SDL_GetWMInfo() */
++# include <SDL2/SDL_syswm.h>           /* for SDL_GetWMInfo() */
+ # ifdef _MSC_VER
+ #  pragma warning(pop)
+ # endif
+diff --git a/src/VBox/Frontends/VBoxSDL/Makefile.kmk b/src/VBox/Frontends/VBoxSDL/Makefile.kmk
+index da43153..2aa8cd7 100644
+--- a/src/VBox/Frontends/VBoxSDL/Makefile.kmk
++++ b/src/VBox/Frontends/VBoxSDL/Makefile.kmk
+@@ -79,10 +79,6 @@ if !defined(VBOX_WITH_HARDENING) || "$(KBUILD_TARGET)" != "darwin" # No hardened
+   VBoxSDL_INCS += \
+   	$(VBOX_XCURSOR_INCS)
+  endif
+- ifn1of ($(KBUILD_TARGET), solaris) # Probably wrong with SDL2
+-  VBoxSDL_LIBS = \
+-  	$(LIB_SDK_LIBSDL2_SDLMAIN)
+- endif
+  if1of ($(KBUILD_TARGET), freebsd linux netbsd openbsd solaris) # X11
+   VBoxSDL_LIBS += \
+   	$(PATH_STAGE_DLL)/VBoxKeyboard$(VBOX_SUFF_DLL) \
+diff --git a/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp b/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
+index 065c391..22788e1 100644
+--- a/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
++++ b/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp
+@@ -64,7 +64,7 @@ using namespace com;
+ # pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
+ #endif
+ #ifndef RT_OS_DARWIN
+-# include <SDL_syswm.h>          /* for SDL_GetWMInfo() */
++# include <SDL2/SDL_syswm.h>          /* for SDL_GetWMInfo() */
+ #endif
+ #ifdef _MSC_VER
+ # pragma warning(pop)
+diff --git a/src/VBox/Frontends/VBoxSDL/VBoxSDL.h b/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
+index dde548f..8fc9fb3 100644
+--- a/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
++++ b/src/VBox/Frontends/VBoxSDL/VBoxSDL.h
+@@ -45,7 +45,7 @@
+ # pragma warning(disable: 4121) /* warning C4121: 'SDL_SysWMmsg' : alignment of a member was sensitive to packing*/
+ # pragma warning(disable: 4668) /* warning C4668: '__GNUC__' is not defined as a preprocessor macro, replacing with '0' for '#if/#elif' */
+ #endif
+-#include <SDL.h>
++#include <SDL2/SDL.h>
+ #ifdef _MSC_VER
+ # pragma warning(pop)
+ #endif
diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
index 0601aa3e44a..1e6cfcf4eb7 100644
--- a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
+++ b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
@@ -23,7 +23,7 @@ in stdenv.mkDerivation rec {
 
   src = fetchurl {
     url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso";
-    sha256 = "21e0f407d2a4f5c286084a70718aa20235ea75969eca0cab6cfab43a3499a010";
+    sha256 = "8d73e2361afbf696e6128ffa5e96d9f6a78ff32cb2cb54c727a5be7992be0b31";
   };
 
   KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
diff --git a/pkgs/applications/virtualization/virtualbox/hardened.patch b/pkgs/applications/virtualization/virtualbox/hardened.patch
index 786a476df51..eb53e0d1421 100644
--- a/pkgs/applications/virtualization/virtualbox/hardened.patch
+++ b/pkgs/applications/virtualization/virtualbox/hardened.patch
@@ -1,8 +1,8 @@
 diff --git a/include/iprt/mangling.h b/include/iprt/mangling.h
-index 25b918d1..1420ff1d 100644
+index 991dd9e..defc781 100644
 --- a/include/iprt/mangling.h
 +++ b/include/iprt/mangling.h
-@@ -1695,6 +1695,7 @@
+@@ -1802,6 +1802,7 @@
  # define RTPathStripSuffix                              RT_MANGLER(RTPathStripSuffix)
  # define RTPathStripFilename                            RT_MANGLER(RTPathStripFilename)
  # define RTPathStripTrailingSlash                       RT_MANGLER(RTPathStripTrailingSlash)
@@ -10,7 +10,7 @@ index 25b918d1..1420ff1d 100644
  # define RTPathTemp                                     RT_MANGLER(RTPathTemp)
  # define RTPathTraverseList                             RT_MANGLER(RTPathTraverseList)
  # define RTPathUnlink                                   RT_MANGLER(RTPathUnlink)
-@@ -1734,6 +1735,7 @@
+@@ -1842,6 +1843,7 @@
  # define RTProcGetAffinityMask                          RT_MANGLER(RTProcGetAffinityMask)
  # define RTProcGetExecutablePath                        RT_MANGLER(RTProcGetExecutablePath)
  # define RTProcGetPriority                              RT_MANGLER(RTProcGetPriority)
@@ -19,10 +19,10 @@ index 25b918d1..1420ff1d 100644
  # define RTProcQueryParent                              RT_MANGLER(RTProcQueryParent)
  # define RTProcQueryUsername                            RT_MANGLER(RTProcQueryUsername)
 diff --git a/include/iprt/path.h b/include/iprt/path.h
-index 99060e35..ccfbeb76 100644
+index 89bf8f6..5caa578 100644
 --- a/include/iprt/path.h
 +++ b/include/iprt/path.h
-@@ -1221,6 +1221,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, const char *p
+@@ -1235,6 +1235,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, const char *p
   */
  RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath);
  
@@ -39,10 +39,10 @@ index 99060e35..ccfbeb76 100644
   * Gets the user home directory.
   *
 diff --git a/include/iprt/process.h b/include/iprt/process.h
-index f4f67dd4..ab882a19 100644
+index 4ca981e..058ae7a 100644
 --- a/include/iprt/process.h
 +++ b/include/iprt/process.h
-@@ -352,6 +352,16 @@ RTR3DECL(const char *) RTProcExecutablePath(void);
+@@ -384,6 +384,16 @@ RTR3DECL(const char *) RTProcExecutablePath(void);
   */
  RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath);
  
@@ -60,10 +60,10 @@ index f4f67dd4..ab882a19 100644
   * Daemonize the current process, making it a background process.
   *
 diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
-index 75ff8572..18a077b7 100644
+index e78a397..ff5b541 100644
 --- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
 +++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp
-@@ -1531,9 +1531,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
+@@ -1541,9 +1541,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo
          bool fBad = !fRelaxed || pFsObjState->Stat.st_gid != 2 /*bin*/ || suplibHardenedStrCmp(pszPath, "/usr/lib/iconv");
  # else
          NOREF(fRelaxed);
@@ -76,10 +76,10 @@ index 75ff8572..18a077b7 100644
                                            "An unknown (and thus untrusted) group has write access to '", pszPath,
                                            "' and we therefore cannot trust the directory content or that of any subdirectory");
 diff --git a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
-index 2991d3a7..d042a08b 100644
+index 01d7a9f..e52a291 100644
 --- a/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
 +++ b/src/VBox/Main/src-all/MachineLaunchVMCommonWorker.cpp
-@@ -90,7 +90,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
+@@ -100,7 +100,7 @@ int MachineLaunchVMCommonWorker(const Utf8Str &aNameOrId,
  
      /* Get the path to the executable directory w/ trailing slash: */
      char szPath[RTPATH_MAX];
@@ -89,10 +89,10 @@ index 2991d3a7..d042a08b 100644
      size_t cbBufLeft = RTPathEnsureTrailingSeparator(szPath, sizeof(szPath));
      AssertReturn(cbBufLeft > 0, VERR_FILENAME_TOO_LONG);
 diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
-index 2e57690a..3272c840 100644
+index 773d27f..874ec2d 100644
 --- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp
 +++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp
-@@ -188,7 +188,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
+@@ -198,7 +198,7 @@ int NetworkServiceRunner::start(bool aKillProcessOnStop)
       * ASSUME it is relative to the directory that holds VBoxSVC.
       */
      char szExePath[RTPATH_MAX];
@@ -102,28 +102,28 @@ index 2e57690a..3272c840 100644
      int vrc = RTPathAppend(szExePath, sizeof(szExePath), m->pszProcName);
      AssertLogRelRCReturn(vrc, vrc);
 diff --git a/src/VBox/Main/src-server/generic/NetIf-generic.cpp b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
-index af155966..3b8e793d 100644
+index 1e2eb61..893344c 100644
 --- a/src/VBox/Main/src-server/generic/NetIf-generic.cpp
 +++ b/src/VBox/Main/src-server/generic/NetIf-generic.cpp
-@@ -48,7 +48,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
+@@ -62,7 +62,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char
      const char *args[] = { NULL, pcszIfName, pszAddr, pszOption, pszMask, NULL };
  
      char szAdpCtl[RTPATH_MAX];
--    int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
-+    int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
-     if (RT_FAILURE(rc))
+-    int vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
++    int vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME));
+     if (RT_FAILURE(vrc))
      {
-         LogRel(("NetIfAdpCtl: failed to get program path, rc=%Rrc.\n", rc));
-@@ -95,7 +95,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
+         LogRel(("NetIfAdpCtl: failed to get program path, vrc=%Rrc.\n", vrc));
+@@ -109,7 +109,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch
  int NetIfAdpCtlOut(const char * pcszName, const char * pcszCmd, char *pszBuffer, size_t cBufSize)
  {
      char szAdpCtl[RTPATH_MAX];
--    int rc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
-+    int rc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
-     if (RT_FAILURE(rc))
+-    int vrc = RTPathExecDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
++    int vrc = RTPathSuidDir(szAdpCtl, sizeof(szAdpCtl) - sizeof("/" VBOXNETADPCTL_NAME " ") - strlen(pcszCmd));
+     if (RT_FAILURE(vrc))
      {
-         LogRel(("NetIfAdpCtlOut: Failed to get program path, rc=%Rrc\n", rc));
-@@ -210,7 +210,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
+         LogRel(("NetIfAdpCtlOut: Failed to get program path, vrc=%Rrc\n", vrc));
+@@ -224,7 +224,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox,
              progress.queryInterfaceTo(aProgress);
  
              char szAdpCtl[RTPATH_MAX];
@@ -133,10 +133,10 @@ index af155966..3b8e793d 100644
              {
                  progress->i_notifyComplete(E_FAIL,
 diff --git a/src/VBox/Runtime/r3/path.cpp b/src/VBox/Runtime/r3/path.cpp
-index 4b1a0ada..7f6dd707 100644
+index bcd8deb..46ecd1e 100644
 --- a/src/VBox/Runtime/r3/path.cpp
 +++ b/src/VBox/Runtime/r3/path.cpp
-@@ -81,6 +81,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath)
+@@ -91,6 +91,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath)
  }
  
  
@@ -150,10 +150,10 @@ index 4b1a0ada..7f6dd707 100644
  {
  #if !defined(RT_OS_WINDOWS) && defined(RTPATH_APP_PRIVATE)
 diff --git a/src/VBox/Runtime/r3/process.cpp b/src/VBox/Runtime/r3/process.cpp
-index 5f7c7a87..59461cfa 100644
+index f9d1ecf..042e599 100644
 --- a/src/VBox/Runtime/r3/process.cpp
 +++ b/src/VBox/Runtime/r3/process.cpp
-@@ -117,6 +117,25 @@ RTR3DECL(const char *) RTProcExecutablePath(void)
+@@ -127,6 +127,25 @@ RTR3DECL(const char *) RTProcExecutablePath(void)
      return g_szrtProcExePath;
  }