Merge pull request #186418 from NickCao/krunvm

2024-11-17 15:22:59 +01:00 · 2022-08-13 12:48:20 +02:00 · 2022-08-13 12:48:20 +02:00 · f8334115fb
commit f8334115fb
parent 33ad9bea28 0edab34d9c
4 changed files with 148 additions and 0 deletions
--- a/pkgs/applications/virtualization/krunvm/default.nix
+++ b/pkgs/applications/virtualization/krunvm/default.nix
@ -0,0 +1,42 @@
+{ lib
+, stdenv
+, rustPlatform
+, fetchFromGitHub
+, asciidoctor
+, libkrun
+}:
+
+stdenv.mkDerivation rec {
+  pname = "krunvm";
+  version = "0.2.1";
+
+  src = fetchFromGitHub {
+    owner = "containers";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "sha256-rR762L8P+7ebE0u4MVCJoXc5mmqXlDFfSas+lFBMVFQ=";
+  };
+
+  cargoDeps = rustPlatform.fetchCargoTarball {
+    inherit src;
+    hash = "sha256-3WiXm90XiQHpCbhlkigg/ZATQeDdUKTstN7hwcsKm4o=";
+  };
+
+  nativeBuildInputs = with rustPlatform;[
+    cargoSetupHook
+    rust.cargo
+    rust.rustc
+    asciidoctor
+  ];
+
+  buildInputs = [ libkrun ];
+
+  makeFlags = [ "PREFIX=${placeholder "out"}" ];
+
+  meta = with lib; {
+    description = "A CLI-based utility for creating microVMs from OCI images";
+    homepage = "https://github.com/containers/krunvm";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ nickcao ];
+  };
+}
--- a/pkgs/development/libraries/libkrun/default.nix
+++ b/pkgs/development/libraries/libkrun/default.nix
@ -0,0 +1,49 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, rustPlatform
+, pkg-config
+, glibc
+, openssl
+, libkrunfw
+, sevVariant ? false
+}:
+
+stdenv.mkDerivation rec {
+  pname = "libkrun";
+  version = "1.3.0";
+
+  src = fetchFromGitHub {
+    owner = "containers";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-qVyEqiqaQ8wfZhL5u+Bsaa1yXlgHUitSj5bo7FJ5Y8c=";
+  };
+
+  cargoDeps = rustPlatform.fetchCargoTarball {
+    inherit src;
+    hash = "sha256-jxSzhj1iU8qY+sZEVCYTaUqpaA4egjJi9qxrapASQF0=";
+  };
+
+  nativeBuildInputs = with rustPlatform;[
+    cargoSetupHook
+    rust.cargo
+    rust.rustc
+  ] ++ lib.optional sevVariant pkg-config;
+
+  buildInputs = [
+    glibc
+    glibc.static
+    (libkrunfw.override { inherit sevVariant; })
+  ] ++ lib.optional sevVariant openssl;
+
+  makeFlags = [ "PREFIX=${placeholder "out"}" ]
+    ++ lib.optional sevVariant "SEV=1";
+
+  meta = with lib; {
+    description = "A dynamic library providing Virtualization-based process isolation capabilities";
+    homepage = "https://github.com/containers/libkrun";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ nickcao ];
+  };
+}
--- a/pkgs/development/libraries/libkrunfw/default.nix
+++ b/pkgs/development/libraries/libkrunfw/default.nix
@ -0,0 +1,49 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, fetchurl
+, flex
+, bison
+, bc
+, elfutils
+, python3
+, sevVariant ? false
+}:
+
+assert sevVariant -> stdenv.isx86_64;
+stdenv.mkDerivation rec {
+  pname = "libkrunfw";
+  version = "3.3.0";
+
+  src = fetchFromGitHub {
+    owner = "containers";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-ay+E5AgJeA0i3T4JDosDawwtezDGquzAvYEWHGbPidg=";
+  };
+
+  kernelSrc = fetchurl {
+    url = "https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.59.tar.xz";
+    hash = "sha256-5t3GQgVzQNsGs7khwrMb/tLGETWejxRMPlz5w6wzvMs=";
+  };
+
+  preBuild = ''
+    substituteInPlace Makefile --replace 'curl $(KERNEL_REMOTE) -o $(KERNEL_TARBALL)' 'ln -s $(kernelSrc) $(KERNEL_TARBALL)'
+  '';
+
+  nativeBuildInputs = [ flex bison bc python3 python3.pkgs.pyelftools ];
+  buildInputs = [ elfutils ];
+
+  makeFlags = [ "PREFIX=${placeholder "out"}" ]
+    ++ lib.optional sevVariant "SEV=1";
+
+  enableParallelBuilding = true;
+
+  meta = with lib; {
+    description = "A dynamic library bundling the guest payload consumed by libkrun";
+    homepage = "https://github.com/containers/libkrunfw";
+    license = with licenses; [ lgpl2Only lgpl21Only ];
+    maintainers = with maintainers; [ nickcao ];
+    platforms = [ "x86_64-linux" "aarch64-linux" ];
+  };
+}
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -7859,6 +7859,8 @@ with pkgs;

  krunner-pass = libsForQt5.callPackage ../tools/security/krunner-pass { };

+  krunvm = callPackage ../applications/virtualization/krunvm { };
+
  kronometer = libsForQt5.callPackage ../tools/misc/kronometer { };

  krop = callPackage ../applications/graphics/krop { };
@ -23879,6 +23881,12 @@ with pkgs;

  libcgroup = callPackage ../os-specific/linux/libcgroup { };

+  libkrun = callPackage ../development/libraries/libkrun { };
+
+  libkrun-sev = callPackage ../development/libraries/libkrun { sevVariant = true; };
+
+  libkrunfw = callPackage ../development/libraries/libkrunfw { };
+
  libnl = callPackage ../os-specific/linux/libnl { };

  libtraceevent = callPackage ../os-specific/linux/libtraceevent {};