diff --git a/flake.nix b/flake.nix index 1a3d74e..be38b62 100644 --- a/flake.nix +++ b/flake.nix @@ -79,6 +79,23 @@ }; }; + # Build vmsilo-wayland-seccontext Rust binary + buildVmsiloWaylandSeccontext = + system: + let + pkgs = nixpkgs.legacyPackages.${system}; + in + pkgs.rustPlatform.buildRustPackage { + pname = "vmsilo-wayland-seccontext"; + version = "0.1.0"; + src = ./vmsilo-wayland-seccontext; + cargoLock = { + lockFile = ./vmsilo-wayland-seccontext/Cargo.lock; + }; + nativeBuildInputs = with pkgs; [ pkg-config ]; + buildInputs = with pkgs; [ wayland ]; + }; + # treefmt configuration treefmtConfig = { projectRootFile = "flake.nix"; @@ -96,6 +113,8 @@ rootfs-nixos = makeRootfsNixos system { }; vmsilo-balloond = buildVmsiloBalloond system; vmsilo-dbus-proxy = buildVmsiloDbusProxy system; + vmsilo-wayland-seccontext = buildVmsiloWaylandSeccontext system; + "cloud-hypervisor" = nixpkgs.legacyPackages.${system}.cloud-hypervisor; decoration-tests = let pkgs = nixpkgs.legacyPackages.${system}; @@ -180,11 +199,9 @@ # Inject dependencies when module is enabled config = lib.mkIf config.programs.vmsilo.enable { programs.vmsilo._internal = { - crosvm = - if config.programs.vmsilo.nvidiaWeakenSandbox then - crosvm.packages.${pkgs.stdenv.hostPlatform.system}.crosvm-nvidia - else - crosvm.packages.${pkgs.stdenv.hostPlatform.system}.default; + crosvm = crosvm.packages.${pkgs.stdenv.hostPlatform.system}.default; + "cloud-hypervisor" = pkgs.cloud-hypervisor; + vmsilo-wayland-seccontext = buildVmsiloWaylandSeccontext pkgs.stdenv.hostPlatform.system; wayland-proxy-virtwl = wayland-proxy-virtwl.packages.${pkgs.stdenv.hostPlatform.system}.default; sommelier = pkgs.callPackage ./packages/sommelier.nix { }; vhost-device-sound = vhost-device.packages.${pkgs.stdenv.hostPlatform.system}.vhost-device-sound;