diff options
author | Vladimír Čunát <v@cunat.cz> | 2023-10-26 10:36:50 +0200 |
---|---|---|
committer | Vladimír Čunát <v@cunat.cz> | 2023-10-26 10:36:50 +0200 |
commit | d811555465785e76fc06872f4bb14d4dd1dfed8c (patch) | |
tree | 91db30ffe3553dcd7c9766c4163687f7b951dd16 /pkgs/build-support | |
parent | 7054a80f3b8061bd532e407f46f60e484a5e9a9c (diff) | |
parent | 0f8647b0c2bce447f8ce27428de242727104ffb0 (diff) | |
download | nixpkgs-d811555465785e76fc06872f4bb14d4dd1dfed8c.tar nixpkgs-d811555465785e76fc06872f4bb14d4dd1dfed8c.tar.gz nixpkgs-d811555465785e76fc06872f4bb14d4dd1dfed8c.tar.bz2 nixpkgs-d811555465785e76fc06872f4bb14d4dd1dfed8c.tar.lz nixpkgs-d811555465785e76fc06872f4bb14d4dd1dfed8c.tar.xz nixpkgs-d811555465785e76fc06872f4bb14d4dd1dfed8c.tar.zst nixpkgs-d811555465785e76fc06872f4bb14d4dd1dfed8c.zip |
Merge branch 'staging' into staging-next
Diffstat (limited to 'pkgs/build-support')
21 files changed, 56 insertions, 48 deletions
diff --git a/pkgs/build-support/binary-cache/default.nix b/pkgs/build-support/binary-cache/default.nix index 27f9ad96289..8c610c51227 100644 --- a/pkgs/build-support/binary-cache/default.nix +++ b/pkgs/build-support/binary-cache/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, buildPackages }: +{ lib, stdenv, coreutils, jq, python3, nix, xz }: # This function is for creating a flat-file binary cache, i.e. the kind created by # nix copy --to file:///some/path and usable as a substituter (with the file:// prefix). @@ -19,15 +19,10 @@ stdenv.mkDerivation { preferLocalBuild = true; - PATH = lib.makeBinPath (with buildPackages; [ coreutils jq python3 nix xz ]); + nativeBuildInputs = [ coreutils jq python3 nix xz ]; - builder = builtins.toFile "builder" '' - . .attrs.sh - - export out=''${outputs[out]} - - mkdir $out - mkdir $out/nar + buildCommand = '' + mkdir -p $out/nar python ${./make-binary-cache.py} diff --git a/pkgs/build-support/binary-cache/make-binary-cache.py b/pkgs/build-support/binary-cache/make-binary-cache.py index 16dd8a7e96b..589d005562b 100644 --- a/pkgs/build-support/binary-cache/make-binary-cache.py +++ b/pkgs/build-support/binary-cache/make-binary-cache.py @@ -3,7 +3,7 @@ import json import os import subprocess -with open(".attrs.json", "r") as f: +with open(os.environ["NIX_ATTRS_JSON_FILE"], "r") as f: closures = json.load(f)["closure"] os.chdir(os.environ["out"]) diff --git a/pkgs/build-support/cc-wrapper/add-hardening.sh b/pkgs/build-support/cc-wrapper/add-hardening.sh index 8d02b4e5124..8cd63e46095 100644 --- a/pkgs/build-support/cc-wrapper/add-hardening.sh +++ b/pkgs/build-support/cc-wrapper/add-hardening.sh @@ -10,6 +10,13 @@ for flag in ${NIX_HARDENING_ENABLE_@suffixSalt@-}; do hardeningEnableMap["$flag"]=1 done +# fortify3 implies fortify enablement - make explicit before +# we filter unsupported flags because unsupporting fortify3 +# doesn't mean we should unsupport fortify too +if [[ -n "${hardeningEnableMap[fortify3]-}" ]]; then + hardeningEnableMap["fortify"]=1 +fi + # Remove unsupported flags. for flag in @hardening_unsupported_flags@; do unset -v "hardeningEnableMap[$flag]" @@ -19,7 +26,7 @@ for flag in @hardening_unsupported_flags@; do fi done -# make fortify and fortify3 mutually exclusive +# now make fortify and fortify3 mutually exclusive if [[ -n "${hardeningEnableMap[fortify3]-}" ]]; then unset -v "hardeningEnableMap['fortify']" fi diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh index 6c43f8cbfa6..b8d170df01b 100644 --- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh @@ -246,7 +246,7 @@ if [[ -e @out@/nix-support/cc-wrapper-hook ]]; then fi if (( "${NIX_CC_USE_RESPONSE_FILE:-@use_response_file_by_default@}" >= 1 )); then - responseFile=$(mktemp --tmpdir cc-params.XXXXXX) + responseFile=$(mktemp "${TMPDIR:-/tmp}/cc-params.XXXXXX") trap 'rm -f -- "$responseFile"' EXIT printf "%q\n" \ ${extraBefore+"${extraBefore[@]}"} \ diff --git a/pkgs/build-support/closure-info.nix b/pkgs/build-support/closure-info.nix index 6b3ff6fd62b..f6c31bd786b 100644 --- a/pkgs/build-support/closure-info.nix +++ b/pkgs/build-support/closure-info.nix @@ -4,7 +4,7 @@ # "nix-store --load-db" and "nix-store --register-validity # --hash-given". -{ stdenv, buildPackages }: +{ stdenv, coreutils, jq }: { rootPaths }: @@ -19,18 +19,16 @@ stdenv.mkDerivation { preferLocalBuild = true; - PATH = "${buildPackages.coreutils}/bin:${buildPackages.jq}/bin"; + nativeBuildInputs = [ coreutils jq ]; - builder = builtins.toFile "builder" + buildCommand = '' - . .attrs.sh - out=''${outputs[out]} mkdir $out - jq -r ".closure | map(.narSize) | add" < .attrs.json > $out/total-nar-size - jq -r '.closure | map([.path, .narHash, .narSize, "", (.references | length)] + .references) | add | map("\(.)\n") | add' < .attrs.json | head -n -1 > $out/registration - jq -r .closure[].path < .attrs.json > $out/store-paths + jq -r ".closure | map(.narSize) | add" < "$NIX_ATTRS_JSON_FILE" > $out/total-nar-size + jq -r '.closure | map([.path, .narHash, .narSize, "", (.references | length)] + .references) | add | map("\(.)\n") | add' < "$NIX_ATTRS_JSON_FILE" | head -n -1 > $out/registration + jq -r '.closure[].path' < "$NIX_ATTRS_JSON_FILE" > $out/store-paths ''; } diff --git a/pkgs/build-support/fetchbzr/builder.sh b/pkgs/build-support/fetchbzr/builder.sh index 991864719a0..4515e0e82f4 100644 --- a/pkgs/build-support/fetchbzr/builder.sh +++ b/pkgs/build-support/fetchbzr/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source "$stdenv/setup" echo "exporting \`$url' (revision $rev) into \`$out'" diff --git a/pkgs/build-support/fetchcvs/builder.sh b/pkgs/build-support/fetchcvs/builder.sh index 4b49e9676ec..7e4dde4a64c 100644 --- a/pkgs/build-support/fetchcvs/builder.sh +++ b/pkgs/build-support/fetchcvs/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup (echo "#!$SHELL"; \ diff --git a/pkgs/build-support/fetchdarcs/builder.sh b/pkgs/build-support/fetchdarcs/builder.sh index 75b9066dba6..39838db255a 100644 --- a/pkgs/build-support/fetchdarcs/builder.sh +++ b/pkgs/build-support/fetchdarcs/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup tagtext="" diff --git a/pkgs/build-support/fetchdocker/fetchdocker-builder.sh b/pkgs/build-support/fetchdocker/fetchdocker-builder.sh index 4eb70f672d4..489914a2a8b 100644 --- a/pkgs/build-support/fetchdocker/fetchdocker-builder.sh +++ b/pkgs/build-support/fetchdocker/fetchdocker-builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source "${stdenv}/setup" echo "exporting ${repository}/${imageName} (tag: ${tag}) into ${out}" mkdir -p "${out}" diff --git a/pkgs/build-support/fetchfossil/builder.sh b/pkgs/build-support/fetchfossil/builder.sh index 36b758ab574..fe828d0ada9 100644 --- a/pkgs/build-support/fetchfossil/builder.sh +++ b/pkgs/build-support/fetchfossil/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup echo "Cloning Fossil $url [$rev] into $out" diff --git a/pkgs/build-support/fetchgit/builder.sh b/pkgs/build-support/fetchgit/builder.sh index 77f6381b09a..95176beea8c 100644 --- a/pkgs/build-support/fetchgit/builder.sh +++ b/pkgs/build-support/fetchgit/builder.sh @@ -3,7 +3,7 @@ # - revision specified and remote has a HEAD # - revision specified and remote without HEAD # -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup echo "exporting $url (rev $rev) into $out" diff --git a/pkgs/build-support/fetchhg/builder.sh b/pkgs/build-support/fetchhg/builder.sh index 1ce29475771..20dfde4b10d 100644 --- a/pkgs/build-support/fetchhg/builder.sh +++ b/pkgs/build-support/fetchhg/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup echo "getting $url${rev:+ ($rev)} into $out" diff --git a/pkgs/build-support/fetchipfs/builder.sh b/pkgs/build-support/fetchipfs/builder.sh index ca77962b538..1ddd111b151 100644 --- a/pkgs/build-support/fetchipfs/builder.sh +++ b/pkgs/build-support/fetchipfs/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup # Curl flags to handle redirects, not use EPSV, handle cookies for diff --git a/pkgs/build-support/fetchmtn/builder.sh b/pkgs/build-support/fetchmtn/builder.sh index 1aabd7949ee..de929fad55a 100644 --- a/pkgs/build-support/fetchmtn/builder.sh +++ b/pkgs/build-support/fetchmtn/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup set -x diff --git a/pkgs/build-support/fetchsvn/builder.sh b/pkgs/build-support/fetchsvn/builder.sh index aa4d049aba4..e187747f14e 100644 --- a/pkgs/build-support/fetchsvn/builder.sh +++ b/pkgs/build-support/fetchsvn/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup echo "exporting $url (r$rev) into $out" diff --git a/pkgs/build-support/fetchsvnssh/builder.sh b/pkgs/build-support/fetchsvnssh/builder.sh index 5782151524f..e553446346d 100644 --- a/pkgs/build-support/fetchsvnssh/builder.sh +++ b/pkgs/build-support/fetchsvnssh/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup echo "exporting $url (r$rev) into $out" diff --git a/pkgs/build-support/fetchurl/builder.sh b/pkgs/build-support/fetchurl/builder.sh index e8eaba93485..a82728ef102 100644 --- a/pkgs/build-support/fetchurl/builder.sh +++ b/pkgs/build-support/fetchurl/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup source $mirrorsFile diff --git a/pkgs/build-support/references-by-popularity/default.nix b/pkgs/build-support/references-by-popularity/default.nix index dfc25275f34..2171c622f00 100644 --- a/pkgs/build-support/references-by-popularity/default.nix +++ b/pkgs/build-support/references-by-popularity/default.nix @@ -6,11 +6,8 @@ path: runCommand "closure-paths" exportReferencesGraph.graph = path; __structuredAttrs = true; preferLocalBuild = true; - PATH = "${coreutils}/bin:${python3}/bin"; - builder = builtins.toFile "builder" - '' - . .attrs.sh - python3 ${./closure-graph.py} .attrs.json graph > ''${outputs[out]} - ''; - } - "" + nativeBuildInputs = [ coreutils python3 ]; +} +'' + python3 ${./closure-graph.py} "$NIX_ATTRS_JSON_FILE" graph > ''${outputs[out]} +'' diff --git a/pkgs/build-support/rust/build-rust-package/default.nix b/pkgs/build-support/rust/build-rust-package/default.nix index 18d8ca56fd1..0b28121a5b7 100644 --- a/pkgs/build-support/rust/build-rust-package/default.nix +++ b/pkgs/build-support/rust/build-rust-package/default.nix @@ -156,7 +156,8 @@ stdenv.mkDerivation ((removeAttrs args [ "depsExtraArgs" "cargoUpdateHook" "carg # Platforms without host tools from # https://doc.rust-lang.org/nightly/rustc/platform-support.html "armv7a-darwin" - "armv5tel-linux" "armv7a-linux" "m68k-linux" "riscv32-linux" + "armv5tel-linux" "armv7a-linux" "m68k-linux" "mipsel-linux" + "mips64el-linux" "riscv32-linux" "armv6l-netbsd" "x86_64-redox" "wasm32-wasi" diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.py b/pkgs/build-support/setup-hooks/auto-patchelf.py index 965384b876f..261f5585480 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.py +++ b/pkgs/build-support/setup-hooks/auto-patchelf.py @@ -174,7 +174,7 @@ class Dependency: found: bool = False # Whether it was found somewhere -def auto_patchelf_file(path: Path, runtime_deps: list[Path], append_rpaths: List[Path] = []) -> list[Dependency]: +def auto_patchelf_file(path: Path, runtime_deps: list[Path], append_rpaths: List[Path] = [], extra_args: List[str] = []) -> list[Dependency]: try: with open_elf(path) as elf: @@ -213,7 +213,7 @@ def auto_patchelf_file(path: Path, runtime_deps: list[Path], append_rpaths: List if file_is_dynamic_executable: print("setting interpreter of", path) subprocess.run( - ["patchelf", "--set-interpreter", interpreter_path.as_posix(), path.as_posix()], + ["patchelf", "--set-interpreter", interpreter_path.as_posix(), path.as_posix()] + extra_args, check=True) rpath += runtime_deps @@ -250,7 +250,7 @@ def auto_patchelf_file(path: Path, runtime_deps: list[Path], append_rpaths: List if rpath: print("setting RPATH to:", rpath_str) subprocess.run( - ["patchelf", "--set-rpath", rpath_str, path.as_posix()], + ["patchelf", "--set-rpath", rpath_str, path.as_posix()] + extra_args, check=True) return dependencies @@ -262,7 +262,8 @@ def auto_patchelf( runtime_deps: List[Path], recursive: bool = True, ignore_missing: List[str] = [], - append_rpaths: List[Path] = []) -> None: + append_rpaths: List[Path] = [], + extra_args: List[str] = []) -> None: if not paths_to_patch: sys.exit("No paths to patch, stopping.") @@ -275,7 +276,7 @@ def auto_patchelf( dependencies = [] for path in chain.from_iterable(glob(p, '*', recursive) for p in paths_to_patch): if not path.is_symlink() and path.is_file(): - dependencies += auto_patchelf_file(path, runtime_deps, append_rpaths) + dependencies += auto_patchelf_file(path, runtime_deps, append_rpaths, extra_args) missing = [dep for dep in dependencies if not dep.found] @@ -333,6 +334,12 @@ def main() -> None: type=Path, help="Paths to append to all runtime paths unconditionally", ) + parser.add_argument( + "--extra-args", + nargs="*", + type=str, + help="Extra arguments to pass to patchelf" + ) print("automatically fixing dependencies for ELF files") args = parser.parse_args() @@ -344,7 +351,8 @@ def main() -> None: args.runtime_dependencies, args.recursive, args.ignore_missing, - append_rpaths=args.append_rpaths) + append_rpaths=args.append_rpaths, + extra_args=args.extra_args) interpreter_path: Path = None # type: ignore diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.sh b/pkgs/build-support/setup-hooks/auto-patchelf.sh index 0625565606f..371389df427 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.sh +++ b/pkgs/build-support/setup-hooks/auto-patchelf.sh @@ -63,6 +63,7 @@ autoPatchelf() { local appendRunpathsArray=($appendRunpaths) local runtimeDependenciesArray=($runtimeDependencies) + local patchelfFlagsArray=($patchelfFlags) @pythonInterpreter@ @autoPatchelfScript@ \ ${norecurse:+--no-recurse} \ --ignore-missing "${ignoreMissingDepsArray[@]}" \ @@ -70,7 +71,8 @@ autoPatchelf() { --libs "${autoPatchelfLibs[@]}" \ "${extraAutoPatchelfLibs[@]}" \ --runtime-dependencies "${runtimeDependenciesArray[@]/%//lib}" \ - --append-rpaths "${appendRunpathsArray[@]}" + --append-rpaths "${appendRunpathsArray[@]}" \ + --extra-args "${patchelfFlagsArray[@]}" } # XXX: This should ultimately use fixupOutputHooks but we currently don't have |