diff options
| author | Alyssa Ross <hi@alyssa.is> | 2023-11-21 16:12:21 +0100 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2023-11-21 16:12:48 +0100 |
| commit | 048a4cd441a59cbf89defb18bb45c9f0b4429b35 (patch) | |
| tree | f8f5850ff05521ab82d65745894714a8796cbfb6 /pkgs/os-specific | |
| parent | 030c5028b07afcedce7c5956015c629486cc79d9 (diff) | |
| parent | 4c2d05dd6435d449a3651a6dd314d9411b5f8146 (diff) | |
| download | nixpkgs-rootfs.tar nixpkgs-rootfs.tar.gz nixpkgs-rootfs.tar.bz2 nixpkgs-rootfs.tar.lz nixpkgs-rootfs.tar.xz nixpkgs-rootfs.tar.zst nixpkgs-rootfs.zip | |
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Diffstat (limited to 'pkgs/os-specific')
249 files changed, 3955 insertions, 3412 deletions
diff --git a/pkgs/os-specific/darwin/CoreSymbolication/default.nix b/pkgs/os-specific/darwin/CoreSymbolication/default.nix index aa73c7f86c4..5cf92a41a6f 100644 --- a/pkgs/os-specific/darwin/CoreSymbolication/default.nix +++ b/pkgs/os-specific/darwin/CoreSymbolication/default.nix @@ -1,19 +1,23 @@ -{ fetchFromGitHub, stdenv }: +{ lib, fetchFromGitHub, stdenv }: -# Reverse engineered CoreSymbolication to make dtrace buildable - -stdenv.mkDerivation rec { - name = "CoreSymbolication"; +stdenv.mkDerivation { + pname = "core-symbolication"; + version = "unstable-2018-06-17"; src = fetchFromGitHub { - repo = name; + repo = "CoreSymbolication"; owner = "matthewbauer"; - rev = "671fcb66c82eac1827f3f53dc4cc4e9b1b94da0a"; - sha256 = "0qpw46gwgjxiwqqjxksb8yghp2q8dwad6hzaf4zl82xpvk9n5ahj"; + rev = "24c87c23664b3ee05dc7a5a87d647ae476a680e4"; + hash = "sha256-PzvLq94eNhP0+rLwGMKcMzxuD6MlrNI7iT/eV0obtSE="; }; - installPhase = '' - mkdir -p $out/include - cp -r CoreSymbolication $out/include - ''; + makeFlags = [ "PREFIX=$(out)" "CC=${stdenv.cc.targetPrefix}cc" ]; + + meta = with lib; { + description = "Reverse engineered headers for Apple's CoreSymbolication framework"; + homepage = "https://github.com/matthewbauer/CoreSymbolication"; + license = licenses.mit; + platforms = platforms.darwin; + maintainers = with maintainers; [ matthewbauer ]; + }; } diff --git a/pkgs/os-specific/darwin/DarwinTools/default.nix b/pkgs/os-specific/darwin/DarwinTools/default.nix index 72a37502845..11e4c84395d 100644 --- a/pkgs/os-specific/darwin/DarwinTools/default.nix +++ b/pkgs/os-specific/darwin/DarwinTools/default.nix @@ -13,17 +13,17 @@ stdenv.mkDerivation rec { ./sw_vers-CFPriv.patch ]; - postPatch = '' - substituteInPlace Makefile \ - --replace gcc cc - ''; - configurePhase = '' export SRCROOT=. export SYMROOT=. export DSTROOT=$out ''; + makeFlags = [ + "CC=${stdenv.cc.targetPrefix}cc" + "STRIP=${stdenv.cc.targetPrefix}strip" + ]; + postInstall = '' mv $out/usr/* $out rmdir $out/usr diff --git a/pkgs/os-specific/darwin/aldente/default.nix b/pkgs/os-specific/darwin/aldente/default.nix index 6dd464a405f..7ca454609ae 100644 --- a/pkgs/os-specific/darwin/aldente/default.nix +++ b/pkgs/os-specific/darwin/aldente/default.nix @@ -6,11 +6,11 @@ stdenvNoCC.mkDerivation (finalAttrs: { pname = "aldente"; - version = "1.22.2"; + version = "1.22.3"; src = fetchurl { url = "https://github.com/davidwernhart/aldente-charge-limiter/releases/download/${finalAttrs.version}/AlDente.dmg"; - hash = "sha256-bREI0RS4xvEccyw3yed5aD8oG5wmD5hyG82qW2tqlEA="; + hash = "sha256-pSqBDDumCbORLQ+B3skSqKmgG2KybR5Zb4ojiNQcAaM="; }; dontBuild = true; diff --git a/pkgs/os-specific/darwin/apple-sdk-11.0/private-frameworks.nix b/pkgs/os-specific/darwin/apple-sdk-11.0/private-frameworks.nix index f95932516d2..4566c8af84f 100644 --- a/pkgs/os-specific/darwin/apple-sdk-11.0/private-frameworks.nix +++ b/pkgs/os-specific/darwin/apple-sdk-11.0/private-frameworks.nix @@ -2,6 +2,7 @@ # generated by hand to avoid exposing all private frameworks # frameworks here are only the necessary ones used by public frameworks. { + Apple80211 = {}; AVFCapture = {}; AVFCore = {}; AddressBookCore = { inherit ContactsPersistence; }; diff --git a/pkgs/os-specific/darwin/apple-sdk/default.nix b/pkgs/os-specific/darwin/apple-sdk/default.nix index 0c959695d77..5484ba5acb1 100644 --- a/pkgs/os-specific/darwin/apple-sdk/default.nix +++ b/pkgs/os-specific/darwin/apple-sdk/default.nix @@ -1,9 +1,6 @@ -{ stdenv, fetchurl, libxml2, xar, cpio, pkgs, python3Minimal, pbzx, lib, darwin-stubs, print-reexports }: +{ stdenv, fetchurl, cpio, pbzx, pkgs, lib, darwin-stubs, print-reexports }: let - xarMinimal = xar.override { - libxml2 = libxml2.override { pythonSupport = false; }; - }; # sadly needs to be exported because security_tool needs it sdk = stdenv.mkDerivation rec { pname = "MacOS_SDK"; @@ -19,27 +16,23 @@ let sha256 = "13xq34sb7383b37hwy076gnhf96prpk1b4087p87xnwswxbrisih"; }; - nativeBuildInputs = [ xarMinimal cpio python3Minimal pbzx ]; + nativeBuildInputs = [ cpio pbzx ]; outputs = [ "out" "dev" "man" ]; unpackPhase = '' - xar -x -f $src + pbzx $src | cpio -idm ''; + sourceRoot = "."; + installPhase = '' - start="$(pwd)" mkdir -p $out - cd $out - pbzx -n $start/Payload | cpio -idm - - mv usr/* . - rmdir usr - mv System/* . - rmdir System + cp -R System/Library $out + cp -R usr/* $out - pushd lib + pushd $out/lib cp ${darwin-stubs}/usr/lib/libcups*.tbd . ln -s libcups.2.tbd libcups.tbd ln -s libcupscgi.1.tbd libcupscgi.tbd diff --git a/pkgs/os-specific/darwin/apple-source-releases/Libm/default.nix b/pkgs/os-specific/darwin/apple-source-releases/Libm/default.nix index 6e6712f375e..931bebeae5d 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/Libm/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/Libm/default.nix @@ -1,6 +1,13 @@ { appleDerivation', stdenvNoCC }: appleDerivation' stdenvNoCC { + patches = [ + # The source release version of math.h is missing some symbols that are actually present + # in newer SDKs. Patch them into the header to avoid implicit function declaration errors + # when compiling with newer versions of clang. + ./missing-declarations.patch + ]; + installPhase = '' mkdir -p $out/include diff --git a/pkgs/os-specific/darwin/apple-source-releases/Libm/missing-declarations.patch b/pkgs/os-specific/darwin/apple-source-releases/Libm/missing-declarations.patch new file mode 100644 index 00000000000..e56934e59d4 --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/Libm/missing-declarations.patch @@ -0,0 +1,292 @@ +--- a/Source/Intel/math.h 2023-10-20 09:43:42.640416006 -0400 ++++ b/Source/Intel/math.h 2023-10-20 09:47:59.743127003 -0400 +@@ -1,5 +1,5 @@ + /* +- * Copyright (c) 2002 Apple Computer, Inc. All rights reserved. ++ * Copyright (c) 2002-2015 Apple Inc. All rights reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * +@@ -27,14 +27,17 @@ + * Contains: typedefs, prototypes, and macros germane to C99 floating point.* + * * + *******************************************************************************/ ++#ifndef __MATH_H__ ++#define __MATH_H__ ++ + #ifndef __MATH__ + #define __MATH__ ++#endif + +-#include <sys/cdefs.h> /* For definition of __DARWIN_UNIX03 et al */ ++#include <sys/cdefs.h> ++#include <Availability.h> + +-#ifdef __cplusplus +-extern "C" { +-#endif ++__BEGIN_DECLS + + /****************************************************************************** + * Floating point data types * +@@ -87,14 +90,26 @@ + #define FP_SUBNORMAL 5 + #define FP_SUPERNORMAL 6 /* meaningful only on PowerPC */ + +-/* fma() *function call* is more costly than equivalent (in-line) multiply and add operations */ +-/* For single and double precision, the cost isn't too bad, because we can fall back on higher */ +-/* precision hardware, with the necessary range to handle infinite precision products. However, */ +-/* expect the long double fma to be at least an order of magnitude slower than a simple multiply */ +-/* and an add. */ +-#undef FP_FAST_FMA +-#undef FP_FAST_FMAF +-#undef FP_FAST_FMAL ++#if defined __arm64__ || defined __ARM_VFPV4__ ++/* On these architectures, fma(), fmaf( ), and fmal( ) are generally about as ++ fast as (or faster than) separate multiply and add of the same operands. */ ++# define FP_FAST_FMA 1 ++# define FP_FAST_FMAF 1 ++# define FP_FAST_FMAL 1 ++#elif (defined __i386__ || defined __x86_64__) && (defined __FMA__) ++/* When targeting the FMA ISA extension, fma() and fmaf( ) are generally ++ about as fast as (or faster than) separate multiply and add of the same ++ operands, but fmal( ) may be more costly. */ ++# define FP_FAST_FMA 1 ++# define FP_FAST_FMAF 1 ++# undef FP_FAST_FMAL ++#else ++/* On these architectures, fma( ), fmaf( ), and fmal( ) function calls are ++ significantly more costly than separate multiply and add operations. */ ++# undef FP_FAST_FMA ++# undef FP_FAST_FMAF ++# undef FP_FAST_FMAL ++#endif + + /* The values returned by `ilogb' for 0 and NaN respectively. */ + #define FP_ILOGB0 (-2147483647 - 1) +@@ -191,6 +206,23 @@ + static __inline__ int __inline_isnormalf( float __x ) { float fabsf = __builtin_fabsf(__x); if( __x != __x ) return 0; return fabsf < __builtin_inff() && fabsf >= __FLT_MIN__; } + static __inline__ int __inline_isnormald( double __x ) { double fabsf = __builtin_fabs(__x); if( __x != __x ) return 0; return fabsf < __builtin_inf() && fabsf >= __DBL_MIN__; } + static __inline__ int __inline_isnormal( long double __x ) { long double fabsf = __builtin_fabsl(__x); if( __x != __x ) return 0; return fabsf < __builtin_infl() && fabsf >= __LDBL_MIN__; } ++ ++#if defined __i386__ || defined __x86_64__ ++__header_always_inline int __inline_signbitl(long double __x) { ++ union { ++ long double __ld; ++ struct{ unsigned long long __m; unsigned short __sexp; } __p; ++ } __u; ++ __u.__ld = __x; ++ return (int)(__u.__p.__sexp >> 15); ++} ++#else ++__header_always_inline int __inline_signbitl(long double __x) { ++ union { long double __f; unsigned long long __u;} __u; ++ __u.__f = __x; ++ return (int)(__u.__u >> 63); ++} ++#endif + + #else + +@@ -509,7 +541,112 @@ + extern long double __infl( void ); + extern float __nan( void ); /* 10.3 (and later) must retain in ABI for backward compatability */ + +-#if !defined(_ANSI_SOURCE) ++ ++/****************************************************************************** ++ * Apple extensions to the C standard * ++ ******************************************************************************/ ++ ++/* Because these functions are not specified by any relevant standard, they ++ are prefixed with __, which places them in the implementor's namespace, so ++ they should not conflict with any developer or third-party code. If they ++ are added to a relevant standard in the future, un-prefixed names may be ++ added to the library and they may be moved out of this section of the ++ header. ++ ++ Because these functions are non-standard, they may not be available on non- ++ Apple platforms. */ ++ ++/* __exp10(x) returns 10**x. Edge cases match those of exp( ) and exp2( ). */ ++extern float __exp10f(float) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++extern double __exp10(double) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++ ++/* __sincos(x,sinp,cosp) computes the sine and cosine of x with a single ++ function call, storing the sine in the memory pointed to by sinp, and ++ the cosine in the memory pointed to by cosp. Edge cases match those of ++ separate calls to sin( ) and cos( ). */ ++__header_always_inline void __sincosf(float __x, float *__sinp, float *__cosp); ++__header_always_inline void __sincos(double __x, double *__sinp, double *__cosp); ++ ++/* __sinpi(x) returns the sine of pi times x; __cospi(x) and __tanpi(x) return ++ the cosine and tangent, respectively. These functions can produce a more ++ accurate answer than expressions of the form sin(M_PI * x) because they ++ avoid any loss of precision that results from rounding the result of the ++ multiplication M_PI * x. They may also be significantly more efficient in ++ some cases because the argument reduction for these functions is easier ++ to compute. Consult the man pages for edge case details. */ ++extern float __cospif(float) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++extern double __cospi(double) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++extern float __sinpif(float) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++extern double __sinpi(double) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++extern float __tanpif(float) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++extern double __tanpi(double) __OSX_AVAILABLE_STARTING(__MAC_10_9, __IPHONE_7_0); ++ ++#if (defined __MAC_OS_X_VERSION_MIN_REQUIRED && __MAC_OS_X_VERSION_MIN_REQUIRED < 1090) || \ ++ (defined __IPHONE_OS_VERSION_MIN_REQUIRED && __IPHONE_OS_VERSION_MIN_REQUIRED < 70000) ++/* __sincos and __sincosf were introduced in OSX 10.9 and iOS 7.0. When ++ targeting an older system, we simply split them up into discrete calls ++ to sin( ) and cos( ). */ ++__header_always_inline void __sincosf(float __x, float *__sinp, float *__cosp) { ++ *__sinp = sinf(__x); ++ *__cosp = cosf(__x); ++} ++ ++__header_always_inline void __sincos(double __x, double *__sinp, double *__cosp) { ++ *__sinp = sin(__x); ++ *__cosp = cos(__x); ++} ++#else ++/* __sincospi(x,sinp,cosp) computes the sine and cosine of pi times x with a ++ single function call, storing the sine in the memory pointed to by sinp, ++ and the cosine in the memory pointed to by cosp. Edge cases match those ++ of separate calls to __sinpi( ) and __cospi( ), and are documented in the ++ man pages. ++ ++ These functions were introduced in OSX 10.9 and iOS 7.0. Because they are ++ implemented as header inlines, weak-linking does not function as normal, ++ and they are simply hidden when targeting earlier OS versions. */ ++__header_always_inline void __sincospif(float __x, float *__sinp, float *__cosp); ++__header_always_inline void __sincospi(double __x, double *__sinp, double *__cosp); ++ ++/* Implementation details of __sincos and __sincospi allowing them to return ++ two results while allowing the compiler to optimize away unnecessary load- ++ store traffic. Although these interfaces are exposed in the math.h header ++ to allow compilers to generate better code, users should call __sincos[f] ++ and __sincospi[f] instead and allow the compiler to emit these calls. */ ++struct __float2 { float __sinval; float __cosval; }; ++struct __double2 { double __sinval; double __cosval; }; ++ ++extern struct __float2 __sincosf_stret(float); ++extern struct __double2 __sincos_stret(double); ++extern struct __float2 __sincospif_stret(float); ++extern struct __double2 __sincospi_stret(double); ++ ++__header_always_inline void __sincosf(float __x, float *__sinp, float *__cosp) { ++ const struct __float2 __stret = __sincosf_stret(__x); ++ *__sinp = __stret.__sinval; *__cosp = __stret.__cosval; ++} ++ ++__header_always_inline void __sincos(double __x, double *__sinp, double *__cosp) { ++ const struct __double2 __stret = __sincos_stret(__x); ++ *__sinp = __stret.__sinval; *__cosp = __stret.__cosval; ++} ++ ++__header_always_inline void __sincospif(float __x, float *__sinp, float *__cosp) { ++ const struct __float2 __stret = __sincospif_stret(__x); ++ *__sinp = __stret.__sinval; *__cosp = __stret.__cosval; ++} ++ ++__header_always_inline void __sincospi(double __x, double *__sinp, double *__cosp) { ++ const struct __double2 __stret = __sincospi_stret(__x); ++ *__sinp = __stret.__sinval; *__cosp = __stret.__cosval; ++} ++#endif ++ ++/****************************************************************************** ++ * POSIX/UNIX extensions to the C standard * ++ ******************************************************************************/ ++ ++#if __DARWIN_C_LEVEL >= 199506L + extern double j0 ( double ); + + extern double j1 ( double ); +@@ -543,14 +680,32 @@ + extern int signgam; /* required for unix 2003 */ + + +-#endif /* !defined(_ANSI_SOURCE) */ ++#endif /* __DARWIN_C_LEVEL >= 199506L */ + +-#if !defined(__NOEXTENSIONS__) && (!defined(_POSIX_C_SOURCE) || defined(_DARWIN_C_SOURCE)) +-#define __WANT_EXTENSIONS__ +-#endif ++/* Long-double versions of M_E, etc for convenience on Intel where long- ++ double is not the same as double. Define __MATH_LONG_DOUBLE_CONSTANTS ++ to make these constants available. */ ++#if defined __MATH_LONG_DOUBLE_CONSTANTS ++#define M_El 0xa.df85458a2bb4a9bp-2L ++#define M_LOG2El 0xb.8aa3b295c17f0bcp-3L ++#define M_LOG10El 0xd.e5bd8a937287195p-5L ++#define M_LN2l 0xb.17217f7d1cf79acp-4L ++#define M_LN10l 0x9.35d8dddaaa8ac17p-2L ++#define M_PIl 0xc.90fdaa22168c235p-2L ++#define M_PI_2l 0xc.90fdaa22168c235p-3L ++#define M_PI_4l 0xc.90fdaa22168c235p-4L ++#define M_1_PIl 0xa.2f9836e4e44152ap-5L ++#define M_2_PIl 0xa.2f9836e4e44152ap-4L ++#define M_2_SQRTPIl 0x9.06eba8214db688dp-3L ++#define M_SQRT2l 0xb.504f333f9de6484p-3L ++#define M_SQRT1_2l 0xb.504f333f9de6484p-4L ++#endif /* defined __MATH_LONG_DOUBLE_CONSTANTS */ + +-#ifdef __WANT_EXTENSIONS__ ++/****************************************************************************** ++ * Legacy BSD extensions to the C standard * ++ ******************************************************************************/ + ++#if __DARWIN_C_LEVEL >= __DARWIN_C_FULL + #define FP_SNAN FP_NAN + #define FP_QNAN FP_NAN + +@@ -560,11 +715,6 @@ + /* Legacy API: please use C99 lround() instead. */ + extern long int roundtol ( double ); + +-/* +- * XOPEN/SVID +- */ +-#if !defined(_ANSI_SOURCE) && (!defined(_POSIX_C_SOURCE) || defined(_DARWIN_C_SOURCE)) +-#if (!defined(_XOPEN_SOURCE) || defined(_DARWIN_C_SOURCE)) + #if !defined(__cplusplus) + /* used by matherr below */ + struct exception { +@@ -592,19 +742,12 @@ + #define TLOSS 5 + #define PLOSS 6 + +-#endif /* (!_XOPEN_SOURCE || _DARWIN_C_SOURCE) */ +-#endif /* !_ANSI_SOURCE && (!_POSIX_C_SOURCE || _DARWIN_C_SOURCE) */ +- +-#if !defined( __STRICT_ANSI__) && !defined(_ANSI_SOURCE) && (!defined(_POSIX_C_SOURCE) || defined(_DARWIN_C_SOURCE)) +- + /* Legacy API: please use C99 isfinite() instead. */ + extern int finite ( double ); + + /* Legacy API: please use C99 tgamma() instead. */ + extern double gamma ( double ); + +-#if (!defined(_XOPEN_SOURCE) || defined(_DARWIN_C_SOURCE)) +- + #if !defined(__cplusplus) + extern int matherr ( struct exception * ); + #endif +@@ -633,14 +776,8 @@ + extern double lgamma_r ( double, int * ) AVAILABLE_MAC_OS_X_VERSION_10_6_AND_LATER; + extern long double lgammal_r ( long double, int * ) AVAILABLE_MAC_OS_X_VERSION_10_6_AND_LATER; + #endif /* _REENTRANT */ +- +-#endif /* (!_XOPEN_SOURCE || _DARWIN_C_SOURCE) */ +-#endif /* !_ANSI_SOURCE && (!_POSIX_C_SOURCE || _DARWIN_C_SOURCE) */ +- +-#endif /* __WANT_EXTENSIONS__ */ + +-#ifdef __cplusplus +-} +-#endif ++#endif /* __DARWIN_C_LEVEL >= __DARWIN_C_FULL */ + +-#endif /* __MATH__ */ ++__END_DECLS ++#endif /* __MATH_H__ */ diff --git a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix index 38b13f784a3..998bc867e75 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/configd/default.nix @@ -1,11 +1,19 @@ -{ lib, stdenv, appleDerivation', launchd, bootstrap_cmds, xnu, xpc, ppp, IOKit, eap8021x, Security +{ lib, stdenv, runCommand, appleDerivation', launchd, bootstrap_cmds, swift-corelibs-foundation, xnu, xpc, ppp, IOKit, eap8021x, Security , headersOnly ? false }: +let + privateHeaders = runCommand "swift-corelibs-foundation-private" { } '' + mkdir -p $out/include/CoreFoundation + + cp ${swift-corelibs-foundation}/Library/Frameworks/CoreFoundation.framework/PrivateHeaders/* \ + $out/include/CoreFoundation + ''; +in appleDerivation' stdenv { meta.broken = stdenv.cc.nativeLibc; nativeBuildInputs = lib.optionals (!headersOnly) [ bootstrap_cmds ]; - buildInputs = lib.optionals (!headersOnly) [ launchd ppp xpc IOKit eap8021x ]; + buildInputs = lib.optionals (!headersOnly) [ privateHeaders launchd ppp xpc IOKit eap8021x ]; propagatedBuildInputs = lib.optionals (!headersOnly) [ Security ]; @@ -13,7 +21,6 @@ appleDerivation' stdenv { NIX_CFLAGS_COMPILE = toString [ "-ISystemConfiguration.framework/Headers" "-I${xnu}/Library/Frameworks/System.framework/Versions/B/PrivateHeaders" - "-D_DNS_SD_LIBDISPATCH" # Needed for DNSServiceSetDispatchQueue to be available ]; }; @@ -23,11 +30,6 @@ appleDerivation' stdenv { substituteInPlace SystemConfiguration.fproj/SCNetworkReachability.c \ --replace ''$'#define\tHAVE_VPN_STATUS' "" - - # Our neutered CoreFoundation doesn't have this function, but I think we'll live... - substituteInPlace SystemConfiguration.fproj/SCNetworkConnectionPrivate.c \ - --replace 'CFPreferencesAppValueIsForced(serviceID, USER_PREFERENCES_APPLICATION_ID)' 'FALSE' \ - --replace 'CFPreferencesAppValueIsForced(userPrivate->serviceID, USER_PREFERENCES_APPLICATION_ID)' 'FALSE' ''; dontBuild = headersOnly; diff --git a/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix index 30d123ab804..e4431c68c9a 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/default.nix @@ -5,12 +5,17 @@ let xnu-src = if stdenv.isAarch64 then macosPackages_11_0_1.xnu.src else xnu.src; arch = if stdenv.isAarch64 then "arm" else "i386"; in appleDerivation { + patches = [ + # Fixes a build failure with newer versions of clang that make implicit int an error. + ./fix-implicit-int.patch + ]; + nativeBuildInputs = [ xcbuildHook ]; buildInputs = [ libutil ]; env.NIX_CFLAGS_COMPILE = "-I."; NIX_LDFLAGS = "-lutil"; - patchPhase = '' + prePatch = '' # ugly hacks for missing headers # most are bsd related - probably should make this a drv unpackFile ${Libc.src} diff --git a/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/fix-implicit-int.patch b/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/fix-implicit-int.patch new file mode 100644 index 00000000000..df0fff930da --- /dev/null +++ b/pkgs/os-specific/darwin/apple-source-releases/diskdev_cmds/fix-implicit-int.patch @@ -0,0 +1,11 @@ +diff -ur a/diskdev_cmds.xcodeproj/project.pbxproj b/diskdev_cmds.xcodeproj/project.pbxproj +--- a/quota.tproj/quota.c 2021-10-06 01:13:40.000000000 -0400 ++++ b/quota.tproj/quota.c 2023-10-27 08:24:05.960965958 -0400 +@@ -115,6 +115,7 @@ + + int + main(argc, argv) ++ int argc; + char *argv[]; + { + int ngroups; diff --git a/pkgs/os-specific/darwin/apple-source-releases/libiconv/default.nix b/pkgs/os-specific/darwin/apple-source-releases/libiconv/default.nix index 72ef086f599..6a3bddc211e 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/libiconv/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/libiconv/default.nix @@ -32,6 +32,7 @@ appleDerivation { ]; meta = { + mainProgram = "iconv"; platforms = lib.platforms.darwin; }; } diff --git a/pkgs/os-specific/darwin/apple-source-releases/mDNSResponder/default.nix b/pkgs/os-specific/darwin/apple-source-releases/mDNSResponder/default.nix index 4082f5b760c..0ba4caee628 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/mDNSResponder/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/mDNSResponder/default.nix @@ -4,6 +4,9 @@ appleDerivation' stdenvNoCC { dontBuild = true; installPhase = '' mkdir -p $out/include - cp mDNSShared/dns_sd.h $out/include + # TODO: Do this only for 765.50.9 once there is a way to apply version-specific + # logic in a source-release derivation. + substitute mDNSShared/dns_sd.h $out/include/dns_sd.h \ + --replace '#define _DNS_SD_LIBDISPATCH 0' '#define _DNS_SD_LIBDISPATCH 1' ''; } diff --git a/pkgs/os-specific/darwin/apple-source-releases/text_cmds/default.nix b/pkgs/os-specific/darwin/apple-source-releases/text_cmds/default.nix index c99523d6c86..c6fc0094303 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/text_cmds/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/text_cmds/default.nix @@ -20,7 +20,12 @@ appleDerivation { done ''; - env.NIX_CFLAGS_COMPILE = toString [ "-Wno-error=format-security" ]; # hardeningDisable doesn't cut it + env.NIX_CFLAGS_COMPILE = toString [ + # hardeningDisable doesn't cut it + "-Wno-error=format-security" + # Required to build with clang 16 + "-Wno-error=deprecated-non-prototype" + ]; meta = { platforms = lib.platforms.darwin; diff --git a/pkgs/os-specific/darwin/coconutbattery/default.nix b/pkgs/os-specific/darwin/coconutbattery/default.nix index 69302baa92e..4850b2b4c04 100644 --- a/pkgs/os-specific/darwin/coconutbattery/default.nix +++ b/pkgs/os-specific/darwin/coconutbattery/default.nix @@ -5,11 +5,11 @@ stdenvNoCC.mkDerivation (finalAttrs: { pname = "coconutbattery"; - version = "3.9.12"; + version = "3.9.14"; src = fetchzip { url = "https://coconut-flavour.com/downloads/coconutBattery_${builtins.replaceStrings [ "." ] [ "" ] finalAttrs.version}.zip"; - hash = "sha256-8WxGjZbxUqchSIfvpK2RLifn7/TD5nau5hgMzLUiV2o="; + hash = "sha256-zKSPKwDBwxlyNJFurCLLGtba9gpizJCjOOAd81vdD5Q="; }; dontPatch = true; diff --git a/pkgs/os-specific/darwin/dark-mode-notify/default.nix b/pkgs/os-specific/darwin/dark-mode-notify/default.nix deleted file mode 100644 index 31d1a2c8d8b..00000000000 --- a/pkgs/os-specific/darwin/dark-mode-notify/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ lib -, fetchFromGitHub -, stdenv -, swift -, swiftpm -, darwin -}: - -stdenv.mkDerivation (final: { - pname = "dark-mode-notify"; - version = "unstable-2022-07-18"; - - src = fetchFromGitHub { - owner = "bouk"; - repo = "dark-mode-notify"; - rev = "4d7fe211f81c5b67402fad4bed44995344a260d1"; - hash = "sha256-LsAQ5v5jgJw7KsJnQ3Mh6+LNj1EMHICMoD5WzF3hRmU="; - }; - - nativeBuildInputs = [ - swift - swiftpm - ]; - - buildInputs = with darwin.apple_sdk.frameworks; [ - Foundation - Cocoa - ]; - - makeFlags = [ "prefix=$(out)" ]; - - meta = { - description = "Run a script whenever dark mode changes in macOS"; - homepage = "https://github.com/bouk/dark-mode-notify"; - # Doesn't build on x86_64 because of some CoreGraphics issue, even with SDK 11.0 - platforms = [ "aarch64-darwin" ]; - license = lib.licenses.mit; - maintainers = with lib.maintainers; [ YorikSar ]; - }; -}) diff --git a/pkgs/os-specific/darwin/ios-deploy/default.nix b/pkgs/os-specific/darwin/ios-deploy/default.nix index 6567093700d..c405ac8e1c8 100644 --- a/pkgs/os-specific/darwin/ios-deploy/default.nix +++ b/pkgs/os-specific/darwin/ios-deploy/default.nix @@ -1,35 +1,62 @@ -{ lib, stdenvNoCC, rsync, fetchFromGitHub }: +{ lib +, stdenv +, fetchFromGitHub +, darwin +, testers +}: -# Note this is impure, using system XCode to build ios-deploy. We -# should have a special flag for users to enable this. - -let version = "1.11.0"; -in stdenvNoCC.mkDerivation { +let + privateFrameworks = "/Library/Apple/System/Library/PrivateFrameworks"; +in +stdenv.mkDerivation (finalAttrs: { pname = "ios-deploy"; - inherit version; + version = "1.12.2"; + src = fetchFromGitHub { owner = "ios-control"; repo = "ios-deploy"; - rev = version; - sha256 = "0hqwikdrcnslx4kkw9b0n7n443gzn2gbrw15pp2fnkcw5s0698sc"; + rev = finalAttrs.version; + hash = "sha256-TVGC+f+1ow3b93CK3PhIL70le5SZxxb2ug5OkIg8XCA="; }; - nativeBuildInputs = [ rsync ]; + + buildInputs = [ + darwin.apple_sdk.frameworks.Foundation + ]; + buildPhase = '' - LD=$CC - tmp=$(mktemp -d) - ln -s /usr/bin/xcodebuild $tmp - export PATH="$PATH:$tmp" - xcodebuild -configuration Release SYMROOT=build OBJROOT=$tmp - ''; - checkPhase = '' - xcodebuild test -scheme ios-deploy-tests -configuration Release SYMROOT=build + runHook preBuild + + awk '{ print "\""$0"\\n\""}' src/scripts/lldb.py >> src/ios-deploy/lldb.py.h + clang src/ios-deploy/ios-deploy.m \ + -framework Foundation \ + -F${privateFrameworks} -framework MobileDevice \ + -o ios-deploy + + runHook postBuild ''; + installPhase = '' - install -D build/Release/ios-deploy $out/bin/ios-deploy + runHook preInstall + + install -Dm755 ios-deploy $out/bin/ios-deploy + + runHook postInstall ''; + + __impureHostDeps = [ + privateFrameworks + ]; + + passthru.tests.version = testers.testVersion { + package = finalAttrs.finalPackage; + }; + meta = { + description = "Install and debug iPhone apps from the command line, without using Xcode"; + homepage = "https://github.com/ios-control/ios-deploy"; + license = lib.licenses.gpl3Plus; + mainProgram = "ios-deploy"; + maintainers = with lib.maintainers; [ wegank ]; platforms = lib.platforms.darwin; - description = "Install and debug iOS apps from the command line. Designed to work on un-jailbroken devices"; - license = lib.licenses.gpl3; }; -} +}) diff --git a/pkgs/os-specific/darwin/moltenvk/default.nix b/pkgs/os-specific/darwin/moltenvk/default.nix index 41f929fe90f..2293720d7fa 100644 --- a/pkgs/os-specific/darwin/moltenvk/default.nix +++ b/pkgs/os-specific/darwin/moltenvk/default.nix @@ -109,7 +109,7 @@ stdenv.mkDerivation (finalAttrs: { -configuration Release \ -project MoltenVKShaderConverter.xcodeproj \ -scheme MoltenVKShaderConverter \ - -arch ${stdenv.targetPlatform.darwinArch} + -arch ${stdenv.hostPlatform.darwinArch} declare -A products=( [MoltenVKShaderConverter]=bin [libMoltenVKShaderConverter.a]=lib ) for product in "''${!products[@]}"; do cp MoltenVKShaderConverter-*/Build/Products/Release/$product "$build/''${products[$product]}/$product" @@ -127,7 +127,7 @@ stdenv.mkDerivation (finalAttrs: { -configuration Release \ -project MoltenVK.xcodeproj \ -scheme MoltenVK-macOS \ - -arch ${stdenv.targetPlatform.darwinArch} + -arch ${stdenv.hostPlatform.darwinArch} cp MoltenVK-*/Build/Products/Release/dynamic/libMoltenVK.dylib "$build/lib/libMoltenVK.dylib" popd ''; diff --git a/pkgs/os-specific/darwin/raycast/default.nix b/pkgs/os-specific/darwin/raycast/default.nix index 4824bcff4f8..94476ef303e 100644 --- a/pkgs/os-specific/darwin/raycast/default.nix +++ b/pkgs/os-specific/darwin/raycast/default.nix @@ -6,12 +6,12 @@ stdenvNoCC.mkDerivation (finalAttrs: { pname = "raycast"; - version = "1.57.1"; + version = "1.61.2"; src = fetchurl { name = "Raycast.dmg"; url = "https://releases.raycast.com/releases/${finalAttrs.version}/download?build=universal"; - hash = "sha256-ePHaNujW39LjMc+R2TZ1favJXeroHpbeuRNwmv8HgXc="; + hash = "sha256-MHJbVIVVDcuXig3E52wCnegt1mmRh9+kYbEL6MWjdqQ="; }; dontPatch = true; diff --git a/pkgs/os-specific/darwin/rectangle/default.nix b/pkgs/os-specific/darwin/rectangle/default.nix index b59c6051de7..590e6427d19 100644 --- a/pkgs/os-specific/darwin/rectangle/default.nix +++ b/pkgs/os-specific/darwin/rectangle/default.nix @@ -7,11 +7,11 @@ stdenvNoCC.mkDerivation rec { pname = "rectangle"; - version = "0.71"; + version = "0.74"; src = fetchurl { url = "https://github.com/rxhanson/Rectangle/releases/download/v${version}/Rectangle${version}.dmg"; - hash = "sha256-QsvEBTuLh5GyVzNTKaJAVwPNtYCc/3yH+U8VgXE4nk0="; + hash = "sha256-ERfzgw8R39dOc9F/dgcgCKbEVFNChC5LqDFBDzbS+Wg="; }; sourceRoot = "."; diff --git a/pkgs/os-specific/darwin/sketchybar/default.nix b/pkgs/os-specific/darwin/sketchybar/default.nix index 069fac3d59f..9b3ef924dd0 100644 --- a/pkgs/os-specific/darwin/sketchybar/default.nix +++ b/pkgs/os-specific/darwin/sketchybar/default.nix @@ -2,6 +2,7 @@ , stdenv , fetchFromGitHub , AppKit +, Carbon , CoreAudio , CoreWLAN , CoreVideo @@ -21,17 +22,18 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "sketchybar"; - version = "2.16.3"; + version = "2.19.4"; src = fetchFromGitHub { owner = "FelixKratz"; repo = "SketchyBar"; rev = "v${finalAttrs.version}"; - hash = "sha256-PCAGIcO7lvIAEFXlJn/e9zG5kxvDABshxFbu/bXWX7o="; + hash = "sha256-6MqTyCqFv5suQgQ5a9t1mDA2njjFFgk67Kp7xO5OXoA="; }; buildInputs = [ AppKit + Carbon CoreAudio CoreWLAN CoreVideo diff --git a/pkgs/os-specific/darwin/skhd/default.nix b/pkgs/os-specific/darwin/skhd/default.nix index fa6e1aa01e9..f979f7ec020 100644 --- a/pkgs/os-specific/darwin/skhd/default.nix +++ b/pkgs/os-specific/darwin/skhd/default.nix @@ -26,6 +26,8 @@ stdenv.mkDerivation (finalAttrs: { "BUILD_PATH=$(out)/bin" ]; + env.NIX_CFLAGS_COMPILE = "-Wno-error=implicit-function-declaration"; + postInstall = '' mkdir -p $out/Library/LaunchDaemons cp ${./org.nixos.skhd.plist} $out/Library/LaunchDaemons/org.nixos.skhd.plist diff --git a/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix b/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix index d77976773c6..5c593b1488e 100644 --- a/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix +++ b/pkgs/os-specific/darwin/swift-corelibs/corefoundation.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, fetchurl, makeSetupHook, cmake, ninja, pkg-config, launchd, libdispatch, python3, libxml2, objc4, icu }: +{ lib, stdenv, fetchFromGitHub, fetchurl, makeSetupHook, cmake, pkg-config, launchd, libdispatch, python3Minimal, libxml2, objc4, icu }: let # 10.12 adds a new sysdir.h that our version of CF in the main derivation depends on, but @@ -21,7 +21,7 @@ stdenv.mkDerivation { sha256 = "17kpql0f27xxz4jjw84vpas5f5sn4vdqwv10g151rc3rswbwln1z"; }; - nativeBuildInputs = [ cmake ninja pkg-config python3 ]; + nativeBuildInputs = [ cmake pkg-config python3Minimal ]; buildInputs = [ (lib.getDev launchd) libdispatch libxml2 objc4 icu ]; patches = [ diff --git a/pkgs/os-specific/darwin/utm/default.nix b/pkgs/os-specific/darwin/utm/default.nix index d3aea920972..f7055d378cb 100644 --- a/pkgs/os-specific/darwin/utm/default.nix +++ b/pkgs/os-specific/darwin/utm/default.nix @@ -7,11 +7,11 @@ stdenvNoCC.mkDerivation rec { pname = "utm"; - version = "4.3.5"; + version = "4.4.4"; src = fetchurl { url = "https://github.com/utmapp/UTM/releases/download/v${version}/UTM.dmg"; - hash = "sha256-aDIjf4TqhSIgYaJulI5FgXxlNiZ1qcNY+Typ7+S5Hc8="; + hash = "sha256-SyrqkNWRUKQS3D17XYsC/dcCKlPLGNNsG5obEiHE1Lk="; }; nativeBuildInputs = [ undmg makeWrapper ]; diff --git a/pkgs/os-specific/darwin/yabai/default.nix b/pkgs/os-specific/darwin/yabai/default.nix index 14d3ccbc046..841746957c7 100644 --- a/pkgs/os-specific/darwin/yabai/default.nix +++ b/pkgs/os-specific/darwin/yabai/default.nix @@ -17,7 +17,7 @@ let pname = "yabai"; - version = "5.0.8"; + version = "6.0.1"; test-version = testers.testVersion { package = yabai; @@ -53,7 +53,7 @@ in src = fetchzip { url = "https://github.com/koekeishiya/yabai/releases/download/v${version}/yabai-v${version}.tar.gz"; - hash = "sha256-w4MTHHYWwBq0/WkemYIeV49aA/DzFxXITD8gF5St0Yo="; + hash = "sha256-CXkGVoJcGSkooxe7eIhwaM6FkOI45NVw5jdLJAzgFBM="; }; nativeBuildInputs = [ @@ -89,7 +89,7 @@ in owner = "koekeishiya"; repo = "yabai"; rev = "v${version}"; - hash = "sha256-VahfeKYz/cATb0RF9QykngMtRpCh392jY8aJuggpqMU="; + hash = "sha256-u+MkGd/rkT1RVkzC2IcAcFM9eClFdj3WBFnftUVwkwc="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/akvcam/default.nix b/pkgs/os-specific/linux/akvcam/default.nix index f2ea933bd5c..d2b24855b0b 100644 --- a/pkgs/os-specific/linux/akvcam/default.nix +++ b/pkgs/os-specific/linux/akvcam/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "akvcam"; - version = "1.2.2"; + version = "1.2.4"; src = fetchFromGitHub { owner = "webcamoid"; repo = "akvcam"; rev = version; - sha256 = "1f0vjia2d7zj3y5c63lx1r537bdjx6821yxy29ilbrvsbjq2szj8"; + sha256 = "sha256-zvMPwgItp1bTq64DZcUbYls60XhgufOeEKaAoAFf64M="; }; sourceRoot = "${src.name}/src"; diff --git a/pkgs/os-specific/linux/alsa-project/alsa-firmware/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-firmware/default.nix deleted file mode 100644 index 06b6ef47d43..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-firmware/default.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ lib, buildPackages, stdenvNoCC, autoreconfHook, fetchurl, fetchpatch }: - -stdenvNoCC.mkDerivation rec { - pname = "alsa-firmware"; - version = "1.2.4"; - - src = fetchurl { - url = "mirror://alsa/firmware/alsa-firmware-${version}.tar.bz2"; - sha256 = "sha256-tnttfQi8/CR+9v8KuIqZwYgwWjz1euLf0LzZpbNs1bs="; - }; - - patches = [ - # fixes some includes / missing types on musl libc; should not make a difference for other platforms - (fetchpatch { - url = "https://raw.githubusercontent.com/void-linux/void-packages/ae690000017d5fd355ab397c49202426e3a01c11/srcpkgs/alsa-firmware/patches/musl.patch"; - sha256 = "sha256-4A+TBBvpz14NwMNewLc2LQL51hnz4EZlZ44rhnx5dnc="; - }) - ]; - - depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ autoreconfHook ]; - - configureFlags = [ - "--with-hotplug-dir=$(out)/lib/firmware" - ]; - - dontStrip = true; - - postInstall = '' - # These are lifted from the Arch PKGBUILD - # remove files which conflicts with linux-firmware - rm -rf $out/lib/firmware/{ct{efx,speq}.bin,ess,korg,sb16,yamaha} - # remove broken symlinks (broken upstream) - rm -rf $out/lib/firmware/turtlebeach - # remove empty dir - rm -rf $out/bin - ''; - - meta = with lib; { - homepage = "http://www.alsa-project.org/"; - description = "Soundcard firmwares from the alsa project"; - license = licenses.gpl2Plus; - platforms = platforms.linux; - maintainers = with maintainers; [ l-as ]; - }; -} diff --git a/pkgs/os-specific/linux/alsa-project/alsa-lib/alsa-plugin-conf-multilib.patch b/pkgs/os-specific/linux/alsa-project/alsa-lib/alsa-plugin-conf-multilib.patch deleted file mode 100644 index b17df9a492e..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-lib/alsa-plugin-conf-multilib.patch +++ /dev/null @@ -1,232 +0,0 @@ -diff --git a/src/control/control.c b/src/control/control.c -index d66ed75..42cecad 100644 ---- a/src/control/control.c -+++ b/src/control/control.c -@@ -838,6 +838,10 @@ static int snd_ctl_open_conf(snd_ctl_t **ctlp, const char *name, - #ifndef PIC - extern void *snd_control_open_symbols(void); - #endif -+ -+ snd_config_t *libs = NULL; -+ const char *libs_lib = NULL; -+ - if (snd_config_get_type(ctl_conf) != SND_CONFIG_TYPE_COMPOUND) { - if (name) - SNDERR("Invalid type for CTL %s definition", name); -@@ -879,6 +883,19 @@ static int snd_ctl_open_conf(snd_ctl_t **ctlp, const char *name, - SNDERR("Invalid type for %s", id); - goto _err; - } -+ -+ continue; -+ } -+ // Handle an array of extra libs. -+ if (strcmp(id, "libs") == 0) { -+ if (snd_config_get_type(n) != SND_CONFIG_TYPE_COMPOUND) { -+ SNDERR("Invalid type for libs definition in CTL %s definition", -+ str); -+ goto _err; -+ } -+ -+ libs = n; -+ - continue; - } - if (strcmp(id, "open") == 0) { -@@ -903,7 +920,62 @@ static int snd_ctl_open_conf(snd_ctl_t **ctlp, const char *name, - open_name = buf; - sprintf(buf, "_snd_ctl_%s_open", str); - } -- if (!lib) { -+ -+#ifndef PIC -+ snd_control_open_symbols(); -+#endif -+ -+ // Normal alsa behaviour when there is no libs array. -+ if (!libs) { -+ if (lib) { -+ open_func = snd_dlobj_cache_get(lib, open_name, -+ SND_DLSYM_VERSION(SND_CONTROL_DLSYM_VERSION), 1); -+ } -+ } -+ // Handle libs array. -+ // Suppresses error messages if any function is loaded successfully. -+ else { -+ if (lib) { -+ open_func = snd_dlobj_cache_get(lib, open_name, -+ SND_DLSYM_VERSION(SND_CONTROL_DLSYM_VERSION), 0); -+ } -+ -+ if (!open_func) { -+ snd_config_for_each(i, next, libs) { -+ snd_config_t *n = snd_config_iterator_entry(i); -+ -+ err = snd_config_get_string(n, &libs_lib); -+ if (err < 0) { -+ SNDERR("Invalid entry in CTL %s libs definition", str); -+ goto _err; -+ } -+ -+ if (!open_func) { -+ open_func = snd_dlobj_cache_get(libs_lib, open_name, -+ SND_DLSYM_VERSION(SND_CONTROL_DLSYM_VERSION), 0); -+ } -+ } -+ } -+ -+ // Print error messages. -+ if (!open_func) { -+ if (lib) { -+ SNDERR("Either %s cannot be opened or %s was not defined inside", -+ lib, open_name); -+ } -+ -+ snd_config_for_each(i, next, libs) { -+ snd_config_t *n = snd_config_iterator_entry(i); -+ -+ snd_config_get_string(n, &libs_lib); -+ SNDERR("Either %s cannot be opened or %s was not defined inside", -+ libs_lib, open_name); -+ } -+ } -+ } -+ -+ // Look in ALSA_PLUGIN_DIR iff we found nowhere else to look. -+ if (!lib && (!libs || !libs_lib)) { - const char *const *build_in = build_in_ctls; - while (*build_in) { - if (!strcmp(*build_in, str)) -@@ -919,12 +991,11 @@ static int snd_ctl_open_conf(snd_ctl_t **ctlp, const char *name, - lib = buf1; - sprintf(buf1, "%s/libasound_module_ctl_%s.so", ALSA_PLUGIN_DIR, str); - } -- } --#ifndef PIC -- snd_control_open_symbols(); --#endif -- open_func = snd_dlobj_cache_get(lib, open_name, -+ -+ open_func = snd_dlobj_cache_get(lib, open_name, - SND_DLSYM_VERSION(SND_CONTROL_DLSYM_VERSION), 1); -+ } -+ - if (open_func) { - err = open_func(ctlp, name, ctl_root, ctl_conf, mode); - if (err >= 0) { -diff --git a/src/pcm/pcm.c b/src/pcm/pcm.c -index 2e24338..7f489f4 100644 ---- a/src/pcm/pcm.c -+++ b/src/pcm/pcm.c -@@ -2116,6 +2116,10 @@ static int snd_pcm_open_conf(snd_pcm_t **pcmp, const char *name, - #ifndef PIC - extern void *snd_pcm_open_symbols(void); - #endif -+ -+ snd_config_t *libs = NULL; -+ const char *libs_lib = NULL; -+ - if (snd_config_get_type(pcm_conf) != SND_CONFIG_TYPE_COMPOUND) { - char *val; - id = NULL; -@@ -2160,6 +2164,19 @@ static int snd_pcm_open_conf(snd_pcm_t **pcmp, const char *name, - SNDERR("Invalid type for %s", id); - goto _err; - } -+ -+ continue; -+ } -+ // Handle an array of extra libs. -+ if (strcmp(id, "libs") == 0) { -+ if (snd_config_get_type(n) != SND_CONFIG_TYPE_COMPOUND) { -+ SNDERR("Invalid type for libs definition in PCM %s definition", -+ str); -+ goto _err; -+ } -+ -+ libs = n; -+ - continue; - } - if (strcmp(id, "open") == 0) { -@@ -2184,7 +2201,62 @@ static int snd_pcm_open_conf(snd_pcm_t **pcmp, const char *name, - open_name = buf; - sprintf(buf, "_snd_pcm_%s_open", str); - } -- if (!lib) { -+ -+#ifndef PIC -+ snd_pcm_open_symbols(); /* this call is for static linking only */ -+#endif -+ -+ // Normal alsa behaviour when there is no libs array. -+ if (!libs) { -+ if (lib) { -+ open_func = snd_dlobj_cache_get(lib, open_name, -+ SND_DLSYM_VERSION(SND_PCM_DLSYM_VERSION), 1); -+ } -+ } -+ // Handle libs array. -+ // Suppresses error messages if any function is loaded successfully. -+ else { -+ if (lib) { -+ open_func = snd_dlobj_cache_get(lib, open_name, -+ SND_DLSYM_VERSION(SND_PCM_DLSYM_VERSION), 0); -+ } -+ -+ if (!open_func) { -+ snd_config_for_each(i, next, libs) { -+ snd_config_t *n = snd_config_iterator_entry(i); -+ -+ err = snd_config_get_string(n, &libs_lib); -+ if (err < 0) { -+ SNDERR("Invalid entry in PCM %s libs definition", str); -+ goto _err; -+ } -+ -+ if (!open_func) { -+ open_func = snd_dlobj_cache_get(libs_lib, open_name, -+ SND_DLSYM_VERSION(SND_PCM_DLSYM_VERSION), 0); -+ } -+ } -+ } -+ -+ // Print error messages. -+ if (!open_func) { -+ if (lib) { -+ SNDERR("Either %s cannot be opened or %s was not defined inside", -+ lib, open_name); -+ } -+ -+ snd_config_for_each(i, next, libs) { -+ snd_config_t *n = snd_config_iterator_entry(i); -+ -+ snd_config_get_string(n, &libs_lib); -+ SNDERR("Either %s cannot be opened or %s was not defined inside", -+ libs_lib, open_name); -+ } -+ } -+ } -+ -+ // Look in ALSA_PLUGIN_DIR iff we found nowhere else to look. -+ if (!lib && (!libs || !libs_lib)) { - const char *const *build_in = build_in_pcms; - while (*build_in) { - if (!strcmp(*build_in, str)) -@@ -2200,12 +2272,11 @@ static int snd_pcm_open_conf(snd_pcm_t **pcmp, const char *name, - lib = buf1; - sprintf(buf1, "%s/libasound_module_pcm_%s.so", ALSA_PLUGIN_DIR, str); - } -- } --#ifndef PIC -- snd_pcm_open_symbols(); /* this call is for static linking only */ --#endif -- open_func = snd_dlobj_cache_get(lib, open_name, -+ -+ open_func = snd_dlobj_cache_get(lib, open_name, - SND_DLSYM_VERSION(SND_PCM_DLSYM_VERSION), 1); -+ } -+ - if (open_func) { - err = open_func(pcmp, name, pcm_root, pcm_conf, stream, mode); - if (err >= 0) { diff --git a/pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix deleted file mode 100644 index f0eb3490607..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ lib -, stdenv -, fetchurl -, alsa-topology-conf -, alsa-ucm-conf -, testers -}: - -stdenv.mkDerivation (finalAttrs: { - pname = "alsa-lib"; - version = "1.2.9"; - - src = fetchurl { - url = "mirror://alsa/lib/${finalAttrs.pname}-${finalAttrs.version}.tar.bz2"; - hash = "sha256-3JxkP9xMz9BXLMaFhY3UHgivtYPzBGCzF+QYgnX2FbI="; - }; - - patches = [ - # Add a "libs" field to the syntax recognized in the /etc/asound.conf file. - # The nixos modules for pulseaudio, jack, and pipewire are leveraging this - # "libs" field to declare locations for both native and 32bit plugins, in - # order to support apps with 32bit sound running on x86_64 architecture. - ./alsa-plugin-conf-multilib.patch - ]; - - enableParallelBuilding = true; - - postInstall = '' - ln -s ${alsa-ucm-conf}/share/alsa/{ucm,ucm2} $out/share/alsa - ln -s ${alsa-topology-conf}/share/alsa/topology $out/share/alsa - ''; - - outputs = [ "out" "dev" ]; - - passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; - - meta = with lib; { - homepage = "http://www.alsa-project.org/"; - description = "ALSA, the Advanced Linux Sound Architecture libraries"; - - longDescription = '' - The Advanced Linux Sound Architecture (ALSA) provides audio and - MIDI functionality to the Linux-based operating system. - ''; - - license = licenses.lgpl21Plus; - pkgConfigModules = [ "alsa" "alsa-topology" ]; - platforms = platforms.linux; - maintainers = with maintainers; [ l-as ]; - }; -}) diff --git a/pkgs/os-specific/linux/alsa-project/alsa-oss/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-oss/default.nix deleted file mode 100644 index f600b52c5f3..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-oss/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{lib, stdenv, fetchurl, alsa-lib, gettext, ncurses, libsamplerate}: - -stdenv.mkDerivation rec { - pname = "alsa-oss"; - version = "1.1.8"; - - src = fetchurl { - url = "mirror://alsa/oss-lib/${pname}-${version}.tar.bz2"; - sha256 = "13nn6n6wpr2sj1hyqx4r9nb9bwxnhnzw8r2f08p8v13yjbswxbb4"; - }; - - buildInputs = [ alsa-lib ncurses libsamplerate ]; - nativeBuildInputs = [ gettext ]; - - configureFlags = [ "--disable-xmlto" ]; - - installFlags = [ "ASOUND_STATE_DIR=$(TMPDIR)/dummy" ]; - - meta = with lib; { - homepage = "http://www.alsa-project.org/"; - description = "ALSA, the Advanced Linux Sound Architecture alsa-oss emulation"; - - longDescription = '' - The Advanced Linux Sound Architecture (ALSA) provides audio and - MIDI functionality to the Linux-based operating system. - ''; - - license = licenses.gpl2; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix deleted file mode 100644 index ababb767955..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ stdenv, fetchurl, lib, pkg-config, alsa-lib, libogg, libpulseaudio ? null, libjack2 ? null }: - -stdenv.mkDerivation rec { - pname = "alsa-plugins"; - version = "1.2.7.1"; - - src = fetchurl { - url = "mirror://alsa/plugins/${pname}-${version}.tar.bz2"; - hash = "sha256-jDN4FJVLt8FnRWczpgRhQqKTHxLsy6PsKkrmGKNDJRE="; - }; - - nativeBuildInputs = [ pkg-config ]; - - # ToDo: a52, etc.? - buildInputs = - [ alsa-lib libogg ] - ++ lib.optional (libpulseaudio != null) libpulseaudio - ++ lib.optional (libjack2 != null) libjack2; - - meta = with lib; { - description = "Various plugins for ALSA"; - homepage = "http://alsa-project.org/"; - license = licenses.lgpl21; - maintainers = [ maintainers.marcweber ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/alsa-project/alsa-plugins/wrapper.nix b/pkgs/os-specific/linux/alsa-project/alsa-plugins/wrapper.nix deleted file mode 100644 index 992f4886e26..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-plugins/wrapper.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ stdenv -, alsa-plugins -, writeShellScriptBin -}: -let - arch = if stdenv.hostPlatform.system == "i686-linux" then "32" else "64"; -in -writeShellScriptBin "ap${arch}" '' - ALSA_PLUGIN_DIRS=${alsa-plugins}/lib/alsa-lib "$@" -'' diff --git a/pkgs/os-specific/linux/alsa-project/alsa-tools/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-tools/default.nix deleted file mode 100644 index 10f7f2e64d0..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-tools/default.nix +++ /dev/null @@ -1,101 +0,0 @@ -{ lib -, stdenv -, fetchurl -, alsa-lib -, fltk13 -, gtk2 -, gtk3 -, pkg-config -}: - -stdenv.mkDerivation (finalAttrs: { - pname = "alsa-tools"; - version = "1.2.5"; - - src = fetchurl { - url = "mirror://alsa/tools/alsa-tools-${finalAttrs.version}.tar.bz2"; - hash = "sha256-NacQJ6AfTX3kci4iNSDpQN5os8VwtsZxaRVnrij5iT4="; - }; - - nativeBuildInputs = [ - pkg-config - ]; - - buildInputs = [ - alsa-lib - fltk13 - gtk2 - gtk3 - ]; - - env.TOOLSET = lib.concatStringsSep " " [ - "as10k1" - "echomixer" - "envy24control" - "hda-verb" - "hdajackretask" - "hdajacksensetest" - "hdspconf" - "hdsploader" - "hdspmixer" - # "hwmixvolume" # Requires old, unmaintained, abandoned EOL Python 2 - "ld10k1" - # "qlo10k1" # needs Qt - "mixartloader" - "pcxhrloader" - "rmedigicontrol" - "sb16_csp" - # "seq" # mysterious configure error - "sscape_ctl" - "us428control" - # "usx2yloader" # tries to create /etc/hotplug/usb - "vxloader" - ]; - - configurePhase = '' - runHook preConfigure - - for tool in $TOOLSET; do - echo "Configuring $tool:" - pushd "$tool" - ./configure --prefix="$out" - popd - done - - runHook postConfigure - ''; - - buildPhase = '' - runHook preBuild - - for tool in $TOOLSET; do - echo "Building $tool:" - pushd "$tool" - make - popd - done - - runHook postBuild - ''; - - installPhase = '' - runHook preInstall - - for tool in $TOOLSET; do - echo "Installing $tool:" - pushd "$tool" - make install - popd - done - - runHook postInstall - ''; - - meta = { - homepage = "http://www.alsa-project.org/"; - description = "ALSA Tools"; - license = lib.licenses.gpl2Plus; - maintainers = [ lib.maintainers.AndersonTorres ]; - platforms = lib.platforms.linux; - }; -}) diff --git a/pkgs/os-specific/linux/alsa-project/alsa-topology-conf/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-topology-conf/default.nix deleted file mode 100644 index e0dfc879fbc..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-topology-conf/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ lib, stdenv, fetchurl }: - -stdenv.mkDerivation rec { - name = "alsa-topology-conf-${version}"; - version = "1.2.5.1"; - - src = fetchurl { - url = "mirror://alsa/lib/${name}.tar.bz2"; - sha256 = "sha256-98W64VRavNc4JLyX9OcsNA4Rq+oYi6DxwG9eCtd2sXk="; - }; - - dontBuild = true; - - installPhase = '' - runHook preInstall - - mkdir -p $out/share/alsa - cp -r topology $out/share/alsa - - runHook postInstall - ''; - - meta = with lib; { - homepage = "https://www.alsa-project.org/"; - description = "ALSA topology configuration files"; - - longDescription = '' - The Advanced Linux Sound Architecture (ALSA) provides audio and - MIDI functionality to the Linux-based operating system. - ''; - - license = licenses.bsd3; - maintainers = [ maintainers.roastiek ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix deleted file mode 100644 index 75ec2932c89..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ lib, stdenv, fetchurl }: - -stdenv.mkDerivation rec { - pname = "alsa-ucm-conf"; - version = "1.2.9"; - - src = fetchurl { - url = "mirror://alsa/lib/${pname}-${version}.tar.bz2"; - hash = "sha256-N09oM7/XfQpGdeSqK/t53v6FDlpGpdRUKkWWL0ueJyo="; - }; - - dontBuild = true; - - installPhase = '' - runHook preInstall - - mkdir -p $out/share/alsa - cp -r ucm ucm2 $out/share/alsa - - runHook postInstall - ''; - - meta = with lib; { - homepage = "https://www.alsa-project.org/"; - description = "ALSA Use Case Manager configuration"; - - longDescription = '' - The Advanced Linux Sound Architecture (ALSA) provides audio and - MIDI functionality to the Linux-based operating system. - ''; - - license = licenses.bsd3; - maintainers = [ maintainers.roastiek ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/alsa-project/alsa-utils/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-utils/default.nix deleted file mode 100644 index 07705f568a1..00000000000 --- a/pkgs/os-specific/linux/alsa-project/alsa-utils/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{lib, stdenv, fetchurl, alsa-lib, gettext, makeWrapper, ncurses, libsamplerate, pciutils, which, fftw}: - -stdenv.mkDerivation rec { - pname = "alsa-utils"; - version = "1.2.9"; - - src = fetchurl { - url = "mirror://alsa/utils/${pname}-${version}.tar.bz2"; - sha256 = "sha256-52I9RSVZX5LhHOJe6al/IEChTG5NzQJ6qW4Gy854F70="; - }; - - nativeBuildInputs = [ gettext makeWrapper ]; - buildInputs = [ alsa-lib ncurses libsamplerate fftw ]; - - configureFlags = [ "--disable-xmlto" "--with-udev-rules-dir=$(out)/lib/udev/rules.d" ]; - - installFlags = [ "ASOUND_STATE_DIR=$(TMPDIR)/dummy" ]; - - postFixup = '' - mv $out/bin/alsa-info.sh $out/bin/alsa-info - wrapProgram $out/bin/alsa-info --prefix PATH : "${lib.makeBinPath [ which pciutils ]}" - ''; - - meta = with lib; { - homepage = "http://www.alsa-project.org/"; - description = "ALSA, the Advanced Linux Sound Architecture utils"; - longDescription = '' - The Advanced Linux Sound Architecture (ALSA) provides audio and - MIDI functionality to the Linux-based operating system. - ''; - - license = licenses.gpl2; - platforms = platforms.linux; - maintainers = [ maintainers.AndersonTorres ]; - }; -} diff --git a/pkgs/os-specific/linux/alsa-project/default.nix b/pkgs/os-specific/linux/alsa-project/default.nix deleted file mode 100644 index 15077cc8d77..00000000000 --- a/pkgs/os-specific/linux/alsa-project/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ lib, pkgs }: - -lib.makeScope pkgs.newScope (self: { - alsa-firmware = self.callPackage ./alsa-firmware { }; - alsa-lib = self.callPackage ./alsa-lib { }; - alsa-oss = self.callPackage ./alsa-oss { }; - alsa-plugins = self.callPackage ./alsa-plugins { }; - alsa-plugins-wrapper = self.callPackage ./alsa-plugins/wrapper.nix { }; - alsa-tools = self.callPackage ./alsa-tools { }; - alsa-topology-conf = self.callPackage ./alsa-topology-conf { }; - alsa-ucm-conf = self.callPackage ./alsa-ucm-conf { }; - alsa-utils = self.callPackage ./alsa-utils { fftw = pkgs.fftwFloat; }; -}) diff --git a/pkgs/os-specific/linux/android-udev-rules/default.nix b/pkgs/os-specific/linux/android-udev-rules/default.nix index e74ef773915..07cdbf6bdce 100644 --- a/pkgs/os-specific/linux/android-udev-rules/default.nix +++ b/pkgs/os-specific/linux/android-udev-rules/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "android-udev-rules"; - version = "20230614"; + version = "20231030"; src = fetchFromGitHub { owner = "M0Rf30"; repo = "android-udev-rules"; rev = version; - sha256 = "sha256-TLQHZYcnO7VzIHH+aCj78plTwK5RrcsU/OfNXApAvdM="; + sha256 = "sha256-+h0FwvfIoluhldOi6cgVDvmNWe1Lvj1SV3pL8Zh+gRM="; }; installPhase = '' diff --git a/pkgs/os-specific/linux/apfs/default.nix b/pkgs/os-specific/linux/apfs/default.nix index dc46c790c3a..98487799aa8 100644 --- a/pkgs/os-specific/linux/apfs/default.nix +++ b/pkgs/os-specific/linux/apfs/default.nix @@ -6,7 +6,7 @@ }: let - tag = "0.3.4"; + tag = "0.3.5"; in stdenv.mkDerivation { pname = "apfs"; @@ -16,7 +16,7 @@ stdenv.mkDerivation { owner = "linux-apfs"; repo = "linux-apfs-rw"; rev = "v${tag}"; - hash = "sha256-EeVOrZtmKi5VfPerW9IntjRvdU3AbFPHG+pyAI4ciGk="; + hash = "sha256-rKz9a4Z+tx63rhknQIl/zu/WIMjxxM0+NGyaxnzxLk4="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/autosuspend/default.nix b/pkgs/os-specific/linux/autosuspend/default.nix index e0a4b9a0860..fc2b2f0c4e3 100644 --- a/pkgs/os-specific/linux/autosuspend/default.nix +++ b/pkgs/os-specific/linux/autosuspend/default.nix @@ -3,15 +3,31 @@ , python3 }: -python3.pkgs.buildPythonApplication rec { +let + python = python3.override { + packageOverrides = self: super: { + # autosuspend is incompatible with tzlocal v5 + # See https://github.com/regebro/tzlocal#api-change + tzlocal = super.tzlocal.overridePythonAttrs (prev: { + src = prev.src.override { + version = "4.3.1"; + hash = "sha256-7jLvjCCAPBmpbtNmrd09SnKe9jCctcc1mgzC7ut/pGo="; + }; + }); + }; + }; +in +python.pkgs.buildPythonApplication rec { pname = "autosuspend"; - version = "4.3.0"; + version = "6.0.0"; + + disabled = python3.pythonOlder "3.8"; src = fetchFromGitHub { owner = "languitar"; repo = pname; rev = "refs/tags/v${version}"; - sha256 = "sha256-gS8NNks4GaIGl7cEqWSP53I4/tIV4LypkmZ5vNOjspY="; + hash = "sha256-gS8NNks4GaIGl7cEqWSP53I4/tIV4LypkmZ5vNOjspY="; }; postPatch = '' @@ -19,27 +35,28 @@ python3.pkgs.buildPythonApplication rec { --replace '--cov-config=setup.cfg' "" ''; - propagatedBuildInputs = with python3.pkgs; [ + propagatedBuildInputs = with python.pkgs; [ + dbus-python + icalendar + jsonpath-ng + lxml + mpd2 portalocker psutil - dbus-python - ]; - - nativeCheckInputs = with python3.pkgs; [ - pytestCheckHook - python-dbusmock - pytest-httpserver - dateutils - freezegun - pytest-mock + python-dateutil + pytz requests requests-file - icalendar tzlocal - jsonpath-ng - mpd2 - lxml + ]; + + nativeCheckInputs = with python.pkgs; [ + freezegun pytest-datadir + pytest-httpserver + pytest-mock + pytestCheckHook + python-dbusmock ]; # Disable tests that need root @@ -50,11 +67,13 @@ python3.pkgs.buildPythonApplication rec { doCheck = true; - meta = with lib ; { + meta = with lib; { description = "A daemon to automatically suspend and wake up a system"; homepage = "https://autosuspend.readthedocs.io"; + changelog = "https://github.com/languitar/autosuspend/releases/tag/v${version}"; license = licenses.gpl2Only; - maintainers = [ maintainers.bzizou ]; + maintainers = with maintainers; [ bzizou anthonyroussel ]; + mainProgram = "autosuspend"; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/batman-adv/version.nix b/pkgs/os-specific/linux/batman-adv/version.nix index e1c026fb533..53a255fc215 100644 --- a/pkgs/os-specific/linux/batman-adv/version.nix +++ b/pkgs/os-specific/linux/batman-adv/version.nix @@ -1,9 +1,9 @@ { - version = "2023.1"; + version = "2023.2"; sha256 = { - batman-adv = "sha256-9GpyhmYKXsNQahvn72C0ccUaxwVQWX1ZgEBHmre5Nrg="; - alfred = "sha256-Q4BIJI83N1fTqL3ny8bbZoX00BBdEw2i9aVPKQkMaXQ="; - batctl = "sha256-5b9HMF2VWrsZkkS9Dl//q5YQixr/q9DZcFUz+AWTlfE="; + batman-adv = "sha256-OQfc1X4sW/2dQHE5YLlAK/HaT4DFm1/wN3ifu7vY+iU="; + alfred = "sha256-qSBgKFZPieW/t3FK4piDoWEPYr4+YcCW4f6zYgBxjg4="; + batctl = "sha256-cLX5MfpjYyVpe9829tE0oDxJBvTBfLdlCjxxSQFDbsg="; }; } diff --git a/pkgs/os-specific/linux/bionic-prebuilt/default.nix b/pkgs/os-specific/linux/bionic-prebuilt/default.nix index da5011e6737..3ce10735f1d 100644 --- a/pkgs/os-specific/linux/bionic-prebuilt/default.nix +++ b/pkgs/os-specific/linux/bionic-prebuilt/default.nix @@ -5,7 +5,7 @@ let choosePlatform = - let pname = stdenv.targetPlatform.parsed.cpu.name; in + let pname = stdenv.hostPlatform.parsed.cpu.name; in pset: pset.${pname} or (throw "bionic-prebuilt: unsupported platform ${pname}"); prebuilt_crt = choosePlatform { @@ -66,7 +66,7 @@ in stdenvNoCC.mkDerivation rec { pname = "bionic-prebuilt"; version = "ndk-release-r23"; - name = "${stdenv.targetPlatform.parsed.cpu.name}-${pname}-${version}"; + name = "${stdenv.hostPlatform.parsed.cpu.name}-${pname}-${version}"; src = fetchzip { url = "https://android.googlesource.com/platform/bionic/+archive/00e8ce1142d8823b0d2fc8a98b40119b0f1f02cd.tar.gz"; diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index acb484ba6b6..c6c7d9d0f50 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -23,11 +23,11 @@ ]; in stdenv.mkDerivation rec { pname = "bluez"; - version = "5.66"; + version = "5.70"; src = fetchurl { url = "mirror://kernel/linux/bluetooth/${pname}-${version}.tar.xz"; - sha256 = "sha256-Of6mS1kMlJKYSgwnqJ/CA+HNx0hmCG77j0aYZ3qytXQ="; + sha256 = "sha256-N+Ny6RaVXhRMuIL4iOS+QImPEK47fCE93N1V7pwAkng="; }; patches = [ diff --git a/pkgs/os-specific/linux/bolt/default.nix b/pkgs/os-specific/linux/bolt/default.nix index 2765b6647a7..df618cbff5a 100644 --- a/pkgs/os-specific/linux/bolt/default.nix +++ b/pkgs/os-specific/linux/bolt/default.nix @@ -21,14 +21,14 @@ stdenv.mkDerivation rec { pname = "bolt"; - version = "0.9.5"; + version = "0.9.6"; src = fetchFromGitLab { domain = "gitlab.freedesktop.org"; owner = "bolt"; repo = "bolt"; rev = version; - sha256 = "sha256-j1UO8lkVoS56hwPQXH8aIr1UegM6PdtaBXKZn50GP60="; + sha256 = "sha256-sJBY/pXUX5InLynsvAmapW54UF/WGn9eDlluWXjhubQ="; }; patches = [ @@ -76,7 +76,7 @@ stdenv.mkDerivation rec { dbus gobject-introspection umockdev - (python3.pythonForBuild.withPackages + (python3.pythonOnBuildForHost.withPackages (p: [ p.pygobject3 p.dbus-python p.python-dbusmock ])) ]; diff --git a/pkgs/os-specific/linux/bpftrace/default.nix b/pkgs/os-specific/linux/bpftrace/default.nix index e1fcf832f31..ecb34c373b7 100644 --- a/pkgs/os-specific/linux/bpftrace/default.nix +++ b/pkgs/os-specific/linux/bpftrace/default.nix @@ -9,13 +9,13 @@ stdenv.mkDerivation rec { pname = "bpftrace"; - version = "0.19.0"; + version = "0.19.1"; src = fetchFromGitHub { owner = "iovisor"; repo = "bpftrace"; rev = "v${version}"; - hash = "sha256-+aU27mxK4R0SHSsdGQzv02fK0L/m9uCIv7AkLyLSGQY="; + hash = "sha256-JyMogqyntSm2IDXzsOIjcUkf2YwG2oXKpqPpdx/eMNI="; }; diff --git a/pkgs/os-specific/linux/ch9344/default.nix b/pkgs/os-specific/linux/ch9344/default.nix index 8f258d227bb..e7da864b90c 100644 --- a/pkgs/os-specific/linux/ch9344/default.nix +++ b/pkgs/os-specific/linux/ch9344/default.nix @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - homepage = "http://www.wch-ic.com/"; + homepage = "https://www.wch-ic.com/"; downloadPage = "https://www.wch.cn/downloads/CH9344SER_LINUX_ZIP.html"; description = "WCH CH9344/CH348 UART driver"; longDescription = '' diff --git a/pkgs/os-specific/linux/checksec/0002-don-t-sanatize-the-environment.patch b/pkgs/os-specific/linux/checksec/0002-don-t-sanatize-the-environment.patch new file mode 100644 index 00000000000..bd639574f63 --- /dev/null +++ b/pkgs/os-specific/linux/checksec/0002-don-t-sanatize-the-environment.patch @@ -0,0 +1,25 @@ +From 3b047ab4271919856ae0a3dee3a03a24045c0016 Mon Sep 17 00:00:00 2001 +From: Paul Meyer <49727155+katexochen@users.noreply.github.com> +Date: Mon, 13 Nov 2023 20:24:54 +0000 +Subject: [PATCH] don't sanatize the environment + +--- + checksec | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/checksec b/checksec +index 4fc3c31..135223a 100755 +--- a/checksec ++++ b/checksec +@@ -2,9 +2,6 @@ + # Do not edit this file directly, this file is generated from the files + # in the src directory. Any updates to this file will be overwritten when generated + +-# sanitize the environment before run +-[[ "$(env | /bin/sed -r -e '/^(PWD|SHLVL|_)=/d')" ]] && exec -c "$0" "$@" +- + # --- Modified Version --- + # Name : checksec.sh + # Version : 1.7.0 +-- +2.42.0 diff --git a/pkgs/os-specific/linux/checksec/default.nix b/pkgs/os-specific/linux/checksec/default.nix index 1bdd4cf5f67..07574722cd2 100644 --- a/pkgs/os-specific/linux/checksec/default.nix +++ b/pkgs/os-specific/linux/checksec/default.nix @@ -1,14 +1,30 @@ { lib , stdenv +, fetchpatch , fetchFromGitHub , makeWrapper +, testers +, runCommand + + # dependencies +, binutils +, coreutils +, curl +, elfutils , file , findutils -, binutils-unwrapped +, gawk , glibc -, coreutils -, sysctl +, gnugrep +, gnused , openssl +, procps +, sysctl +, wget +, which + + # tests +, checksec }: stdenv.mkDerivation rec { @@ -24,6 +40,13 @@ stdenv.mkDerivation rec { patches = [ ./0001-attempt-to-modprobe-config-before-checking-kernel.patch + # Tool would sanitize the environment, removing the PATH set by our wrapper. + ./0002-don-t-sanatize-the-environment.patch + # Fix the exit code of debug_report command. Check if PR 226 was merged when upgrading version. + (fetchpatch { + url = "https://github.com/slimm609/checksec.sh/commit/851ebff6972f122fde5507f1883e268bbff1f23d.patch"; + hash = "sha256-DOcVF+oPGIR9VSbqE+EqWlcNANEvou1gV8qBvJLGLBE="; + }) ]; nativeBuildInputs = [ @@ -33,22 +56,45 @@ stdenv.mkDerivation rec { installPhase = let path = lib.makeBinPath [ - findutils + binutils + coreutils + curl + elfutils file - binutils-unwrapped - sysctl + findutils + gawk + gnugrep + gnused openssl + procps + sysctl + wget + which ]; in '' mkdir -p $out/bin install checksec $out/bin - substituteInPlace $out/bin/checksec --replace /lib/libc.so.6 ${glibc.out}/lib/libc.so.6 - substituteInPlace $out/bin/checksec --replace "/usr/bin/id -" "${coreutils}/bin/id -" + substituteInPlace $out/bin/checksec \ + --replace "/bin/sed" "${gnused}/bin/sed" \ + --replace "/usr/bin/id" "${coreutils}/bin/id" \ + --replace "/lib/libc.so.6" "${glibc}/lib/libc.so.6" wrapProgram $out/bin/checksec \ --prefix PATH : ${path} ''; + passthru.tests = { + version = testers.testVersion { + package = checksec; + version = "v${version}"; + }; + debug-report = runCommand "debug-report" { buildInputs = [ checksec ]; } '' + checksec --debug_report || exit 1 + echo "OK" + touch $out + ''; + }; + meta = with lib; { description = "Tool for checking security bits on executables"; homepage = "https://www.trapkit.de/tools/checksec/"; diff --git a/pkgs/os-specific/linux/conky/default.nix b/pkgs/os-specific/linux/conky/default.nix index 39425f265e9..ab55839c340 100644 --- a/pkgs/os-specific/linux/conky/default.nix +++ b/pkgs/os-specific/linux/conky/default.nix @@ -67,13 +67,13 @@ with lib; stdenv.mkDerivation rec { pname = "conky"; - version = "1.19.4"; + version = "1.19.6"; src = fetchFromGitHub { owner = "brndnmtthws"; repo = "conky"; rev = "v${version}"; - hash = "sha256-XptnokBWtBx0W2k2C9jVwIYH8pOrDUbuQLvh8JrW/w8="; + hash = "sha256-L8YSbdk+qQl17L4IRajFD/AEWRXb2w7xH9sM9qPGrQo="; }; postPatch = '' diff --git a/pkgs/os-specific/linux/conntrack-tools/default.nix b/pkgs/os-specific/linux/conntrack-tools/default.nix index 18a0b997227..42741fae5b6 100644 --- a/pkgs/os-specific/linux/conntrack-tools/default.nix +++ b/pkgs/os-specific/linux/conntrack-tools/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "conntrack-tools"; - version = "1.4.7"; + version = "1.4.8"; src = fetchurl { - url = "https://www.netfilter.org/projects/conntrack-tools/files/${pname}-${version}.tar.bz2"; - sha256 = "sha256-CZ3rz1foFpDO1X9Ra0k1iKc1GPSMFNZW+COym0/CS10="; + url = "https://www.netfilter.org/projects/conntrack-tools/files/${pname}-${version}.tar.xz"; + hash = "sha256-BnZ39MX2VkgZ547TqdSomAk16pJz86uyKkIOowq13tY="; }; buildInputs = [ diff --git a/pkgs/os-specific/linux/cpufrequtils/default.nix b/pkgs/os-specific/linux/cpufrequtils/default.nix index d64996c4961..f62d8463714 100644 --- a/pkgs/os-specific/linux/cpufrequtils/default.nix +++ b/pkgs/os-specific/linux/cpufrequtils/default.nix @@ -6,7 +6,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "http://ftp.be.debian.org/pub/linux/utils/kernel/cpufreq/cpufrequtils-${version}.tar.gz"; - sha256 = "127i38d4w1hv2dzdy756gmbhq25q3k34nqb2s0xlhsfhhdqs0lq0"; + hash = "sha256-AFOgcYPQaUg70GJhS8YcuAgMV32mHN9+ExsGThoa8Yg="; }; patches = [ @@ -27,5 +27,6 @@ stdenv.mkDerivation rec { homepage = "http://ftp.be.debian.org/pub/linux/utils/kernel/cpufreq/cpufrequtils.html"; license = licenses.gpl2Only; platforms = [ "x86_64-linux" ]; + mainProgram = "cpufreq-set"; }; } diff --git a/pkgs/os-specific/linux/criu/default.nix b/pkgs/os-specific/linux/criu/default.nix index 7940ce060e4..00d46591c13 100644 --- a/pkgs/os-specific/linux/criu/default.nix +++ b/pkgs/os-specific/linux/criu/default.nix @@ -88,9 +88,9 @@ stdenv.mkDerivation rec { "PREFIX=$(out)" "ASCIIDOC=${buildPackages.asciidoc}/bin/asciidoc" "XMLTO=${buildPackages.xmlto}/bin/xmlto" - ] ++ (lib.optionals (stdenv.buildPlatform != stdenv.targetPlatform) [ - "ARCH=${linuxArchMapping."${stdenv.targetPlatform.linuxArch}"}" - "CROSS_COMPILE=${stdenv.targetPlatform.config}-" + ] ++ (lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + "ARCH=${linuxArchMapping."${stdenv.hostPlatform.linuxArch}"}" + "CROSS_COMPILE=${stdenv.hostPlatform.config}-" ]); outputs = [ "out" "dev" "man" ]; diff --git a/pkgs/os-specific/linux/cryptodev/default.nix b/pkgs/os-specific/linux/cryptodev/default.nix index 296e4b79b3e..cacef99afd7 100644 --- a/pkgs/os-specific/linux/cryptodev/default.nix +++ b/pkgs/os-specific/linux/cryptodev/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { meta = { description = "Device that allows access to Linux kernel cryptographic drivers"; homepage = "http://cryptodev-linux.org/"; - maintainers = with lib.maintainers; [ fortuneteller2k ]; + maintainers = with lib.maintainers; [ moni ]; license = lib.licenses.gpl2Plus; platforms = lib.platforms.linux; }; diff --git a/pkgs/os-specific/linux/dcgm/default.nix b/pkgs/os-specific/linux/dcgm/default.nix index 32842a8eea0..f3ebdf1427e 100644 --- a/pkgs/os-specific/linux/dcgm/default.nix +++ b/pkgs/os-specific/linux/dcgm/default.nix @@ -1,8 +1,6 @@ { lib -, callPackage , gcc11Stdenv , fetchFromGitHub -, addOpenGLRunpath , catch2 , cmake , cudaPackages_10_2 @@ -87,13 +85,13 @@ let # C.f. https://github.com/NVIDIA/DCGM/blob/7e1012302679e4bb7496483b32dcffb56e528c92/dcgmbuild/build.sh#L22 in gcc11Stdenv.mkDerivation rec { pname = "dcgm"; - version = "3.1.8"; + version = "3.2.5"; # N.B: If you change this, be sure prometheus-dcgm-exporter supports this version. src = fetchFromGitHub { owner = "NVIDIA"; repo = "DCGM"; rev = "refs/tags/v${version}"; - hash = "sha256-OXqXkP2ZUNPzafGIgJ0MKa39xB84keVFFYl+JsHgnks="; + hash = "sha256-iMyYOr3dSpdRV2S/TlB/tEOAWYhK09373ZRbd5vzogQ="; }; # Add our paths to the CUDA paths so FindCuda.cmake can find them. diff --git a/pkgs/os-specific/linux/device-tree/default.nix b/pkgs/os-specific/linux/device-tree/default.nix index fb8e92f2330..1a50d799b4b 100644 --- a/pkgs/os-specific/linux/device-tree/default.nix +++ b/pkgs/os-specific/linux/device-tree/default.nix @@ -1,6 +1,29 @@ -{ lib, stdenvNoCC, dtc }: +{ lib, stdenv, stdenvNoCC, dtc }: with lib; { + # Compile single Device Tree overlay source + # file (.dts) into its compiled variant (.dtb) + compileDTS = ({ + name, + dtsFile, + includePaths ? [], + extraPreprocessorFlags ? [] + }: stdenv.mkDerivation { + inherit name; + + nativeBuildInputs = [ dtc ]; + + buildCommand = + let + includeFlagsStr = lib.concatMapStringsSep " " (includePath: "-I${includePath}") includePaths; + extraPreprocessorFlagsStr = lib.concatStringsSep " " extraPreprocessorFlags; + in + '' + $CC -E -nostdinc ${includeFlagsStr} -undef -D__DTS__ -x assembler-with-cpp ${extraPreprocessorFlagsStr} ${dtsFile} | \ + dtc -I dts -O dtb -@ -o $out + ''; + }); + applyOverlays = (base: overlays': stdenvNoCC.mkDerivation { name = "device-tree-overlays"; nativeBuildInputs = [ dtc ]; diff --git a/pkgs/os-specific/linux/displaylink/default.nix b/pkgs/os-specific/linux/displaylink/default.nix index 463795936e7..e71062e8ac4 100644 --- a/pkgs/os-specific/linux/displaylink/default.nix +++ b/pkgs/os-specific/linux/displaylink/default.nix @@ -12,11 +12,11 @@ }: let - arch = - if stdenv.hostPlatform.system == "x86_64-linux" then "x64" - else if stdenv.hostPlatform.system == "i686-linux" then "x86" + bins = + if stdenv.hostPlatform.system == "x86_64-linux" then "x64-ubuntu-1604" + else if stdenv.hostPlatform.system == "i686-linux" then "x86-ubuntu-1604" + else if stdenv.hostPlatform.system == "aarch64-linux" then "aarch64-linux-gnu" else throw "Unsupported architecture"; - bins = "${arch}-ubuntu-1604"; libPath = lib.makeLibraryPath [ stdenv.cc.cc util-linux libusb1 evdi ]; in @@ -80,7 +80,7 @@ stdenv.mkDerivation rec { homepage = "https://www.displaylink.com/"; license = licenses.unfree; maintainers = with maintainers; [ abbradar ]; - platforms = [ "x86_64-linux" "i686-linux" ]; + platforms = [ "x86_64-linux" "i686-linux" "aarch64-linux" ]; hydraPlatforms = []; sourceProvenance = with sourceTypes; [ binaryNativeCode ]; }; diff --git a/pkgs/os-specific/linux/dpdk/default.nix b/pkgs/os-specific/linux/dpdk/default.nix index 78acb45bb3c..c92f40e3935 100644 --- a/pkgs/os-specific/linux/dpdk/default.nix +++ b/pkgs/os-specific/linux/dpdk/default.nix @@ -15,14 +15,14 @@ let mod = kernel != null; - dpdkVersion = "22.11.1"; -in stdenv.mkDerivation rec { + dpdkVersion = "23.07"; +in stdenv.mkDerivation { pname = "dpdk"; version = "${dpdkVersion}" + lib.optionalString mod "-${kernel.version}"; src = fetchurl { url = "https://fast.dpdk.org/rel/dpdk-${dpdkVersion}.tar.xz"; - sha256 = "sha256-3gdkZfcXSg1ScUuQcuSDenJrqsgtj+fcZEytXIz3TUw="; + sha256 = "sha256-4IYU6K65KUB9c9cWmZKJpE70A0NSJx8JOX7vkysjs9Y="; }; nativeBuildInputs = [ @@ -68,7 +68,7 @@ in stdenv.mkDerivation rec { ] # kni kernel driver is currently not compatble with 5.11 ++ lib.optional (mod && kernel.kernelOlder "5.11") "-Ddisable_drivers=kni" - ++ lib.optional (!shared) "-Ddefault_library=static" + ++ [(if shared then "-Ddefault_library=shared" else "-Ddefault_library=static")] ++ lib.optional (machine != null) "-Dmachine=${machine}" ++ lib.optional mod "-Dkernel_dir=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ++ lib.optional (withExamples != []) "-Dexamples=${builtins.concatStringsSep "," withExamples}"; diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix index 230f73ef416..789a59f751f 100644 --- a/pkgs/os-specific/linux/ell/default.nix +++ b/pkgs/os-specific/linux/ell/default.nix @@ -3,18 +3,20 @@ , autoreconfHook , pkg-config , dbus +, sysctl +, gitUpdater }: stdenv.mkDerivation rec { pname = "ell"; - version = "0.57"; + version = "0.59"; outputs = [ "out" "dev" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - sha256 = "sha256-9d9WMCByQ1TKWpzWe5msts1LG+BKKqwCgaMBbD74/+4="; + hash = "sha256-uJcGYT+JSdz/XTyJb/VUyedmSKJW/4BbTM3fw3ebtIc="; }; nativeBuildInputs = [ @@ -24,6 +26,8 @@ stdenv.mkDerivation rec { nativeCheckInputs = [ dbus + # required as the sysctl test works on some machines + sysctl ]; enableParallelBuilding = true; @@ -31,6 +35,12 @@ stdenv.mkDerivation rec { # tests sporadically fail on musl doCheck = !stdenv.hostPlatform.isMusl; + passthru = { + updateScript = gitUpdater { + url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; + }; + }; + meta = with lib; { homepage = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; description = "Embedded Linux Library"; diff --git a/pkgs/os-specific/linux/esdm/default.nix b/pkgs/os-specific/linux/esdm/default.nix index 42e20981872..150e3b95b4f 100644 --- a/pkgs/os-specific/linux/esdm/default.nix +++ b/pkgs/os-specific/linux/esdm/default.nix @@ -9,67 +9,109 @@ , ninja , libselinux , jitterentropy - # A more detailed explaination of the following meson build options can be found - # in the source code of esdm. - # A brief explanation is given: +, botan3 +, openssl +, libkcapi + +# A more detailed explaination of the following meson build options can be found +# in the source code of esdm. +# A brief explanation is given. + +# general options , selinux ? false # enable selinux support , drngHashDrbg ? true # set the default drng callback , drngChaCha20 ? false # set the default drng callback , ais2031 ? false # set the seeding strategy to be compliant with AIS 20/31 +, sp80090c ? false # set compliance with NIST SP800-90C +, cryptoBackend ? "botan" # set backend for hash and drbg operations , linuxDevFiles ? true # enable linux /dev/random and /dev/urandom support , linuxGetRandom ? true # enable linux getrandom support -, esJitterRng ? true # enable support for the entropy source: jitter rng +, hashSha512 ? false # set the conditioning hash: SHA2-512 +, hashSha3_512 ? true # set the conditioning hash: SHA3-512 +, openSSLRandProvider ? true # build ESDM provider for OpenSSL 3.x +, botanRng ? true # build ESDM class for Botan 3.x + +# client-related options (handle with care, consult source code and meson options) +# leave as is if in doubt +, connectTimeoutExponent ? 28 # (1 << EXPONENT nanoseconds) +, rxTxTimeoutExponent ? 28 # (1 << EXPONENT nanoseconds) +, reconnectAttempts ? 10 # how often to attempt unix socket connection before giving up + +# entropy sources +, esJitterRng ? true # enable support for the entropy source: jitter rng (running in user space) +, esJitterRngEntropyRate ? 256 # amount of entropy to account for jitter rng source +, esJitterRngKernel ? true # enable support for the entropy source: jitter rng (running in kernel space) +, esJitterRngKernelEntropyRate ? 256 # amount of entropy to account for kernel jitter rng source , esCPU ? true # enable support for the entropy source: cpu-based entropy +, esCPUEntropyRate ? 8 # amount of entropy to account for cpu rng source , esKernel ? true # enable support for the entropy source: kernel-based entropy +, esKernelEntropyRate ? 128 # amount of entropy to account for kernel-based source , esIRQ ? false # enable support for the entropy source: interrupt-based entropy +, esIRQEntropyRate ? 256 # amount of entropy to account for interrupt-based source (only set irq XOR sched != 0) , esSched ? false # enable support for the entropy source: scheduler-based entropy +, esSchedEntropyRate ? 0 # amount of entropy to account for interrupt-based source (only set irq XOR sched != 0) , esHwrand ? true # enable support for the entropy source: /dev/hwrng -, hashSha512 ? false # set the conditioning hash: SHA2-512 -, hashSha3_512 ? true # set the conditioning hash: SHA3-512 +, esHwrandEntropyRate ? 128 # amount of entropy to account for /dev/hwrng-based sources }: assert drngHashDrbg != drngChaCha20; assert hashSha512 != hashSha3_512; +assert cryptoBackend == "openssl" || cryptoBackend == "botan" || cryptoBackend == "builtin" "Unsupported ESDM crypto backend"; stdenv.mkDerivation rec { pname = "esdm"; - version = "0.6.0"; + version = "1.0.0"; src = fetchFromGitHub { owner = "smuellerDD"; repo = "esdm"; rev = "v${version}"; - sha256 = "sha256-swBKVb5gnND76w2ULT+5hR/jVOqxEe4TAB1gyaLKE9Q="; + sha256 = "sha256-q6TGL1agltV9CFfcA6hZszVwGIBBngs22ZqhQgc9FeM="; }; - patches = [ - (fetchpatch { - name = "arm64.patch"; - url = "https://github.com/smuellerDD/esdm/commit/86b93a0ddf684448aba152c8f1b3baf40a6d41c0.patch"; - sha256 = "sha256-gjp13AEsDNj23fcGanAAn2KCbYKA0cphhf4mCxek9Yg="; - }) - ]; - nativeBuildInputs = [ meson pkg-config ninja ]; - buildInputs = [ protobufc fuse3 jitterentropy ] - ++ lib.optional selinux libselinux; + buildInputs = [ protobufc ] + ++ lib.optional (cryptoBackend == "botan" || botanRng) botan3 + ++ lib.optional (cryptoBackend == "openssl" || openSSLRandProvider) openssl + ++ lib.optional selinux libselinux + ++ lib.optional esJitterRng jitterentropy + ++ lib.optional linuxDevFiles fuse3 + ++ lib.optional esJitterRngKernel libkcapi; mesonFlags = [ (lib.mesonBool "b_lto" false) + (lib.mesonBool "fips140" false) (lib.mesonBool "ais2031" ais2031) + (lib.mesonBool "sp80090c" sp80090c) + (lib.mesonEnable "node" true) # multiple DRNGs + (lib.mesonOption "threading_max_threads" (toString 64)) + (lib.mesonOption "crypto_backend" cryptoBackend) (lib.mesonEnable "linux-devfiles" linuxDevFiles) (lib.mesonEnable "linux-getrandom" linuxGetRandom) + (lib.mesonOption "client-connect-timeout-exponent" (toString connectTimeoutExponent)) + (lib.mesonOption "client-rx-tx-timeout-exponent" (toString rxTxTimeoutExponent)) + (lib.mesonOption "client-reconnect-attempts" (toString reconnectAttempts)) (lib.mesonEnable "es_jent" esJitterRng) + (lib.mesonOption "es_jent_entropy_rate" (toString esJitterRngEntropyRate)) + (lib.mesonEnable "es_jent_kernel" esJitterRngKernel) + (lib.mesonOption "es_jent_kernel_entropy_rate" (toString esJitterRngKernelEntropyRate)) (lib.mesonEnable "es_cpu" esCPU) + (lib.mesonOption "es_cpu_entropy_rate" (toString esCPUEntropyRate)) (lib.mesonEnable "es_kernel" esKernel) + (lib.mesonOption "es_kernel_entropy_rate" (toString esKernelEntropyRate)) (lib.mesonEnable "es_irq" esIRQ) + (lib.mesonOption "es_irq_entropy_rate" (toString esIRQEntropyRate)) (lib.mesonEnable "es_sched" esSched) + (lib.mesonOption "es_sched_entropy_rate" (toString esSchedEntropyRate)) (lib.mesonEnable "es_hwrand" esHwrand) + (lib.mesonOption "es_hwrand_entropy_rate" (toString esHwrandEntropyRate)) (lib.mesonEnable "hash_sha512" hashSha512) (lib.mesonEnable "hash_sha3_512" hashSha3_512) (lib.mesonEnable "selinux" selinux) (lib.mesonEnable "drng_hash_drbg" drngHashDrbg) (lib.mesonEnable "drng_chacha20" drngChaCha20) + (lib.mesonEnable "openssl-rand-provider" openSSLRandProvider) + (lib.mesonEnable "botan-rng" botanRng) ]; doCheck = true; diff --git a/pkgs/os-specific/linux/eudev/default.nix b/pkgs/os-specific/linux/eudev/default.nix deleted file mode 100644 index 4d3c9e78522..00000000000 --- a/pkgs/os-specific/linux/eudev/default.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ lib -, stdenv -, fetchFromGitHub -, autoreconfHook -, gperf -, kmod -, pkg-config -, util-linux -}: - -stdenv.mkDerivation rec { - pname = "eudev"; - version = "3.2.12"; - - src = fetchFromGitHub { - owner = "eudev-project"; - repo = pname; - rev = "v${version}"; - hash = "sha256-x9l+W8zuFYwG0m9JOIDbEf1x6yeBW36HnJws/buc7HI="; - }; - - nativeBuildInputs = [ - autoreconfHook - gperf - pkg-config - ]; - - buildInputs = [ - kmod - util-linux - ]; - - configureFlags = [ - "--localstatedir=/var" - "--sysconfdir=/etc" - ]; - - makeFlags = [ - "hwdb_bin=/var/lib/udev/hwdb.bin" - "udevrulesdir=/etc/udev/rules.d" - ]; - - preInstall = '' - # Disable install-exec-hook target, - # as it conflicts with our move-sbin setup-hook - - sed -i 's;$(MAKE) $(AM_MAKEFLAGS) install-exec-hook;$(MAKE) $(AM_MAKEFLAGS);g' src/udev/Makefile - ''; - - installFlags = [ - "localstatedir=$(TMPDIR)/var" - "sysconfdir=$(out)/etc" - "udevconfdir=$(out)/etc/udev" - "udevhwdbbin=$(out)/var/lib/udev/hwdb.bin" - "udevhwdbdir=$(out)/var/lib/udev/hwdb.d" - "udevrulesdir=$(out)/var/lib/udev/rules.d" - ]; - - meta = with lib; { - homepage = "https://github.com/eudev-project/eudev"; - description = "A fork of udev with the aim of isolating it from init"; - license = licenses.gpl2Plus ; - maintainers = with maintainers; [ raskin AndersonTorres ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/evdi/default.nix b/pkgs/os-specific/linux/evdi/default.nix index ebb6fbe2cc6..bd34ac0db4d 100644 --- a/pkgs/os-specific/linux/evdi/default.nix +++ b/pkgs/os-specific/linux/evdi/default.nix @@ -16,7 +16,11 @@ stdenv.mkDerivation rec { hash = "sha256-em3Y56saB7K3Wr31Y0boc38xGb57gdveN0Cstgy8y20="; }; - env.NIX_CFLAGS_COMPILE = "-Wno-error -Wno-error=sign-compare"; + env.NIX_CFLAGS_COMPILE = toString [ + "-Wno-error" + "-Wno-error=discarded-qualifiers" # for Linux 4.19 compatibility + "-Wno-error=sign-compare" + ]; nativeBuildInputs = kernel.moduleBuildDependencies; @@ -43,6 +47,6 @@ stdenv.mkDerivation rec { platforms = platforms.linux; license = with licenses; [ lgpl21Only gpl2Only ]; homepage = "https://www.displaylink.com/"; - broken = kernel.kernelOlder "4.19" || stdenv.isAarch64; + broken = kernel.kernelOlder "4.19" || kernel.kernelAtLeast "6.6"; }; } diff --git a/pkgs/os-specific/linux/eventstat/default.nix b/pkgs/os-specific/linux/eventstat/default.nix index 88ac5add34a..2c139cd3c86 100644 --- a/pkgs/os-specific/linux/eventstat/default.nix +++ b/pkgs/os-specific/linux/eventstat/default.nix @@ -23,6 +23,6 @@ stdenv.mkDerivation rec { homepage = "https://github.com/ColinIanKing/eventstat"; license = licenses.gpl2; platforms = platforms.linux; - maintainers = with maintainers; [ cstrahan ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch b/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch index c5c0ebb0002..4e95ccea8dc 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch +++ b/pkgs/os-specific/linux/firmware/fwupd/add-option-for-installation-sysconfdir.patch @@ -1,5 +1,5 @@ diff --git a/data/bios-settings.d/meson.build b/data/bios-settings.d/meson.build -index b0ff5b10..13ac380d 100644 +index b0ff5b106..13ac380d0 100644 --- a/data/bios-settings.d/meson.build +++ b/data/bios-settings.d/meson.build @@ -1,5 +1,5 @@ @@ -10,7 +10,7 @@ index b0ff5b10..13ac380d 100644 ) endif diff --git a/data/meson.build b/data/meson.build -index 8999ee57..b57174dc 100644 +index e13da4adf..6858c240f 100644 --- a/data/meson.build +++ b/data/meson.build @@ -26,7 +26,7 @@ endif @@ -23,7 +23,7 @@ index 8999ee57..b57174dc 100644 ) plugin_quirks += files([ diff --git a/data/pki/meson.build b/data/pki/meson.build -index 3649fece..c3462744 100644 +index 3649fecea..c3462744b 100644 --- a/data/pki/meson.build +++ b/data/pki/meson.build @@ -12,13 +12,13 @@ install_data([ @@ -57,7 +57,7 @@ index 3649fece..c3462744 100644 ) endif diff --git a/data/remotes.d/meson.build b/data/remotes.d/meson.build -index c20a1a05..5354bac7 100644 +index c20a1a05e..5354bac7f 100644 --- a/data/remotes.d/meson.build +++ b/data/remotes.d/meson.build @@ -15,14 +15,14 @@ if build_standalone and get_option('lvfs') != 'false' @@ -93,10 +93,10 @@ index c20a1a05..5354bac7 100644 + install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'), ) diff --git a/meson.build b/meson.build -index fa7a5599..5b53a407 100644 +index ca6ccdf92..0a3097d90 100644 --- a/meson.build +++ b/meson.build -@@ -191,6 +191,12 @@ endif +@@ -195,6 +195,12 @@ endif mandir = join_paths(prefix, get_option('mandir')) localedir = join_paths(prefix, get_option('localedir')) @@ -107,32 +107,24 @@ index fa7a5599..5b53a407 100644 +endif + diffcmd = find_program('diff') - gio = dependency('gio-2.0', version: '>= 2.45.8') - giounix = dependency('gio-unix-2.0', version: '>= 2.45.8', required: false) + gio = dependency('gio-2.0', version: '>= 2.68.0') + giounix = dependency('gio-unix-2.0', version: '>= 2.68.0', required: false) diff --git a/meson_options.txt b/meson_options.txt -index 81d373f8..d214cf64 100644 +index 877891126..986d0ee31 100644 --- a/meson_options.txt +++ b/meson_options.txt -@@ -1,3 +1,4 @@ -+option('sysconfdir_install', type: 'string', value: '', description: 'sysconfdir to use during installation') - option('build', type : 'combo', choices : ['all', 'standalone', 'library'], value : 'all', description : 'build type') - option('consolekit', type : 'feature', description : 'ConsoleKit support', deprecated: {'true': 'enabled', 'false': 'disabled'}) - option('static_analysis', type : 'boolean', value : false, description : 'enable GCC static analysis support') -diff --git a/plugins/dell-esrt/meson.build b/plugins/dell-esrt/meson.build -index 88c039f8..62a7691f 100644 ---- a/plugins/dell-esrt/meson.build -+++ b/plugins/dell-esrt/meson.build -@@ -27,6 +27,6 @@ configure_file( - output: 'dell-esrt.conf', - configuration: con2, - install: true, -- install_dir: join_paths(sysconfdir, 'fwupd', 'remotes.d'), -+ install_dir: join_paths(sysconfdir_install, 'fwupd', 'remotes.d'), - ) - endif +@@ -1,3 +1,8 @@ ++option('sysconfdir_install', ++ type: 'string', ++ value: '', ++ description: 'sysconfdir to use during installation' ++) + option('build', + type: 'combo', + choices: [ diff --git a/plugins/uefi-capsule/meson.build b/plugins/uefi-capsule/meson.build -index f4657a6a..28ca0653 100644 +index eb196c21e..c9a29f680 100644 --- a/plugins/uefi-capsule/meson.build +++ b/plugins/uefi-capsule/meson.build @@ -20,7 +20,7 @@ if host_machine.system() == 'linux' @@ -144,5 +136,3 @@ index f4657a6a..28ca0653 100644 ) elif host_machine.system() == 'freebsd' backend_srcs += 'fu-uefi-backend-freebsd.c' --- -2.40.1 diff --git a/pkgs/os-specific/linux/firmware/fwupd/default.nix b/pkgs/os-specific/linux/firmware/fwupd/default.nix index 5472cce0565..f4914d84327 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -8,6 +8,7 @@ , gobject-introspection , gettext , libgudev +, libdrm , polkit , libxmlb , glib @@ -18,14 +19,12 @@ , curl , libjcat , elfutils -, libsmbios , efivar , valgrind , meson , libuuid , colord , ninja -, gcab , gnutls , protobufc , python3 @@ -124,7 +123,7 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "fwupd"; - version = "1.9.5"; + version = "1.9.7"; # libfwupd goes to lib # daemon, plug-ins and libfwupdplugin go to out @@ -135,7 +134,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "fwupd"; repo = "fwupd"; rev = finalAttrs.version; - hash = "sha256-dqbFgVgG2RQM5ZHIEIIJOmrjtwlaRXEyY+2OdDs4PGo="; + hash = "sha256-NhVCIjkwoTZptctIrkU9HgXzjr+KCUZfEKcjoYgAEdM="; }; patches = [ @@ -169,7 +168,6 @@ stdenv.mkDerivation (finalAttrs: { gettext shared-mime-info valgrind - gcab gnutls protobufc # for protoc python @@ -183,6 +181,7 @@ stdenv.mkDerivation (finalAttrs: { gusb sqlite libarchive + libdrm curl elfutils libgudev @@ -202,8 +201,6 @@ stdenv.mkDerivation (finalAttrs: { libcbor libqmi xz # for liblzma - ] ++ lib.optionals haveDell [ - libsmbios ] ++ lib.optionals haveFlashrom [ flashrom ]; @@ -213,6 +210,7 @@ stdenv.mkDerivation (finalAttrs: { "-Dplugin_dummy=true" # We are building the official releases. "-Dsupported_build=enabled" + "-Dlaunchd=disabled" "-Dudevdir=lib/udev" "-Dsystemd_root_prefix=${placeholder "out"}" "-Dinstalled_test_prefix=${placeholder "installedTests"}" @@ -226,7 +224,6 @@ stdenv.mkDerivation (finalAttrs: { ] ++ lib.optionals (!enablePassim) [ "-Dpassim=disabled" ] ++ lib.optionals (!haveDell) [ - "-Dplugin_dell=disabled" "-Dplugin_synaptics_mst=disabled" ] ++ lib.optionals (!haveRedfish) [ "-Dplugin_redfish=disabled" @@ -350,8 +347,6 @@ stdenv.mkDerivation (finalAttrs: { "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service" "pki/fwupd-metadata/LVFS-CA.pem" "grub.d/35_fwupd" - ] ++ lib.optionals haveDell [ - "fwupd/remotes.d/dell-esrt.conf" ]; # DisabledPlugins key in fwupd/daemon.conf diff --git a/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch b/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch index a914f56c66d..2954f89e14c 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch +++ b/pkgs/os-specific/linux/firmware/fwupd/installed-tests-path.patch @@ -1,8 +1,8 @@ diff --git a/data/installed-tests/meson.build b/data/installed-tests/meson.build -index be3d5c6d9..14d45dcaf 100644 +index dfce86b1c..5e34c4fa6 100644 --- a/data/installed-tests/meson.build +++ b/data/installed-tests/meson.build -@@ -83,5 +83,5 @@ configure_file( +@@ -86,5 +86,5 @@ configure_file( output: 'fwupd-tests.conf', configuration: con2, install: true, @@ -10,10 +10,10 @@ index be3d5c6d9..14d45dcaf 100644 + install_dir: join_paths(get_option('installed_test_prefix'), 'etc', 'fwupd', 'remotes.d'), ) diff --git a/meson.build b/meson.build -index 30011f548..7ac8c937a 100644 +index ca6ccdf92..36b1b47b0 100644 --- a/meson.build +++ b/meson.build -@@ -186,8 +186,8 @@ else +@@ -188,8 +188,8 @@ else datadir = join_paths(prefix, get_option('datadir')) sysconfdir = join_paths(prefix, get_option('sysconfdir')) localstatedir = join_paths(prefix, get_option('localstatedir')) @@ -24,7 +24,7 @@ index 30011f548..7ac8c937a 100644 daemon_dir = join_paths(libexecdir, 'fwupd') endif mandir = join_paths(prefix, get_option('mandir')) -@@ -498,6 +498,7 @@ gnome = import('gnome') +@@ -497,6 +497,7 @@ gnome = import('gnome') i18n = import('i18n') conf.set_quoted('FWUPD_PREFIX', prefix) @@ -33,14 +33,17 @@ index 30011f548..7ac8c937a 100644 conf.set_quoted('FWUPD_LIBDIR', libdir) conf.set_quoted('FWUPD_LIBEXECDIR', libexecdir) diff --git a/meson_options.txt b/meson_options.txt -index 6fc7e8437..29832fd08 100644 +index 877891126..bfc5d1afd 100644 --- a/meson_options.txt +++ b/meson_options.txt -@@ -57,6 +57,7 @@ option('systemd', type : 'feature', description : 'systemd support', deprecated: - option('systemd_unit_user', type : 'string', description : 'User account to use for fwupd-refresh.service (empty for DynamicUser)') - option('systemd_root_prefix', type: 'string', value: '', description: 'Directory to base systemd’s installation directories on') - option('elogind', type : 'feature', description : 'elogind support', deprecated: {'true': 'enabled', 'false': 'disabled'}) -+option('installed_test_prefix', type: 'string', description: 'Prefix for installed tests') - option('tests', type : 'boolean', value : true, description : 'enable tests') - option('soup_session_compat', type : 'boolean', value : true, description : 'enable SoupSession runtime compatibility support') - option('curl', type : 'feature', description : 'libcurl support', deprecated: {'true': 'enabled', 'false': 'disabled'}) +@@ -452,6 +452,10 @@ option('elogind', + 'false': 'disabled', + }, + ) ++option('installed_test_prefix', ++ type: 'string', ++ description: 'Prefix for installed tests' ++) + option('tests', + type: 'boolean', + value: true, diff --git a/pkgs/os-specific/linux/firmware/linux-firmware/default.nix b/pkgs/os-specific/linux/firmware/linux-firmware/default.nix index b76a77fb3a6..283e04b4754 100644 --- a/pkgs/os-specific/linux/firmware/linux-firmware/default.nix +++ b/pkgs/os-specific/linux/firmware/linux-firmware/default.nix @@ -4,6 +4,8 @@ in { stdenvNoCC, fetchzip, lib, + rdfind, + which, }: stdenvNoCC.mkDerivation rec { @@ -15,6 +17,11 @@ stdenvNoCC.mkDerivation rec { hash = source.sourceHash; }; + nativeBuildInputs = [ + rdfind + which + ]; + installFlags = [ "DESTDIR=$(out)" ]; # Firmware blobs do not need fixing and should not be modified diff --git a/pkgs/os-specific/linux/firmware/linux-firmware/source.nix b/pkgs/os-specific/linux/firmware/linux-firmware/source.nix index 09f14bc729b..afe371a8887 100644 --- a/pkgs/os-specific/linux/firmware/linux-firmware/source.nix +++ b/pkgs/os-specific/linux/firmware/linux-firmware/source.nix @@ -1,7 +1,6 @@ -# This file is autogenerated! Run ./update.sh to regenerate. { - version = "20230919"; - revision = "20230919"; - sourceHash = "sha256-xcGEaWCcCAhN4gnnaj03u7LekP4+cRtcioTYhvAOQtg="; - outputHash = "sha256-6W9QTShp/UzlcILwyyn56wppQORUGPff2TodEt4qhwQ="; + version = "20231111"; + revision = "20231111"; + sourceHash = "sha256-S9Xkj2CbamHxqjTDfqRJu91MNrSntxrQ7HYyhvdH6Jo="; + outputHash = "sha256-Qrz9fSHUQf0Gl8pfol4yfe95sD8DQV/+riT1NCFussQ="; } diff --git a/pkgs/os-specific/linux/freeipa/default.nix b/pkgs/os-specific/linux/freeipa/default.nix index c7d7d5af09b..99d8527fc1d 100644 --- a/pkgs/os-specific/linux/freeipa/default.nix +++ b/pkgs/os-specific/linux/freeipa/default.nix @@ -64,11 +64,11 @@ let in stdenv.mkDerivation rec { pname = "freeipa"; - version = "4.10.2"; + version = "4.11.0"; src = fetchurl { url = "https://releases.pagure.org/freeipa/freeipa-${version}.tar.gz"; - sha256 = "sha256-9DbfxJeEUGnBE7pULTPrVgqRePILUFk4Kn0WFNmcFVg="; + sha256 = "sha256-l/e2Dq/ako41QWEZyJCD+PA44PzTnzC8B7jYAm/Tt6Q="; }; nativeBuildInputs = [ @@ -167,5 +167,6 @@ stdenv.mkDerivation rec { license = licenses.gpl3Plus; maintainers = [ maintainers.s1341 ]; platforms = platforms.linux; + mainProgram = "ipa"; }; } diff --git a/pkgs/os-specific/linux/fuse/common.nix b/pkgs/os-specific/linux/fuse/common.nix index bbd871a1b9a..f4b8bfc5661 100644 --- a/pkgs/os-specific/linux/fuse/common.nix +++ b/pkgs/os-specific/linux/fuse/common.nix @@ -1,4 +1,4 @@ -{ version, sha256Hash }: +{ version, hash }: { lib, stdenv, fetchFromGitHub, fetchpatch , fusePackages, util-linux, gettext, shadow @@ -17,7 +17,7 @@ in stdenv.mkDerivation rec { owner = "libfuse"; repo = "libfuse"; rev = "${pname}-${version}"; - sha256 = sha256Hash; + inherit hash; }; preAutoreconf = "touch config.rpath"; @@ -48,6 +48,7 @@ in stdenv.mkDerivation rec { mesonFlags = lib.optionals isFuse3 [ "-Dudevrulesdir=/udev/rules.d" "-Duseroot=false" + "-Dinitscriptdir=" ]; preConfigure = '' diff --git a/pkgs/os-specific/linux/fuse/default.nix b/pkgs/os-specific/linux/fuse/default.nix index 6aa3e46d4e1..f692c2fb41c 100644 --- a/pkgs/os-specific/linux/fuse/default.nix +++ b/pkgs/os-specific/linux/fuse/default.nix @@ -7,11 +7,11 @@ let in { fuse_2 = mkFuse { version = "2.9.9"; - sha256Hash = "1yxxvm58c30pc022nl1wlg8fljqpmwnchkywic3r74zirvlcq23n"; + hash = "sha256-dgjM6M7xk5MHi9xPyCyvF0vq0KM8UCsEYBcMhkrdvfs="; }; fuse_3 = mkFuse { - version = "3.11.0"; - sha256Hash = "1wx80xxlvjn0wxhmkr1g91vwrgxssyzds1hizzxc2xrd4kjh9dfb"; + version = "3.16.2"; + hash = "sha256-QO9s+IkR0rkqIYNqt2IYST6AVBkCr56jcuuz5nKJuA4="; }; } diff --git a/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch b/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch index 903f30325df..582d3eb0dec 100644 --- a/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch +++ b/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch @@ -1,12 +1,13 @@ +diff --git a/lib/meson.build b/lib/meson.build --- a/lib/meson.build +++ b/lib/meson.build @@ -37,8 +37,7 @@ libfuse = library('fuse3', libfuse_sources, version: meson.project_version(), soversion: '3', include_directories: include_dirs, dependencies: deps, install: true, link_depends: 'fuse_versionscript', -- c_args: [ '-DFUSE_USE_VERSION=35', +- c_args: [ '-DFUSE_USE_VERSION=312', - '-DFUSERMOUNT_DIR="@0@"'.format(fusermount_path) ], -+ c_args: [ '-DFUSE_USE_VERSION=35' ], ++ c_args: [ '-DFUSE_USE_VERSION=312' ], link_args: ['-Wl,--version-script,' + meson.current_source_dir() + '/fuse_versionscript' ]) diff --git a/pkgs/os-specific/linux/fuse/fuse3-install.patch b/pkgs/os-specific/linux/fuse/fuse3-install.patch index 147bcb439fb..769e3088664 100644 --- a/pkgs/os-specific/linux/fuse/fuse3-install.patch +++ b/pkgs/os-specific/linux/fuse/fuse3-install.patch @@ -1,18 +1,20 @@ ---- a/util/install_helper.sh 2019-07-10 12:00:15.984840142 +0200 -+++ b/util/install_helper.sh 2019-07-10 12:28:56.343011401 +0200 -@@ -37,10 +37,10 @@ - fi +--- a/util/install_helper.sh 2023-08-26 22:12:11.028651669 +0200 ++++ b/util/install_helper.sh 2023-08-26 22:38:03.165058694 +0200 +@@ -39,12 +39,12 @@ - install -D -m 644 "${MESON_SOURCE_ROOT}/util/udev.rules" \ + if [ "${udevrulesdir}" != "" ]; then + install -D -m 644 "${MESON_SOURCE_ROOT}/util/udev.rules" \ - "${DESTDIR}${udevrulesdir}/99-fuse3.rules" + "${sysconfdir}${udevrulesdir}/99-fuse3.rules" + fi - install -D -m 755 "${MESON_SOURCE_ROOT}/util/init_script" \ -- "${DESTDIR}/etc/init.d/fuse3" -+ "${sysconfdir}/init.d/fuse3" - + if [ "$initscriptdir" != "" ]; then + install -D -m 755 "${MESON_SOURCE_ROOT}/util/init_script" \ +- "${DESTDIR}${initscriptdir}/fuse3" ++ "${sysconfdir}${initscriptdir}/fuse3" - if test -x /usr/sbin/update-rc.d && test -z "${DESTDIR}"; then + if test -x /usr/sbin/update-rc.d && test -z "${DESTDIR}"; then + /usr/sbin/update-rc.d fuse3 start 34 S . start 41 0 6 . || /bin/true diff --git a/util/meson.build b/util/meson.build index aa0e734..06d4378 100644 --- a/util/meson.build diff --git a/pkgs/os-specific/linux/fwts/default.nix b/pkgs/os-specific/linux/fwts/default.nix index d44db7adf15..43f7ed5cb3a 100644 --- a/pkgs/os-specific/linux/fwts/default.nix +++ b/pkgs/os-specific/linux/fwts/default.nix @@ -20,6 +20,10 @@ stdenv.mkDerivation rec { --replace "/usr/bin/lspci" "${pciutils}/bin/lspci" \ --replace "/usr/sbin/dmidecode" "${dmidecode}/bin/dmidecode" \ --replace "/usr/bin/iasl" "${acpica-tools}/bin/iasl" + + substituteInPlace src/lib/src/fwts_devicetree.c \ + src/devicetree/dt_base/dt_base.c \ + --replace "dtc -I" "${dtc}/bin/dtc -I" ''; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/hd-idle/default.nix b/pkgs/os-specific/linux/hd-idle/default.nix index 77caa131598..13cb397b179 100644 --- a/pkgs/os-specific/linux/hd-idle/default.nix +++ b/pkgs/os-specific/linux/hd-idle/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "hd-idle"; - version = "1.20"; + version = "1.21"; src = fetchFromGitHub { owner = "adelolmo"; repo = pname; rev = "v${version}"; - sha256 = "sha256-7EXfI3E83ltpjq2M/qZX2P/bNtQQBWZRBCD7i5uit0I="; + sha256 = "sha256-WHJcysTN9LHI1WnDuFGTyTirxXirpLpJIeNDj4sZGY0="; }; vendorHash = null; diff --git a/pkgs/os-specific/linux/hid-tmff2/default.nix b/pkgs/os-specific/linux/hid-tmff2/default.nix new file mode 100644 index 00000000000..ac297c78e10 --- /dev/null +++ b/pkgs/os-specific/linux/hid-tmff2/default.nix @@ -0,0 +1,36 @@ +{ stdenv, lib, fetchFromGitHub, kernel }: + +stdenv.mkDerivation { + pname = "hid-tmff2"; + # https://github.com/Kimplul/hid-tmff2/blob/ca168637fbfb085ebc9ade0c47fa0653dac5d25b/dkms/dkms-install.sh#L12 + version = "0.81"; + + src = fetchFromGitHub { + owner = "Kimplul"; + repo = "hid-tmff2"; + rev = "ca168637fbfb085ebc9ade0c47fa0653dac5d25b"; + hash = "sha256-Nm5m5xjwJGy+ia4nTkvPZynIxUj6MVGGbSNmIcIpziM="; + # For hid-tminit. Source: https://github.com/scarburato/hid-tminit + fetchSubmodules = true; + }; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + makeFlags = kernel.makeFlags ++ [ + "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + installFlags = [ + "INSTALL_MOD_PATH=${placeholder "out"}" + ]; + + postPatch = "sed -i '/depmod -A/d' Makefile"; + + meta = with lib; { + description = "A linux kernel module for Thrustmaster T300RS, T248 and TX(experimental)"; + homepage = "https://github.com/Kimplul/hid-tmff2"; + license = licenses.gpl2Plus; + maintainers = [ maintainers.rayslash ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/hostapd/default.nix b/pkgs/os-specific/linux/hostapd/default.nix index a35bd38add2..e4b41f3a0c8 100644 --- a/pkgs/os-specific/linux/hostapd/default.nix +++ b/pkgs/os-specific/linux/hostapd/default.nix @@ -103,7 +103,7 @@ stdenv.mkDerivation rec { homepage = "https://w1.fi/hostapd/"; description = "A user space daemon for access point and authentication servers"; license = licenses.gpl2; - maintainers = with maintainers; [ ninjatrappeur hexa ]; + maintainers = with maintainers; [ hexa ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/hwdata/default.nix b/pkgs/os-specific/linux/hwdata/default.nix index 6c7afffd9ce..5bfdf61dff6 100644 --- a/pkgs/os-specific/linux/hwdata/default.nix +++ b/pkgs/os-specific/linux/hwdata/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "hwdata"; - version = "0.373"; + version = "0.376"; src = fetchFromGitHub { owner = "vcrhonek"; repo = "hwdata"; rev = "v${version}"; - hash = "sha256-KXZodSvY4Szt/gp0iRkx+ngziCaUYvkjnkvjwPj3OwI="; + hash = "sha256-M1uBamN09XepOembDAcHXO/UvnM9s/OiN+eNzChF5Tw="; }; postPatch = '' diff --git a/pkgs/os-specific/linux/intel-cmt-cat/default.nix b/pkgs/os-specific/linux/intel-cmt-cat/default.nix index 9429bd28306..62e6149b6f1 100644 --- a/pkgs/os-specific/linux/intel-cmt-cat/default.nix +++ b/pkgs/os-specific/linux/intel-cmt-cat/default.nix @@ -1,14 +1,14 @@ { lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { - version = "23.08"; + version = "23.11"; pname = "intel-cmt-cat"; src = fetchFromGitHub { owner = "intel"; repo = "intel-cmt-cat"; rev = "v${version}"; - sha256 = "sha256-T97cTJLGSJgOoQFgL/lI+AldqsCEcHilhTTDZy+pmU8="; + sha256 = "sha256-/OSU/7QR8NAjcAIo+unVQfORvCH5VpjfRn5sIrCxwbE="; }; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/intel-compute-runtime/default.nix b/pkgs/os-specific/linux/intel-compute-runtime/default.nix index c182b2f63eb..dacfb76eb9a 100644 --- a/pkgs/os-specific/linux/intel-compute-runtime/default.nix +++ b/pkgs/os-specific/linux/intel-compute-runtime/default.nix @@ -11,13 +11,13 @@ stdenv.mkDerivation rec { pname = "intel-compute-runtime"; - version = "23.26.26690.22"; + version = "23.30.26918.20"; src = fetchFromGitHub { owner = "intel"; repo = "compute-runtime"; rev = version; - hash = "sha256-2ZFDnVfLYKNZbgFARYMWqLDjgH8aZY5SA3ZwQ85nPYo="; + hash = "sha256-dEznHRgAcJa/BBTD/AWJHlA7fNj2IXHHrYcKM4M+/1o="; }; nativeBuildInputs = [ cmake pkg-config ]; diff --git a/pkgs/os-specific/linux/iomelt/default.nix b/pkgs/os-specific/linux/iomelt/default.nix index 860a7b44632..0084a397d07 100644 --- a/pkgs/os-specific/linux/iomelt/default.nix +++ b/pkgs/os-specific/linux/iomelt/default.nix @@ -20,7 +20,7 @@ in stdenv.mkDerivation { meta = with lib; { description = "A simple yet effective way to benchmark disk IO in Linux systems"; homepage = "http://www.iomelt.com"; - maintainers = with maintainers; [ cstrahan ]; + maintainers = with maintainers; [ ]; license = licenses.artistic2; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/iotop-c/default.nix b/pkgs/os-specific/linux/iotop-c/default.nix index 2917ace349f..1d7dc9e4d11 100644 --- a/pkgs/os-specific/linux/iotop-c/default.nix +++ b/pkgs/os-specific/linux/iotop-c/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "iotop-c"; - version = "1.23"; + version = "1.25"; src = fetchFromGitHub { owner = "Tomas-M"; repo = "iotop"; rev = "v${version}"; - sha256 = "sha256-4DTYtUltmZ+nkm4ZLac+6JbBW3z+qby7sP33LwEXtcQ="; + sha256 = "sha256-ZIvWdNxGSUmQtMKB/MVHEZ0fJ8b//zSXz+1r/P9ZDkE="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index 64749e209ba..a86af7e6db2 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, fetchpatch +{ lib, stdenv, fetchurl , buildPackages, bison, flex, pkg-config , db, iptables, libelf, libmnl , gitUpdater @@ -6,27 +6,13 @@ stdenv.mkDerivation rec { pname = "iproute2"; - version = "6.4.0"; + version = "6.5.0"; src = fetchurl { url = "mirror://kernel/linux/utils/net/${pname}/${pname}-${version}.tar.xz"; - sha256 = "sha256-TFG43svH5NoVn/sGb1kM+5Pb+a9/+GsWR85Ct8F5onI="; + hash = "sha256-pwF5CF+huW08M7BAyAm3XitXVjrcUFpK0F4mCd83NGM="; }; - patches = [ - # To avoid ./configure failing due to invalid arguments: - (fetchpatch { # configure: restore backward compatibility - url = "https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/patch/?id=a3272b93725a406bc98b67373da67a4bdf6fcdb0"; - sha256 = "0hyagh2lf6rrfss4z7ca8q3ydya6gg7vfhh25slhpgcn6lnk0xbv"; - }) - - # fix build on musl. applied anywhere to prevent patchrot. - (fetchpatch { - url = "https://git.alpinelinux.org/aports/plain/main/iproute2/include.patch?id=bd46efb8a8da54948639cebcfa5b37bd608f1069"; - sha256 = "sha256-NpNnSXQntuzzpjswE42yzo7nqmrQgI5YcHR2kp9NEwA="; - }) - ]; - postPatch = '' # Don't try to create /var/lib/arpd: sed -e '/ARPDDIR/d' -i Makefile diff --git a/pkgs/os-specific/linux/ipset/default.nix b/pkgs/os-specific/linux/ipset/default.nix index 6aa369e4eb4..8326ef1c461 100644 --- a/pkgs/os-specific/linux/ipset/default.nix +++ b/pkgs/os-specific/linux/ipset/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "ipset"; - version = "7.17"; + version = "7.19"; src = fetchurl { url = "https://ipset.netfilter.org/${pname}-${version}.tar.bz2"; - sha256 = "sha256-vknJ/0id1mEMrWVB50PDOE6slunyRwfaezkp2PKsZNg="; + sha256 = "sha256-m8H7pI1leG4+C2Pca2aahmgj13hAxpkMDGsjB47CxNY="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix index 9d2848556ea..b82484514e5 100644 --- a/pkgs/os-specific/linux/iptables/default.nix +++ b/pkgs/os-specific/linux/iptables/default.nix @@ -2,31 +2,18 @@ , autoreconfHook, pkg-config, pruneLibtoolFiles, flex, bison , libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap , nftablesCompat ? true -, fetchpatch +, gitUpdater }: stdenv.mkDerivation rec { - version = "1.8.9"; + version = "1.8.10"; pname = "iptables"; src = fetchurl { url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.xz"; - sha256 = "72Y5pDvoMlpPjqaBI/+sI2y2lujHhQG2ToEGr7AIyH8="; + sha256 = "XMJVwYk1bjF9BwdVzpNx62Oht4PDRJj7jDAmTzzFnJw="; }; - patches = [ - (fetchpatch { - name = "format-security.patch"; - url = "https://git.netfilter.org/iptables/patch/?id=ed4082a7405a5838c205a34c1559e289949200cc"; - sha256 = "OdytFmHk+3Awu+sDQpGTl5/qip4doRblmW2vQzfNZiU="; - }) - (fetchurl { - name = "static.patch"; - url = "https://lore.kernel.org/netfilter-devel/20230402232939.1060151-1-hi@alyssa.is/raw"; - sha256 = "PkH+1HbJjBb3//ffBe0XUQok1lBwgj/STL8Ppu/28f4="; - }) - ]; - outputs = [ "out" "dev" "man" ]; nativeBuildInputs = [ @@ -35,10 +22,6 @@ stdenv.mkDerivation rec { buildInputs = [ libmnl libnetfilter_conntrack libnfnetlink libnftnl libpcap ]; - preConfigure = '' - export NIX_LDFLAGS="$NIX_LDFLAGS -lmnl -lnftnl" - ''; - configureFlags = [ "--enable-bpf-compiler" "--enable-devel" @@ -47,6 +30,8 @@ stdenv.mkDerivation rec { "--enable-shared" ] ++ lib.optional (!nftablesCompat) "--disable-nftables"; + enableParallelBuilding = true; + postInstall = lib.optionalString nftablesCompat '' rm $out/sbin/{iptables,iptables-restore,iptables-save,ip6tables,ip6tables-restore,ip6tables-save} ln -sv xtables-nft-multi $out/bin/iptables @@ -57,6 +42,13 @@ stdenv.mkDerivation rec { ln -sv xtables-nft-multi $out/bin/ip6tables-save ''; + passthru = { + updateScript = gitUpdater { + url = "https://git.netfilter.org/iptables"; + rev-prefix = "v"; + }; + }; + meta = with lib; { description = "A program to configure the Linux IP packet filtering ruleset"; homepage = "https://www.netfilter.org/projects/iptables/index.html"; diff --git a/pkgs/os-specific/linux/irqbalance/default.nix b/pkgs/os-specific/linux/irqbalance/default.nix index 585c1661b8a..df197715013 100644 --- a/pkgs/os-specific/linux/irqbalance/default.nix +++ b/pkgs/os-specific/linux/irqbalance/default.nix @@ -32,6 +32,6 @@ stdenv.mkDerivation rec { description = "A daemon to help balance the cpu load generated by interrupts across all of a systems cpus"; license = licenses.gpl2Only; platforms = platforms.linux; - maintainers = with maintainers; [ fortuneteller2k ]; + maintainers = with maintainers; [ moni ]; }; } diff --git a/pkgs/os-specific/linux/isgx/default.nix b/pkgs/os-specific/linux/isgx/default.nix index 6e97532ee5d..c49a0a7b913 100644 --- a/pkgs/os-specific/linux/isgx/default.nix +++ b/pkgs/os-specific/linux/isgx/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, kernel, kernelAtLeast }: +{ stdenv, lib, fetchFromGitHub, kernel }: stdenv.mkDerivation rec { name = "isgx-${version}-${kernel.version}"; @@ -39,7 +39,7 @@ stdenv.mkDerivation rec { ''; homepage = "https://github.com/intel/linux-sgx-driver"; license = with licenses; [ bsd3 /* OR */ gpl2Only ]; - maintainers = with maintainers; [ oxalica ]; + maintainers = [ ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix index 792fef69cbd..1b983bb90e1 100644 --- a/pkgs/os-specific/linux/iwd/default.nix +++ b/pkgs/os-specific/linux/iwd/default.nix @@ -12,12 +12,12 @@ stdenv.mkDerivation rec { pname = "iwd"; - version = "2.7"; + version = "2.8"; src = fetchgit { url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; rev = version; - sha256 = "sha256-UsyJYQB6YzwcL6H1nyCW8ZTpBzacZMAp39mCfsZqwHY="; + sha256 = "sha256-i+2R8smgLXooApj0Z5e03FybhYgw1X/kIsJkrDzW8y4="; }; outputs = [ "out" "man" "doc" ] diff --git a/pkgs/os-specific/linux/kbd/default.nix b/pkgs/os-specific/linux/kbd/default.nix index 1c38f4b7f49..9d97f73780d 100644 --- a/pkgs/os-specific/linux/kbd/default.nix +++ b/pkgs/os-specific/linux/kbd/default.nix @@ -17,11 +17,11 @@ stdenv.mkDerivation rec { pname = "kbd"; - version = "2.6.2"; + version = "2.6.3"; src = fetchurl { url = "mirror://kernel/linux/utils/kbd/${pname}-${version}.tar.xz"; - sha256 = "sha256-M+O7PD9VkzsQ8FOxS19pouJMKFQ+nsdpAkb+R2KN2U8="; + sha256 = "sha256-BJlsCNfRxGCWb7JEo9OIM1LCZ0t61SIAPZ9Oy4q0jes="; }; # vlock is moved into its own output, since it depends on pam. This diff --git a/pkgs/os-specific/linux/kbd/search-paths.patch b/pkgs/os-specific/linux/kbd/search-paths.patch index fad33be45bd..61e8918017c 100644 --- a/pkgs/os-specific/linux/kbd/search-paths.patch +++ b/pkgs/os-specific/linux/kbd/search-paths.patch @@ -18,34 +18,30 @@ Without this patch, kbd will only look inside DATADIR "/" KEYMAPDIR "/mac/include/", --- a/src/libkfont/context.c +++ b/src/libkfont/context.c -@@ -13,6 +13,7 @@ +@@ -13,5 +13,6 @@ /* search for the map file in these directories (with trailing /) */ static const char *const mapdirpath[] = { - "", + "/etc/kbd/" TRANSDIR "/", DATADIR "/" TRANSDIR "/", NULL }; -@@ -28,6 +29,7 @@ static const char *const mapsuffixes[] = { +@@ -28,5 +29,6 @@ static const char *const mapsuffixes[] = { /* search for the font in these directories (with trailing /) */ static const char *const fontdirpath[] = { - "", + "/etc/kbd/" FONTDIR "/", DATADIR "/" FONTDIR "/", NULL }; -@@ -42,6 +44,7 @@ static char const *const fontsuffixes[] = { +@@ -42,5 +44,6 @@ static char const *const fontsuffixes[] = { static const char *const unidirpath[] = { - "", + "/etc/kbd/" UNIMAPDIR "/", DATADIR "/" UNIMAPDIR "/", NULL }; -@@ -55,6 +58,7 @@ static const char *const unisuffixes[] = { +@@ -55,5 +58,6 @@ static const char *const unisuffixes[] = { /* hide partial fonts a bit - loading a single one is a bad idea */ const char *const partfontdirpath[] = { - "", + "/etc/kbd/" FONTDIR "/" PARTIALDIR "/", DATADIR "/" FONTDIR "/" PARTIALDIR "/", NULL diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index b1c0d3ba50d..e0a3c4319b8 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -111,15 +111,18 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "6.4"; in + linuxHeaders = let version = "6.5"; in makeLinuxHeaders { inherit version; src = fetchurl { url = "mirror://kernel/linux/kernel/v${lib.versions.major version}.x/linux-${version}.tar.xz"; - hash = "sha256-j6BYjwws7KRMrHeg45ukjJ8AprncaXYcAqXT76yNp/M="; + hash = "sha256-eldLvCCALqdrUsp/rwcmf3IEXoYbGJFcUnKpjCer+IQ="; }; patches = [ - ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms + ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms + + # Fix regression turning `struct sockaddr_ll` flexible size. + ./revert-af_packet-flex.patch ]; }; } diff --git a/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch b/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch new file mode 100644 index 00000000000..ed6c8861d2f --- /dev/null +++ b/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch @@ -0,0 +1,31 @@ +Revert commit https://github.com/torvalds/linux/commit/a0ade8404c3bc2bf2631cb0f20d372eed22d9d96 + +The change caused API regression by turning fixed size struct to +flexible size struct. It was an unintentional change, broke `udp2raw`: + https://github.com/NixOS/nixpkgs/pull/252587#issuecomment-1744427473 +--- a/include/uapi/linux/if_packet.h ++++ b/include/uapi/linux/if_packet.h +@@ -18,11 +18,7 @@ struct sockaddr_ll { + unsigned short sll_hatype; + unsigned char sll_pkttype; + unsigned char sll_halen; +- union { +- unsigned char sll_addr[8]; +- /* Actual length is in sll_halen. */ +- __DECLARE_FLEX_ARRAY(unsigned char, sll_addr_flex); +- }; ++ unsigned char sll_addr[8]; + }; + + /* Packet types */ +--- a/net/packet/af_packet.c ++++ b/net/packet/af_packet.c +@@ -3607,7 +3607,7 @@ static int packet_getname(struct socket *sock, struct sockaddr *uaddr, + if (dev) { + sll->sll_hatype = dev->type; + sll->sll_halen = dev->addr_len; +- memcpy(sll->sll_addr_flex, dev->dev_addr, dev->addr_len); ++ memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len); + } else { + sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */ + sll->sll_halen = 0; diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 038a3105a18..2954ee8f78b 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -146,7 +146,7 @@ let scheduler = { IOSCHED_CFQ = whenOlder "5.0" yes; # Removed in 5.0-RC1 BLK_CGROUP = yes; # required by CFQ" - BLK_CGROUP_IOLATENCY = whenAtLeast "4.19" yes; + BLK_CGROUP_IOLATENCY = yes; BLK_CGROUP_IOCOST = whenAtLeast "5.4" yes; IOSCHED_DEADLINE = whenOlder "5.0" yes; # Removed in 5.0-RC1 MQ_IOSCHED_DEADLINE = yes; @@ -183,8 +183,8 @@ let BPF_JIT = whenPlatformHasEBPFJit yes; BPF_JIT_ALWAYS_ON = whenPlatformHasEBPFJit no; # whenPlatformHasEBPFJit yes; # see https://github.com/NixOS/nixpkgs/issues/79304 HAVE_EBPF_JIT = whenPlatformHasEBPFJit yes; - BPF_STREAM_PARSER = whenAtLeast "4.19" yes; - XDP_SOCKETS = whenAtLeast "4.19" yes; + BPF_STREAM_PARSER = yes; + XDP_SOCKETS = yes; XDP_SOCKETS_DIAG = whenAtLeast "5.1" yes; WAN = yes; TCP_CONG_ADVANCED = yes; @@ -208,7 +208,7 @@ let IPV6_FOU_TUNNEL = module; IPV6_SEG6_LWTUNNEL = yes; IPV6_SEG6_HMAC = yes; - IPV6_SEG6_BPF = whenAtLeast "4.18" yes; + IPV6_SEG6_BPF = yes; NET_CLS_BPF = module; NET_ACT_BPF = module; NET_SCHED = yes; @@ -237,22 +237,17 @@ let NF_CONNTRACK_TIMEOUT = yes; NF_CONNTRACK_TIMESTAMP = yes; NETFILTER_NETLINK_GLUE_CT = yes; - NF_TABLES_INET = mkMerge [ (whenOlder "4.17" module) - (whenAtLeast "4.17" yes) ]; - NF_TABLES_NETDEV = mkMerge [ (whenOlder "4.17" module) - (whenAtLeast "4.17" yes) ]; + NF_TABLES_INET = yes; + NF_TABLES_NETDEV = yes; NFT_REJECT_NETDEV = whenAtLeast "5.11" module; # IP: Netfilter Configuration - NF_TABLES_IPV4 = mkMerge [ (whenOlder "4.17" module) - (whenAtLeast "4.17" yes) ]; - NF_TABLES_ARP = mkMerge [ (whenOlder "4.17" module) - (whenAtLeast "4.17" yes) ]; + NF_TABLES_IPV4 = yes; + NF_TABLES_ARP = yes; # IPv6: Netfilter Configuration - NF_TABLES_IPV6 = mkMerge [ (whenOlder "4.17" module) - (whenAtLeast "4.17" yes) ]; + NF_TABLES_IPV6 = yes; # Bridge Netfilter Configuration - NF_TABLES_BRIDGE = mkMerge [ (whenBetween "4.19" "5.3" yes) + NF_TABLES_BRIDGE = mkMerge [ (whenOlder "5.3" yes) (whenAtLeast "5.3" module) ]; # needed for `dropwatch` @@ -274,7 +269,7 @@ let # Kernel TLS TLS = module; - TLS_DEVICE = whenAtLeast "4.18" yes; + TLS_DEVICE = yes; # infiniband INFINIBAND = module; @@ -323,11 +318,13 @@ let FB_3DFX_ACCEL = yes; FB_VESA = yes; FRAMEBUFFER_CONSOLE = yes; - FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER = whenAtLeast "4.19" yes; + FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER = yes; FRAMEBUFFER_CONSOLE_ROTATION = yes; + FRAMEBUFFER_CONSOLE_DETECT_PRIMARY = yes; FB_GEODE = mkIf (stdenv.hostPlatform.system == "i686-linux") yes; # On 5.14 this conflicts with FB_SIMPLE. DRM_SIMPLEDRM = whenAtLeast "5.14" no; + DRM_FBDEV_EMULATION = yes; }; fonts = { @@ -357,8 +354,7 @@ let # Allow device firmware updates DRM_DP_AUX_CHARDEV = yes; # amdgpu display core (DC) support - DRM_AMD_DC_DCN1_0 = whenBetween "4.15" "5.6" yes; - DRM_AMD_DC_PRE_VEGA = whenBetween "4.15" "4.18" yes; + DRM_AMD_DC_DCN1_0 = whenOlder "5.6" yes; DRM_AMD_DC_DCN2_0 = whenBetween "5.3" "5.6" yes; DRM_AMD_DC_DCN2_1 = whenBetween "5.4" "5.6" yes; DRM_AMD_DC_DCN3_0 = whenBetween "5.9" "5.11" yes; @@ -368,8 +364,8 @@ let DRM_AMD_DC_SI = whenAtLeast "5.10" yes; } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux") { # Intel GVT-g graphics virtualization supports 64-bit only - DRM_I915_GVT = whenAtLeast "4.16" yes; - DRM_I915_GVT_KVMGT = whenAtLeast "4.16" module; + DRM_I915_GVT = yes; + DRM_I915_GVT_KVMGT = module; # Enable Hyper-V Synthetic DRM Driver DRM_HYPERV = whenAtLeast "5.14" module; } // optionalAttrs (stdenv.hostPlatform.system == "aarch64-linux") { @@ -425,25 +421,9 @@ let usb-serial = { USB_SERIAL_GENERIC = yes; # USB Generic Serial Driver - } // optionalAttrs (versionOlder version "4.16") { - # Include firmware for various USB serial devices. - # Only applicable for kernels below 4.16, after that no firmware is shipped in the kernel tree. - USB_SERIAL_KEYSPAN_MPR = yes; - USB_SERIAL_KEYSPAN_USA28 = yes; - USB_SERIAL_KEYSPAN_USA28X = yes; - USB_SERIAL_KEYSPAN_USA28XA = yes; - USB_SERIAL_KEYSPAN_USA28XB = yes; - USB_SERIAL_KEYSPAN_USA19 = yes; - USB_SERIAL_KEYSPAN_USA18X = yes; - USB_SERIAL_KEYSPAN_USA19W = yes; - USB_SERIAL_KEYSPAN_USA19QW = yes; - USB_SERIAL_KEYSPAN_USA19QI = yes; - USB_SERIAL_KEYSPAN_USA49W = yes; - USB_SERIAL_KEYSPAN_USA49WLC = yes; }; usb = { - USB_DEBUG = { optional = true; tristate = whenOlder "4.18" "n";}; USB_EHCI_ROOT_HUB_TT = yes; # Root Hub Transaction Translators USB_EHCI_TT_NEWSCHED = yes; # Improved transaction translator scheduling USB_HIDDEV = yes; # USB Raw HID Devices (like monitor controls and Uninterruptable Power Supplies) @@ -514,7 +494,6 @@ let CIFS_XATTR = yes; CIFS_POSIX = option yes; CIFS_FSCACHE = yes; - CIFS_STATS = whenOlder "4.19" yes; CIFS_WEAK_PW_HASH = whenOlder "5.15" yes; CIFS_UPCALL = yes; CIFS_ACL = whenOlder "5.3" yes; @@ -569,7 +548,7 @@ let SECURITY_APPARMOR = yes; DEFAULT_SECURITY_APPARMOR = yes; - RANDOM_TRUST_CPU = whenOlder "6.2" (whenAtLeast "4.19" yes); # allow RDRAND to seed the RNG + RANDOM_TRUST_CPU = whenOlder "6.2" yes; # allow RDRAND to seed the RNG RANDOM_TRUST_BOOTLOADER = whenOlder "6.2" (whenAtLeast "5.4" yes); # allow the bootloader to seed the RNG MODULE_SIG = no; # r13y, generates a random key during build and bakes it in @@ -581,10 +560,15 @@ let PERSISTENT_KEYRINGS = yes; # enable temporary caching of the last request_key() result KEYS_REQUEST_CACHE = whenAtLeast "5.3" yes; - } // optionalAttrs (!stdenv.hostPlatform.isAarch32) { + # randomized slab caches + RANDOM_KMALLOC_CACHES = whenAtLeast "6.6" yes; + + # NIST SP800-90A DRBG modes - enabled by most distributions + # and required by some out-of-tree modules (ShuffleCake) + # This does not include the NSA-backdoored Dual-EC mode from the same NIST publication. + CRYPTO_DRBG_HASH = yes; + CRYPTO_DRBG_CTR = yes; - # Detect buffer overflows on the stack - CC_STACKPROTECTOR_REGULAR = {optional = true; tristate = whenOlder "4.18" "y";}; } // optionalAttrs stdenv.hostPlatform.isx86_64 { # Enable Intel SGX X86_SGX = whenAtLeast "5.11" yes; @@ -596,9 +580,11 @@ let # AMD SME AMD_MEM_ENCRYPT = yes; # AMD SEV and AMD SEV-SE - KVM_AMD_SEV = whenAtLeast "4.16" yes; + KVM_AMD_SEV = yes; # AMD SEV-SNP SEV_GUEST = whenAtLeast "5.19" module; + # Shadow stacks + X86_USER_SHADOW_STACK = whenAtLeast "6.6" yes; }; microcode = { @@ -702,7 +688,6 @@ let XEN_PVH = option yes; XEN_PVHVM = option yes; XEN_SAVE_RESTORE = option yes; - XEN_SCRUB_PAGES = whenOlder "4.19" yes; XEN_SELFBALLOONING = whenOlder "5.3" yes; # Enable device detection on virtio-mmio hypervisors @@ -737,7 +722,6 @@ let ZSWAP = option yes; ZPOOL = yes; ZBUD = option yes; - ZSMALLOC = module; }; brcmfmac = { @@ -756,40 +740,11 @@ let tests = { # This menu disables all/most of them on >= 4.16 RUNTIME_TESTING_MENU = option no; - } // optionalAttrs (versionOlder version "4.16") { - # For older kernels, painstakingly disable each symbol. - ARM_KPROBES_TEST = option no; - ASYNC_RAID6_TEST = option no; - ATOMIC64_SELFTEST = option no; - BACKTRACE_SELF_TEST = option no; - INTERVAL_TREE_TEST = option no; - PERCPU_TEST = option no; - RBTREE_TEST = option no; - TEST_BITMAP = option no; - TEST_BPF = option no; - TEST_FIRMWARE = option no; - TEST_HASH = option no; - TEST_HEXDUMP = option no; - TEST_KMOD = option no; - TEST_KSTRTOX = option no; - TEST_LIST_SORT = option no; - TEST_LKM = option no; - TEST_PARMAN = option no; - TEST_PRINTF = option no; - TEST_RHASHTABLE = option no; - TEST_SORT = option no; - TEST_STATIC_KEYS = option no; - TEST_STRING_HELPERS = option no; - TEST_UDELAY = option no; - TEST_USER_COPY = option no; - TEST_UUID = option no; } // { CRC32_SELFTEST = option no; CRYPTO_TEST = option no; EFI_TEST = option no; GLOB_SELFTEST = option no; - DRM_DEBUG_MM_SELFTEST = { optional = true; tristate = whenOlder "4.18" "n";}; - LNET_SELFTEST = { optional = true; tristate = whenOlder "4.18" "n";}; LOCK_TORTURE_TEST = option no; MTD_TESTS = option no; NOTIFIER_ERROR_INJECTION = option no; @@ -801,23 +756,11 @@ let XZ_DEC_TEST = option no; }; - criu = if (versionAtLeast version "4.19") then { + criu = { # Unconditionally enabled, because it is required for CRIU and # it provides the kcmp() system call that Mesa depends on. CHECKPOINT_RESTORE = yes; - } else optionalAttrs (features.criu or false) ({ - # For older kernels, CHECKPOINT_RESTORE is hidden behind EXPERT. - EXPERT = yes; - CHECKPOINT_RESTORE = yes; - } // optionalAttrs (features.criu_revert_expert or true) { - RFKILL_INPUT = option yes; - HID_PICOLCD_FB = option yes; - HID_PICOLCD_BACKLIGHT = option yes; - HID_PICOLCD_LCD = option yes; - HID_PICOLCD_LEDS = option yes; - HID_PICOLCD_CIR = option yes; - DEBUG_MEMORY_INIT = option yes; - }); + }; misc = let # Use zstd for kernel compression if 64-bit and newer than 5.9, otherwise xz. @@ -861,7 +804,6 @@ let PM_TRACE_RTC = no; # Disable some expensive (?) features. ACCESSIBILITY = yes; # Accessibility support AUXDISPLAY = yes; # Auxiliary Display support - DONGLE = whenOlder "4.17" yes; # Serial dongle support HIPPI = yes; MTD_COMPLEX_MAPPINGS = yes; # needed for many devices @@ -903,6 +845,8 @@ let CLEANCACHE = whenOlder "5.17" (option yes); CRASH_DUMP = option no; + FSCACHE_STATS = yes; + DVB_DYNAMIC_MINORS = option yes; # we use udev EFI_STUB = yes; # EFI bootloader in the bzImage itself @@ -917,7 +861,6 @@ let FUSION = yes; # Fusion MPT device support IDE = whenOlder "5.14" no; # deprecated IDE support, removed in 5.14 IDLE_PAGE_TRACKING = yes; - IRDA_ULTRA = whenOlder "4.17" yes; # Ultra (connectionless) protocol JOYSTICK_IFORCE_232 = { optional = true; tristate = whenOlder "5.3" "y"; }; # I-Force Serial joysticks and wheels JOYSTICK_IFORCE_USB = { optional = true; tristate = whenOlder "5.3" "y"; }; # I-Force USB joysticks and wheels @@ -939,7 +882,7 @@ let MLX5_CORE_EN = option yes; - NVME_MULTIPATH = whenAtLeast "4.15" yes; + NVME_MULTIPATH = yes; PSI = whenAtLeast "4.20" yes; @@ -1014,7 +957,7 @@ let X86_PLATFORM_DRIVERS_DELL = whenAtLeast "5.12" yes; X86_PLATFORM_DRIVERS_HP = whenAtLeast "6.1" yes; - LIRC = mkMerge [ (whenOlder "4.16" module) (whenAtLeast "4.17" yes) ]; + LIRC = yes; SCHED_CORE = whenAtLeast "5.14" yes; @@ -1072,6 +1015,28 @@ let # Keeping it a built-in ensures it will be used if possible. FB_SIMPLE = yes; + # https://docs.kernel.org/arch/arm/mem_alignment.html + # tldr: + # when buggy userspace code emits illegal misaligned LDM, STM, + # LDRD and STRDs, the instructions trap, are caught, and then + # are emulated by the kernel. + # + # This is the default on armv7l, anyway, but it is explicitly + # enabled here for the sake of providing context for the + # aarch64 compat option which follows. + ALIGNMENT_TRAP = mkIf (stdenv.hostPlatform.system == "armv7l-linux") yes; + + # https://patchwork.kernel.org/project/linux-arm-kernel/patch/20220701135322.3025321-1-ardb@kernel.org/ + # tldr: + # when encountering alignment faults under aarch64, this option + # makes the kernel attempt to handle the fault by doing the + # same style of misaligned emulation that is performed under + # armv7l (see above option). + # + # This minimizes the potential for aarch32 userspace to behave + # differently when run under aarch64 kernels compared to when + # it is run under an aarch32 kernel. + COMPAT_ALIGNMENT_FIXUPS = mkIf (stdenv.hostPlatform.system == "aarch64-linux") (whenAtLeast "6.1" yes); } // optionalAttrs (versionAtLeast version "5.4" && (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux")) { # Required for various hardware features on Chrome OS devices CHROME_PLATFORMS = yes; diff --git a/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/4.11.patch b/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/4.11.patch deleted file mode 100644 index 4e247e43289..00000000000 --- a/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/4.11.patch +++ /dev/null @@ -1,784 +0,0 @@ -commit 827b86ad1dd21feed4c0b99faf6059f245f7dadb -Author: Tejun Heo <tj@kernel.org> -Date: Fri Mar 11 07:31:23 2016 -0500 - - sched: Misc preps for cgroup unified hierarchy interface - - Make the following changes in preparation for the cpu controller - interface implementation for the unified hierarchy. This patch - doesn't cause any functional differences. - - * s/cpu_stats_show()/cpu_cfs_stats_show()/ - - * s/cpu_files/cpu_legacy_files/ - - * Separate out cpuacct_stats_read() from cpuacct_stats_show(). While - at it, make the @val array u64 for consistency. - - Signed-off-by: Tejun Heo <tj@kernel.org> - Cc: Ingo Molnar <mingo@redhat.com> - Cc: Peter Zijlstra <peterz@infradead.org> - Cc: Li Zefan <lizefan@huawei.com> - Cc: Johannes Weiner <hannes@cmpxchg.org> - -diff --git a/kernel/sched/core.c b/kernel/sched/core.c -index 3b31fc05a0f1..a1b95e83fa87 100644 ---- a/kernel/sched/core.c -+++ b/kernel/sched/core.c -@@ -7174,7 +7174,7 @@ static int __cfs_schedulable(struct task_group *tg, u64 period, u64 quota) - return ret; - } - --static int cpu_stats_show(struct seq_file *sf, void *v) -+static int cpu_cfs_stats_show(struct seq_file *sf, void *v) - { - struct task_group *tg = css_tg(seq_css(sf)); - struct cfs_bandwidth *cfs_b = &tg->cfs_bandwidth; -@@ -7214,7 +7214,7 @@ static u64 cpu_rt_period_read_uint(struct cgroup_subsys_state *css, - } - #endif /* CONFIG_RT_GROUP_SCHED */ - --static struct cftype cpu_files[] = { -+static struct cftype cpu_legacy_files[] = { - #ifdef CONFIG_FAIR_GROUP_SCHED - { - .name = "shares", -@@ -7235,7 +7235,7 @@ static struct cftype cpu_files[] = { - }, - { - .name = "stat", -- .seq_show = cpu_stats_show, -+ .seq_show = cpu_cfs_stats_show, - }, - #endif - #ifdef CONFIG_RT_GROUP_SCHED -@@ -7261,7 +7261,7 @@ struct cgroup_subsys cpu_cgrp_subsys = { - .fork = cpu_cgroup_fork, - .can_attach = cpu_cgroup_can_attach, - .attach = cpu_cgroup_attach, -- .legacy_cftypes = cpu_files, -+ .legacy_cftypes = cpu_legacy_files, - .early_init = true, - }; - -diff --git a/kernel/sched/cpuacct.c b/kernel/sched/cpuacct.c -index f95ab29a45d0..6151c23f722f 100644 ---- a/kernel/sched/cpuacct.c -+++ b/kernel/sched/cpuacct.c -@@ -276,26 +276,33 @@ static int cpuacct_all_seq_show(struct seq_file *m, void *V) - return 0; - } - --static int cpuacct_stats_show(struct seq_file *sf, void *v) -+static void cpuacct_stats_read(struct cpuacct *ca, -+ u64 (*val)[CPUACCT_STAT_NSTATS]) - { -- struct cpuacct *ca = css_ca(seq_css(sf)); -- s64 val[CPUACCT_STAT_NSTATS]; - int cpu; -- int stat; - -- memset(val, 0, sizeof(val)); -+ memset(val, 0, sizeof(*val)); -+ - for_each_possible_cpu(cpu) { - u64 *cpustat = per_cpu_ptr(ca->cpustat, cpu)->cpustat; - -- val[CPUACCT_STAT_USER] += cpustat[CPUTIME_USER]; -- val[CPUACCT_STAT_USER] += cpustat[CPUTIME_NICE]; -- val[CPUACCT_STAT_SYSTEM] += cpustat[CPUTIME_SYSTEM]; -- val[CPUACCT_STAT_SYSTEM] += cpustat[CPUTIME_IRQ]; -- val[CPUACCT_STAT_SYSTEM] += cpustat[CPUTIME_SOFTIRQ]; -+ (*val)[CPUACCT_STAT_USER] += cpustat[CPUTIME_USER]; -+ (*val)[CPUACCT_STAT_USER] += cpustat[CPUTIME_NICE]; -+ (*val)[CPUACCT_STAT_SYSTEM] += cpustat[CPUTIME_SYSTEM]; -+ (*val)[CPUACCT_STAT_SYSTEM] += cpustat[CPUTIME_IRQ]; -+ (*val)[CPUACCT_STAT_SYSTEM] += cpustat[CPUTIME_SOFTIRQ]; - } -+} -+ -+static int cpuacct_stats_show(struct seq_file *sf, void *v) -+{ -+ u64 val[CPUACCT_STAT_NSTATS]; -+ int stat; -+ -+ cpuacct_stats_read(css_ca(seq_css(sf)), &val); - - for (stat = 0; stat < CPUACCT_STAT_NSTATS; stat++) { -- seq_printf(sf, "%s %lld\n", -+ seq_printf(sf, "%s %llu\n", - cpuacct_stat_desc[stat], - (long long)nsec_to_clock_t(val[stat])); - } - -commit fdb64d002b3a223ce4bb11aa4448a42050470052 -Author: Tejun Heo <tj@kernel.org> -Date: Fri Mar 11 07:31:23 2016 -0500 - - sched: Implement interface for cgroup unified hierarchy - - While the cpu controller doesn't have any functional problems, there - are a couple interface issues which can be addressed in the v2 - interface. - - * cpuacct being a separate controller. This separation is artificial - and rather pointless as demonstrated by most use cases co-mounting - the two controllers. It also forces certain information to be - accounted twice. - - * Use of different time units. Writable control knobs use - microseconds, some stat fields use nanoseconds while other cpuacct - stat fields use centiseconds. - - * Control knobs which can't be used in the root cgroup still show up - in the root. - - * Control knob names and semantics aren't consistent with other - controllers. - - This patchset implements cpu controller's interface on the unified - hierarchy which adheres to the controller file conventions described - in Documentation/cgroups/unified-hierarchy.txt. Overall, the - following changes are made. - - * cpuacct is implictly enabled and disabled by cpu and its information - is reported through "cpu.stat" which now uses microseconds for all - time durations. All time duration fields now have "_usec" appended - to them for clarity. While this doesn't solve the double accounting - immediately, once majority of users switch to v2, cpu can directly - account and report the relevant stats and cpuacct can be disabled on - the unified hierarchy. - - Note that cpuacct.usage_percpu is currently not included in - "cpu.stat". If this information is actually called for, it can be - added later. - - * "cpu.shares" is replaced with "cpu.weight" and operates on the - standard scale defined by CGROUP_WEIGHT_MIN/DFL/MAX (1, 100, 10000). - The weight is scaled to scheduler weight so that 100 maps to 1024 - and the ratio relationship is preserved - if weight is W and its - scaled value is S, W / 100 == S / 1024. While the mapped range is a - bit smaller than the orignal scheduler weight range, the dead zones - on both sides are relatively small and covers wider range than the - nice value mappings. This file doesn't make sense in the root - cgroup and isn't create on root. - - * "cpu.cfs_quota_us" and "cpu.cfs_period_us" are replaced by "cpu.max" - which contains both quota and period. - - * "cpu.rt_runtime_us" and "cpu.rt_period_us" are replaced by - "cpu.rt.max" which contains both runtime and period. - - v2: cpu_stats_show() was incorrectly using CONFIG_FAIR_GROUP_SCHED for - CFS bandwidth stats and also using raw division for u64. Use - CONFIG_CFS_BANDWITH and do_div() instead. - - The semantics of "cpu.rt.max" is not fully decided yet. Dropped - for now. - - Signed-off-by: Tejun Heo <tj@kernel.org> - Cc: Ingo Molnar <mingo@redhat.com> - Cc: Peter Zijlstra <peterz@infradead.org> - Cc: Li Zefan <lizefan@huawei.com> - Cc: Johannes Weiner <hannes@cmpxchg.org> - -diff --git a/kernel/sched/core.c b/kernel/sched/core.c -index a1b95e83fa87..f01d56e58a1b 100644 ---- a/kernel/sched/core.c -+++ b/kernel/sched/core.c -@@ -7253,6 +7253,139 @@ static struct cftype cpu_legacy_files[] = { - { } /* Terminate */ - }; - -+static int cpu_stats_show(struct seq_file *sf, void *v) -+{ -+ cpuacct_cpu_stats_show(sf); -+ -+#ifdef CONFIG_CFS_BANDWIDTH -+ { -+ struct task_group *tg = css_tg(seq_css(sf)); -+ struct cfs_bandwidth *cfs_b = &tg->cfs_bandwidth; -+ u64 throttled_usec; -+ -+ throttled_usec = cfs_b->throttled_time; -+ do_div(throttled_usec, NSEC_PER_USEC); -+ -+ seq_printf(sf, "nr_periods %d\n" -+ "nr_throttled %d\n" -+ "throttled_usec %llu\n", -+ cfs_b->nr_periods, cfs_b->nr_throttled, -+ throttled_usec); -+ } -+#endif -+ return 0; -+} -+ -+#ifdef CONFIG_FAIR_GROUP_SCHED -+static u64 cpu_weight_read_u64(struct cgroup_subsys_state *css, -+ struct cftype *cft) -+{ -+ struct task_group *tg = css_tg(css); -+ u64 weight = scale_load_down(tg->shares); -+ -+ return DIV_ROUND_CLOSEST_ULL(weight * CGROUP_WEIGHT_DFL, 1024); -+} -+ -+static int cpu_weight_write_u64(struct cgroup_subsys_state *css, -+ struct cftype *cftype, u64 weight) -+{ -+ /* -+ * cgroup weight knobs should use the common MIN, DFL and MAX -+ * values which are 1, 100 and 10000 respectively. While it loses -+ * a bit of range on both ends, it maps pretty well onto the shares -+ * value used by scheduler and the round-trip conversions preserve -+ * the original value over the entire range. -+ */ -+ if (weight < CGROUP_WEIGHT_MIN || weight > CGROUP_WEIGHT_MAX) -+ return -ERANGE; -+ -+ weight = DIV_ROUND_CLOSEST_ULL(weight * 1024, CGROUP_WEIGHT_DFL); -+ -+ return sched_group_set_shares(css_tg(css), scale_load(weight)); -+} -+#endif -+ -+static void __maybe_unused cpu_period_quota_print(struct seq_file *sf, -+ long period, long quota) -+{ -+ if (quota < 0) -+ seq_puts(sf, "max"); -+ else -+ seq_printf(sf, "%ld", quota); -+ -+ seq_printf(sf, " %ld\n", period); -+} -+ -+/* caller should put the current value in *@periodp before calling */ -+static int __maybe_unused cpu_period_quota_parse(char *buf, -+ u64 *periodp, u64 *quotap) -+{ -+ char tok[21]; /* U64_MAX */ -+ -+ if (!sscanf(buf, "%s %llu", tok, periodp)) -+ return -EINVAL; -+ -+ *periodp *= NSEC_PER_USEC; -+ -+ if (sscanf(tok, "%llu", quotap)) -+ *quotap *= NSEC_PER_USEC; -+ else if (!strcmp(tok, "max")) -+ *quotap = RUNTIME_INF; -+ else -+ return -EINVAL; -+ -+ return 0; -+} -+ -+#ifdef CONFIG_CFS_BANDWIDTH -+static int cpu_max_show(struct seq_file *sf, void *v) -+{ -+ struct task_group *tg = css_tg(seq_css(sf)); -+ -+ cpu_period_quota_print(sf, tg_get_cfs_period(tg), tg_get_cfs_quota(tg)); -+ return 0; -+} -+ -+static ssize_t cpu_max_write(struct kernfs_open_file *of, -+ char *buf, size_t nbytes, loff_t off) -+{ -+ struct task_group *tg = css_tg(of_css(of)); -+ u64 period = tg_get_cfs_period(tg); -+ u64 quota; -+ int ret; -+ -+ ret = cpu_period_quota_parse(buf, &period, "a); -+ if (!ret) -+ ret = tg_set_cfs_bandwidth(tg, period, quota); -+ return ret ?: nbytes; -+} -+#endif -+ -+static struct cftype cpu_files[] = { -+ { -+ .name = "stat", -+ .flags = CFTYPE_NOT_ON_ROOT, -+ .seq_show = cpu_stats_show, -+ }, -+#ifdef CONFIG_FAIR_GROUP_SCHED -+ { -+ .name = "weight", -+ .flags = CFTYPE_NOT_ON_ROOT, -+ .read_u64 = cpu_weight_read_u64, -+ .write_u64 = cpu_weight_write_u64, -+ }, -+#endif -+#ifdef CONFIG_CFS_BANDWIDTH -+ { -+ .name = "max", -+ .flags = CFTYPE_NOT_ON_ROOT, -+ .seq_show = cpu_max_show, -+ .write = cpu_max_write, -+ }, -+#endif -+ { } /* terminate */ -+}; -+ - struct cgroup_subsys cpu_cgrp_subsys = { - .css_alloc = cpu_cgroup_css_alloc, - .css_online = cpu_cgroup_css_online, -@@ -7262,7 +7395,15 @@ struct cgroup_subsys cpu_cgrp_subsys = { - .can_attach = cpu_cgroup_can_attach, - .attach = cpu_cgroup_attach, - .legacy_cftypes = cpu_legacy_files, -+ .dfl_cftypes = cpu_files, - .early_init = true, -+#ifdef CONFIG_CGROUP_CPUACCT -+ /* -+ * cpuacct is enabled together with cpu on the unified hierarchy -+ * and its stats are reported through "cpu.stat". -+ */ -+ .depends_on = 1 << cpuacct_cgrp_id, -+#endif - }; - - #endif /* CONFIG_CGROUP_SCHED */ -diff --git a/kernel/sched/cpuacct.c b/kernel/sched/cpuacct.c -index 6151c23f722f..fc1cf13c3af1 100644 ---- a/kernel/sched/cpuacct.c -+++ b/kernel/sched/cpuacct.c -@@ -347,6 +347,31 @@ static struct cftype files[] = { - { } /* terminate */ - }; - -+/* used to print cpuacct stats in cpu.stat on the unified hierarchy */ -+void cpuacct_cpu_stats_show(struct seq_file *sf) -+{ -+ struct cgroup_subsys_state *css; -+ u64 usage, val[CPUACCT_STAT_NSTATS]; -+ -+ css = cgroup_get_e_css(seq_css(sf)->cgroup, &cpuacct_cgrp_subsys); -+ -+ usage = cpuusage_read(css, seq_cft(sf)); -+ cpuacct_stats_read(css_ca(css), &val); -+ -+ val[CPUACCT_STAT_USER] *= TICK_NSEC; -+ val[CPUACCT_STAT_SYSTEM] *= TICK_NSEC; -+ do_div(usage, NSEC_PER_USEC); -+ do_div(val[CPUACCT_STAT_USER], NSEC_PER_USEC); -+ do_div(val[CPUACCT_STAT_SYSTEM], NSEC_PER_USEC); -+ -+ seq_printf(sf, "usage_usec %llu\n" -+ "user_usec %llu\n" -+ "system_usec %llu\n", -+ usage, val[CPUACCT_STAT_USER], val[CPUACCT_STAT_SYSTEM]); -+ -+ css_put(css); -+} -+ - /* - * charge this task's execution time to its accounting group. - * -diff --git a/kernel/sched/cpuacct.h b/kernel/sched/cpuacct.h -index ba72807c73d4..ddf7af466d35 100644 ---- a/kernel/sched/cpuacct.h -+++ b/kernel/sched/cpuacct.h -@@ -2,6 +2,7 @@ - - extern void cpuacct_charge(struct task_struct *tsk, u64 cputime); - extern void cpuacct_account_field(struct task_struct *tsk, int index, u64 val); -+extern void cpuacct_cpu_stats_show(struct seq_file *sf); - - #else - -@@ -14,4 +15,8 @@ cpuacct_account_field(struct task_struct *tsk, int index, u64 val) - { - } - -+static inline void cpuacct_cpu_stats_show(struct seq_file *sf) -+{ -+} -+ - #endif - -commit 8dde150866b8c433216105c50b7e889d5242d583 -Author: Tejun Heo <tj@kernel.org> -Date: Fri Aug 5 12:41:01 2016 -0400 - - cgroup: add documentation regarding CPU controller cgroup v2 support - - Signed-off-by: Tejun Heo <tj@kernel.org> - -diff --git a/Documentation/cgroup-v2-cpu.txt b/Documentation/cgroup-v2-cpu.txt -new file mode 100644 -index 000000000000..1ed7032d4472 ---- /dev/null -+++ b/Documentation/cgroup-v2-cpu.txt -@@ -0,0 +1,368 @@ -+ -+ -+CPU Controller on Control Group v2 -+ -+August, 2016 Tejun Heo <tj@kernel.org> -+ -+ -+While most controllers have support for cgroup v2 now, the CPU -+controller support is not upstream yet due to objections from the -+scheduler maintainers on the basic designs of cgroup v2. This -+document explains the current situation as well as an interim -+solution, and details the disagreements and arguments. The latest -+version of this document can be found at the following URL. -+ -+ https://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git/tree/Documentation/cgroup-v2-cpu.txt?h=cgroup-v2-cpu -+ -+This document was posted to the linux-kernel and cgroup mailing lists. -+Unfortunately, no consensus was reached as of Oct, 2016. The thread -+can be found at the following URL. -+ -+ http://lkml.kernel.org/r/20160805170752.GK2542@mtj.duckdns.org -+ -+ -+CONTENTS -+ -+1. Current Situation and Interim Solution -+2. Disagreements and Arguments -+ 2-1. Contentious Restrictions -+ 2-1-1. Process Granularity -+ 2-1-2. No Internal Process Constraint -+ 2-2. Impact on CPU Controller -+ 2-2-1. Impact of Process Granularity -+ 2-2-2. Impact of No Internal Process Constraint -+ 2-3. Arguments for cgroup v2 -+3. Way Forward -+4. References -+ -+ -+1. Current Situation and Interim Solution -+ -+All objections from the scheduler maintainers apply to cgroup v2 core -+design, and there are no known objections to the specifics of the CPU -+controller cgroup v2 interface. The only blocked part is changes to -+expose the CPU controller interface on cgroup v2, which comprises the -+following two patches: -+ -+ [1] sched: Misc preps for cgroup unified hierarchy interface -+ [2] sched: Implement interface for cgroup unified hierarchy -+ -+The necessary changes are superficial and implement the interface -+files on cgroup v2. The combined diffstat is as follows. -+ -+ kernel/sched/core.c | 149 +++++++++++++++++++++++++++++++++++++++++++++++-- -+ kernel/sched/cpuacct.c | 57 ++++++++++++------ -+ kernel/sched/cpuacct.h | 5 + -+ 3 files changed, 189 insertions(+), 22 deletions(-) -+ -+The patches are easy to apply and forward-port. The following git -+branch will always carry the two patches on top of the latest release -+of the upstream kernel. -+ -+ git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git/cgroup-v2-cpu -+ -+There also are versioned branches going back to v4.4. -+ -+ git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git/cgroup-v2-cpu-$KERNEL_VER -+ -+While it's difficult to tell whether the CPU controller support will -+be merged, there are crucial resource control features in cgroup v2 -+that are only possible due to the design choices that are being -+objected to, and every effort will be made to ease enabling the CPU -+controller cgroup v2 support out-of-tree for parties which choose to. -+ -+ -+2. Disagreements and Arguments -+ -+There have been several lengthy discussion threads [3][4] on LKML -+around the structural constraints of cgroup v2. The two that affect -+the CPU controller are process granularity and no internal process -+constraint. Both arise primarily from the need for common resource -+domain definition across different resources. -+ -+The common resource domain is a powerful concept in cgroup v2 that -+allows controllers to make basic assumptions about the structural -+organization of processes and controllers inside the cgroup hierarchy, -+and thus solve problems spanning multiple types of resources. The -+prime example for this is page cache writeback: dirty page cache is -+regulated through throttling buffered writers based on memory -+availability, and initiating batched write outs to the disk based on -+IO capacity. Tracking and controlling writeback inside a cgroup thus -+requires the direct cooperation of the memory and the IO controller. -+ -+This easily extends to other areas, such as CPU cycles consumed while -+performing memory reclaim or IO encryption. -+ -+ -+2-1. Contentious Restrictions -+ -+For controllers of different resources to work together, they must -+agree on a common organization. This uniform model across controllers -+imposes two contentious restrictions on the CPU controller: process -+granularity and the no-internal-process constraint. -+ -+ -+ 2-1-1. Process Granularity -+ -+ For memory, because an address space is shared between all threads -+ of a process, the terminal consumer is a process, not a thread. -+ Separating the threads of a single process into different memory -+ control domains doesn't make semantical sense. cgroup v2 ensures -+ that all controller can agree on the same organization by requiring -+ that threads of the same process belong to the same cgroup. -+ -+ There are other reasons to enforce process granularity. One -+ important one is isolating system-level management operations from -+ in-process application operations. The cgroup interface, being a -+ virtual filesystem, is very unfit for multiple independent -+ operations taking place at the same time as most operations have to -+ be multi-step and there is no way to synchronize multiple accessors. -+ See also [5] Documentation/cgroup-v2.txt, "R-2. Thread Granularity" -+ -+ -+ 2-1-2. No Internal Process Constraint -+ -+ cgroup v2 does not allow processes to belong to any cgroup which has -+ child cgroups when resource controllers are enabled on it (the -+ notable exception being the root cgroup itself). This is because, -+ for some resources, a resource domain (cgroup) is not directly -+ comparable to the terminal consumer (process/task) of said resource, -+ and so putting the two into a sibling relationship isn't meaningful. -+ -+ - Differing Control Parameters and Capabilities -+ -+ A cgroup controller has different resource control parameters and -+ capabilities from a terminal consumer, be that a task or process. -+ There are a couple cases where a cgroup control knob can be mapped -+ to a per-task or per-process API but they are exceptions and the -+ mappings aren't obvious even in those cases. -+ -+ For example, task priorities (also known as nice values) set -+ through setpriority(2) are mapped to the CPU controller -+ "cpu.shares" values. However, how exactly the two ranges map and -+ even the fact that they map to each other at all are not obvious. -+ -+ The situation gets further muddled when considering other resource -+ types and control knobs. IO priorities set through ioprio_set(2) -+ cannot be mapped to IO controller weights and most cgroup resource -+ control knobs including the bandwidth control knobs of the CPU -+ controller don't have counterparts in the terminal consumers. -+ -+ - Anonymous Resource Consumption -+ -+ For CPU, every time slice consumed from inside a cgroup, which -+ comprises most but not all of consumed CPU time for the cgroup, -+ can be clearly attributed to a specific task or process. Because -+ these two types of entities are directly comparable as consumers -+ of CPU time, it's theoretically possible to mix tasks and cgroups -+ on the same tree levels and let them directly compete for the time -+ quota available to their common ancestor. -+ -+ However, the same can't be said for resource types like memory or -+ IO: the memory consumed by the page cache, for example, can be -+ tracked on a per-cgroup level, but due to mismatches in lifetimes -+ of involved objects (page cache can persist long after processes -+ are gone), shared usages and the implementation overhead of -+ tracking persistent state, it can no longer be attributed to -+ individual processes after instantiation. Consequently, any IO -+ incurred by page cache writeback can be attributed to a cgroup, -+ but not to the individual consumers inside the cgroup. -+ -+ For memory and IO, this makes a resource domain (cgroup) an object -+ of a fundamentally different type than a terminal consumer -+ (process). A process can't be a first class object in the resource -+ distribution graph as its total resource consumption can't be -+ described without the containing resource domain. -+ -+ Disallowing processes in internal cgroups avoids competition between -+ cgroups and processes which cannot be meaningfully defined for these -+ resources. All resource control takes place among cgroups and a -+ terminal consumer interacts with the containing cgroup the same way -+ it would with the system without cgroup. -+ -+ Root cgroup is exempt from this constraint, which is in line with -+ how root cgroup is handled in general - it's excluded from cgroup -+ resource accounting and control. -+ -+ -+Enforcing process granularity and no internal process constraint -+allows all controllers to be on the same footing in terms of resource -+distribution hierarchy. -+ -+ -+2-2. Impact on CPU Controller -+ -+As indicated earlier, the CPU controller's resource distribution graph -+is the simplest. Every schedulable resource consumption can be -+attributed to a specific task. In addition, for weight based control, -+the per-task priority set through setpriority(2) can be translated to -+and from a per-cgroup weight. As such, the CPU controller can treat a -+task and a cgroup symmetrically, allowing support for any tree layout -+of cgroups and tasks. Both process granularity and the no internal -+process constraint restrict how the CPU controller can be used. -+ -+ -+ 2-2-1. Impact of Process Granularity -+ -+ Process granularity prevents tasks belonging to the same process to -+ be assigned to different cgroups. It was pointed out [6] that this -+ excludes the valid use case of hierarchical CPU distribution within -+ processes. -+ -+ To address this issue, the rgroup (resource group) [7][8][9] -+ interface, an extension of the existing setpriority(2) API, was -+ proposed, which is in line with other programmable priority -+ mechanisms and eliminates the risk of in-application configuration -+ and system configuration stepping on each other's toes. -+ Unfortunately, the proposal quickly turned into discussions around -+ cgroup v2 design decisions [4] and no consensus could be reached. -+ -+ -+ 2-2-2. Impact of No Internal Process Constraint -+ -+ The no internal process constraint disallows tasks from competing -+ directly against cgroups. Here is an excerpt from Peter Zijlstra -+ pointing out the issue [10] - R, L and A are cgroups; t1, t2, t3 and -+ t4 are tasks: -+ -+ -+ R -+ / | \ -+ t1 t2 A -+ / \ -+ t3 t4 -+ -+ -+ Is fundamentally different from: -+ -+ -+ R -+ / \ -+ L A -+ / \ / \ -+ t1 t2 t3 t4 -+ -+ -+ Because if in the first hierarchy you add a task (t5) to R, all of -+ its A will run at 1/4th of total bandwidth where before it had -+ 1/3rd, whereas with the second example, if you add our t5 to L, A -+ doesn't get any less bandwidth. -+ -+ -+ It is true that the trees are semantically different from each other -+ and the symmetric handling of tasks and cgroups is aesthetically -+ pleasing. However, it isn't clear what the practical usefulness of -+ a layout with direct competition between tasks and cgroups would be, -+ considering that number and behavior of tasks are controlled by each -+ application, and cgroups primarily deal with system level resource -+ distribution; changes in the number of active threads would directly -+ impact resource distribution. Real world use cases of such layouts -+ could not be established during the discussions. -+ -+ -+2-3. Arguments for cgroup v2 -+ -+There are strong demands for comprehensive hierarchical resource -+control across all major resources, and establishing a common resource -+hierarchy is an essential step. As with most engineering decisions, -+common resource hierarchy definition comes with its trade-offs. With -+cgroup v2, the trade-offs are in the form of structural constraints -+which, among others, restrict the CPU controller's space of possible -+configurations. -+ -+However, even with the restrictions, cgroup v2, in combination with -+rgroup, covers most of identified real world use cases while enabling -+new important use cases of resource control across multiple resource -+types that were fundamentally broken previously. -+ -+Furthermore, for resource control, treating resource domains as -+objects of a different type from terminal consumers has important -+advantages - it can account for resource consumptions which are not -+tied to any specific terminal consumer, be that a task or process, and -+allows decoupling resource distribution controls from in-application -+APIs. Even the CPU controller may benefit from it as the kernel can -+consume significant amount of CPU cycles in interrupt context or tasks -+shared across multiple resource domains (e.g. softirq). -+ -+Finally, it's important to note that enabling cgroup v2 support for -+the CPU controller doesn't block use cases which require the features -+which are not available on cgroup v2. Unlikely, but should anybody -+actually rely on the CPU controller's symmetric handling of tasks and -+cgroups, backward compatibility is and will be maintained by being -+able to disconnect the controller from the cgroup v2 hierarchy and use -+it standalone. This also holds for cpuset which is often used in -+highly customized configurations which might be a poor fit for common -+resource domains. -+ -+The required changes are minimal, the benefits for the target use -+cases are critical and obvious, and use cases which have to use v1 can -+continue to do so. -+ -+ -+3. Way Forward -+ -+cgroup v2 primarily aims to solve the problem of comprehensive -+hierarchical resource control across all major computing resources, -+which is one of the core problems of modern server infrastructure -+engineering. The trade-offs that cgroup v2 took are results of -+pursuing that goal and gaining a better understanding of the nature of -+resource control in the process. -+ -+I believe that real world usages will prove cgroup v2's model right, -+considering the crucial pieces of comprehensive resource control that -+cannot be implemented without common resource domains. This is not to -+say that cgroup v2 is fixed in stone and can't be updated; if there is -+an approach which better serves both comprehensive resource control -+and the CPU controller's flexibility, we will surely move towards -+that. It goes without saying that discussions around such approach -+should consider practical aspects of resource control as a whole -+rather than absolutely focusing on a particular controller. -+ -+Until such consensus can be reached, the CPU controller cgroup v2 -+support will be maintained out of the mainline kernel in an easily -+accessible form. If there is anything cgroup developers can do to -+ease the pain, please feel free to contact us on the cgroup mailing -+list at cgroups@vger.kernel.org. -+ -+ -+4. References -+ -+[1] http://lkml.kernel.org/r/20160105164834.GE5995@mtj.duckdns.org -+ [PATCH 1/2] sched: Misc preps for cgroup unified hierarchy interface -+ Tejun Heo <tj@kernel.org> -+ -+[2] http://lkml.kernel.org/r/20160105164852.GF5995@mtj.duckdns.org -+ [PATCH 2/2] sched: Implement interface for cgroup unified hierarchy -+ Tejun Heo <tj@kernel.org> -+ -+[3] http://lkml.kernel.org/r/1438641689-14655-4-git-send-email-tj@kernel.org -+ [PATCH 3/3] sched: Implement interface for cgroup unified hierarchy -+ Tejun Heo <tj@kernel.org> -+ -+[4] http://lkml.kernel.org/r/20160407064549.GH3430@twins.programming.kicks-ass.net -+ Re: [PATCHSET RFC cgroup/for-4.6] cgroup, sched: implement resource group and PRIO_RGRP -+ Peter Zijlstra <peterz@infradead.org> -+ -+[5] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/cgroup-v2.txt -+ Control Group v2 -+ Tejun Heo <tj@kernel.org> -+ -+[6] http://lkml.kernel.org/r/CAPM31RJNy3jgG=DYe6GO=wyL4BPPxwUm1f2S6YXacQmo7viFZA@mail.gmail.com -+ Re: [PATCH 3/3] sched: Implement interface for cgroup unified hierarchy -+ Paul Turner <pjt@google.com> -+ -+[7] http://lkml.kernel.org/r/20160105154503.GC5995@mtj.duckdns.org -+ [RFD] cgroup: thread granularity support for cpu controller -+ Tejun Heo <tj@kernel.org> -+ -+[8] http://lkml.kernel.org/r/1457710888-31182-1-git-send-email-tj@kernel.org -+ [PATCHSET RFC cgroup/for-4.6] cgroup, sched: implement resource group and PRIO_RGRP -+ Tejun Heo <tj@kernel.org> -+ -+[9] http://lkml.kernel.org/r/20160311160522.GA24046@htj.duckdns.org -+ Example program for PRIO_RGRP -+ Tejun Heo <tj@kernel.org> -+ -+[10] http://lkml.kernel.org/r/20160407082810.GN3430@twins.programming.kicks-ass.net -+ Re: [PATCHSET RFC cgroup/for-4.6] cgroup, sched: implement resource -+ Peter Zijlstra <peterz@infradead.org> diff --git a/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/README.md b/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/README.md deleted file mode 100644 index b454e14801d..00000000000 --- a/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/README.md +++ /dev/null @@ -1,21 +0,0 @@ -Patches for CPU Controller on Control Group v2 -=============================================== - -See Tejun Heo's [explanation][1] for why these patches are currently -out-of-tree. - -Generating the patches ------------------------ - -In a linux checkout, with remote tc-cgroup pointing to -git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git, your -nixpkgs checkout in the same directory as your linux checkout (or -modify the command accordingly), and setting `ver` to the appropriate -version: - -```shell -$ ver=4.7 -$ git log --reverse --patch v$ver..remotes/tc-cgroup/cgroup-v2-cpu-v$ver > ../nixpkgs/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/$ver.patch -``` - -[1]: https://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git/tree/Documentation/cgroup-v2-cpu.txt?h=cgroup-v2-cpu diff --git a/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/default.nix b/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/default.nix deleted file mode 100644 index 5bef5633aa0..00000000000 --- a/pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -let - ents = builtins.readDir ./.; -in builtins.listToAttrs (builtins.filter (x: x != null) (map (name: let - match = builtins.match "(.*)\\.patch" name; -in if match == null then null else { - name = builtins.head match; - value = { - name = "cpu-cgroup-v2-${name}"; - patch = ./. + "/${name}"; - }; -}) (builtins.attrNames ents))) diff --git a/pkgs/os-specific/linux/kernel/generic.nix b/pkgs/os-specific/linux/kernel/generic.nix index a21890a38ca..df67005dd81 100644 --- a/pkgs/os-specific/linux/kernel/generic.nix +++ b/pkgs/os-specific/linux/kernel/generic.nix @@ -25,6 +25,10 @@ # Additional make flags passed to kbuild , extraMakeFlags ? [] +, # enables the options in ./common-config.nix; if `false` then only + # `structuredExtraConfig` is used + enableCommonConfig ? true + , # kernel intermediate config overrides, as a set structuredExtraConfig ? {} @@ -131,8 +135,6 @@ let platformName = stdenv.hostPlatform.linux-kernel.name; # e.g. "defconfig" kernelBaseConfig = if defconfig != null then defconfig else stdenv.hostPlatform.linux-kernel.baseConfig; - # e.g. "bzImage" - kernelTarget = stdenv.hostPlatform.linux-kernel.target; makeFlags = lib.optionals (stdenv.hostPlatform.linux-kernel ? makeFlags) stdenv.hostPlatform.linux-kernel.makeFlags ++ extraMakeFlags; @@ -183,7 +185,9 @@ let moduleStructuredConfig = (lib.evalModules { modules = [ module + ] ++ lib.optionals enableCommonConfig [ { settings = commonStructuredConfig; _file = "pkgs/os-specific/linux/kernel/common-config.nix"; } + ] ++ [ { settings = structuredExtraConfig; _file = "structuredExtraConfig"; } ] ++ structuredConfigFromPatches diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index c7893abad21..d8f8bb2fa73 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,62 +2,62 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.325-hardened1.patch", - "sha256": "1mc1pyjjksg2f4189wyas55ax8czzhai2i3jc6n7l9jmfwj7xr9q", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.325-hardened1/linux-hardened-4.14.325-hardened1.patch" + "name": "linux-hardened-4.14.328-hardened1.patch", + "sha256": "1qq2l4nwhxgl4drx6isc1ly892kffjq4hqb4zadqs6sxvsdm7x57", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.328-hardened1/linux-hardened-4.14.328-hardened1.patch" }, - "sha256": "117p1mdha57f6d3kdwac9jrbmib7g77q4xhir8ghl6fmrs1f2sav", - "version": "4.14.325" + "sha256": "1igcpvnhwwrczfdsafmszvi0456k7f6j4cgpfw6v6afw09p95d8x", + "version": "4.14.328" }, "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.294-hardened1.patch", - "sha256": "1s70vz8rai1z440rmwzipwpq7wa7p2bvri43zmkbisrfggm1lz2r", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.294-hardened1/linux-hardened-4.19.294-hardened1.patch" + "name": "linux-hardened-4.19.297-hardened1.patch", + "sha256": "1qj09bynl7ml880xpc2956jn0b1gmm77yf3jc45v3jq3610jhna4", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.297-hardened1/linux-hardened-4.19.297-hardened1.patch" }, - "sha256": "03x0xsb8a369zdr81hg6xdl5n5v48k6iwnhj6r29725777lvvbfc", - "version": "4.19.294" + "sha256": "0c9xxqgv2i36hrr06dwz7f3idc04xpv0a5pxg08xdh03cnyf12cx", + "version": "4.19.297" }, "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.195-hardened1.patch", - "sha256": "15liin3i9wh7hwr97pyc8rl79ri7frsprssl50si9z810zvc9chb", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.195-hardened1/linux-hardened-5.10.195-hardened1.patch" + "name": "linux-hardened-5.10.199-hardened1.patch", + "sha256": "10vwd5wygfnxpbz15bq56pjygba3vqqal0d7xry2bch4p444pp5f", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.199-hardened1/linux-hardened-5.10.199-hardened1.patch" }, - "sha256": "0n4vg2i9sq89wnz85arlyvwysh9s83cgzs5bk2wh98bivi5fwfs1", - "version": "5.10.195" + "sha256": "1h944syk7n6c4j1djlx19n77alzwbxcdza77c9ykicgfynhpgsm0", + "version": "5.10.199" }, "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.132-hardened1.patch", - "sha256": "06wkcbhkdm8vnk1cqwngy9gdknqm4pb4za9lbh2q5j1f2nkcn7pq", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.132-hardened1/linux-hardened-5.15.132-hardened1.patch" + "name": "linux-hardened-5.15.137-hardened1.patch", + "sha256": "19gs1w380qgvazwjwhxypizpfx71faa7hsji0x5cgyw6vxhi6l1b", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.137-hardened1/linux-hardened-5.15.137-hardened1.patch" }, - "sha256": "1b0qjsaqjw2rk86shmmrj2aasblkn27acjmc761vnjg7sv2baxs1", - "version": "5.15.132" + "sha256": "1xxjbxldrhmnh2q6rykpxyfbj8xqgl82q30n8sfavrzr14bb4jcp", + "version": "5.15.137" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.256-hardened1.patch", - "sha256": "1rsp30g5xry5y95mz0i6walkcxj6abyrsaq3fwhz0ka6nq6g7w82", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.256-hardened1/linux-hardened-5.4.256-hardened1.patch" + "name": "linux-hardened-5.4.259-hardened1.patch", + "sha256": "1w8ipflgisd127gmx6wyz8p5qfi8cfd2a5j2xgibspkf45nzfwi8", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.259-hardened1/linux-hardened-5.4.259-hardened1.patch" }, - "sha256": "0fim5q9xakwnjfg48bpsic9r2r8dvrjlalqqkm9vh1rml9mhi967", - "version": "5.4.256" + "sha256": "195v4fidavzm637glj6580006mrcaygnbj4za874imb62bxf9rpz", + "version": "5.4.259" }, "6.1": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.1.54-hardened1.patch", - "sha256": "0c8dmgciwc02pzhnx2mj5xlhds7mmicm8r6668di2zfw772rjgr4", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.54-hardened1/linux-hardened-6.1.54-hardened1.patch" + "name": "linux-hardened-6.1.61-hardened1.patch", + "sha256": "0d9zhh32dx1q828q50kmznmsa6yinppbklhgg8ix7b7k23857ha6", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.61-hardened1/linux-hardened-6.1.61-hardened1.patch" }, - "sha256": "09sfrq2l8f777mx2n9mhb6bgz1064bl04921byqnmk87si31w653", - "version": "6.1.54" + "sha256": "1kk4d7ph6pvgdrdmaklg15wf58nw9n7yqgkag7jdvqinzh99sb5d", + "version": "6.1.61" }, "6.4": { "patch": { @@ -72,11 +72,11 @@ "6.5": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.5.4-hardened1.patch", - "sha256": "0r411dgp17am2bnfpk8lbzmymp6w9d5raz7hni0mw0kpcq6z996n", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.4-hardened1/linux-hardened-6.5.4-hardened1.patch" + "name": "linux-hardened-6.5.10-hardened1.patch", + "sha256": "0p2lj7ryiizr1sxvm2kgds3l8sg9fns35y2fcyqq61lg7ymzj1fi", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.10-hardened1/linux-hardened-6.5.10-hardened1.patch" }, - "sha256": "0s8nzd8yaq06bq8byk7aakbk95gh0rhlif26h1biw94v48anrxxx", - "version": "6.5.4" + "sha256": "12sswml8jvabv6bqx35lg3jj6gq8jjk365rghjngdy5d0j34jpx1", + "version": "6.5.10" } } diff --git a/pkgs/os-specific/linux/kernel/hardened/update.py b/pkgs/os-specific/linux/kernel/hardened/update.py index 5d6a2eba966..ce54c298075 100755 --- a/pkgs/os-specific/linux/kernel/hardened/update.py +++ b/pkgs/os-specific/linux/kernel/hardened/update.py @@ -193,21 +193,14 @@ with open(HARDENED_PATCHES_PATH) as patches_file: # Get the set of currently packaged kernel versions. kernel_versions = {} -for filename in os.listdir(NIXPKGS_KERNEL_PATH): - filename_match = re.fullmatch(r"linux-(\d+)\.(\d+)\.nix", filename) - if filename_match: - nix_version_expr = f""" - with import {NIXPKGS_PATH} {{}}; - (callPackage {NIXPKGS_KERNEL_PATH / filename} {{}}).version - """ - kernel_version_json = run( - "nix-instantiate", "--eval", "--system", "x86_64-linux", "--json", "--expr", nix_version_expr, - ).stdout - kernel_version = parse_version(json.loads(kernel_version_json)) - if kernel_version < MIN_KERNEL_VERSION: - continue - kernel_key = major_kernel_version_key(kernel_version) - kernel_versions[kernel_key] = kernel_version +with open(NIXPKGS_KERNEL_PATH / "kernels-org.json") as kernel_versions_json: + kernel_versions = json.load(kernel_versions_json) + for kernel_branch_str in kernel_versions: + if kernel_branch_str == "testing": continue + kernel_branch = [int(i) for i in kernel_branch_str.split(".")] + if kernel_branch < MIN_KERNEL_VERSION: continue + kernel_version = [int(i) for i in kernel_versions[kernel_branch_str]["version"].split(".")] + kernel_versions[kernel_branch_str] = kernel_version # Remove patches for unpackaged kernel versions. for kernel_key in sorted(patches.keys() - kernel_versions.keys()): diff --git a/pkgs/os-specific/linux/kernel/kernels-org.json b/pkgs/os-specific/linux/kernel/kernels-org.json index ea31ad62891..94ab60aa67b 100644 --- a/pkgs/os-specific/linux/kernel/kernels-org.json +++ b/pkgs/os-specific/linux/kernel/kernels-org.json @@ -1,38 +1,38 @@ { "testing": { - "version": "6.6-rc3", - "hash": "sha256:1i0fii5lq8ij1y1pfypw08j4f7kv1nvj264x77mfcj1cjm1jx1zx" + "version": "6.7-rc1", + "hash": "sha256:1a071vvmm08sp48d0arqzcmqnz5xdb1vflfhxcqwmpzaabjrgadk" }, "6.5": { - "version": "6.5.5", - "hash": "sha256:15gg8sb6cfgk1afwj7fl7mj4nkj14w43vzwvw0qsg3nzyxwh7wcc" - }, - "6.4": { - "version": "6.4.16", - "hash": "sha256:0zgj1z97jyx7wf12zrnlcp0mj4cl43ais9qsy6dh1jwylf2fq9ln" + "version": "6.5.11", + "hash": "sha256:06dmb4hbwrms0lp4axphwgj8wbnzsym70sx55lxr501b53wlmqif" }, "6.1": { - "version": "6.1.55", - "hash": "sha256:1h0mzx52q9pvdv7rhnvb8g68i7bnlc9rf8gy9qn4alsxq4g28zm8" + "version": "6.1.62", + "hash": "sha256:1v453q4sf0j8708ivs1zmdf645hgimqvxfc8xz7czgnnmipn3zdr" }, "5.15": { - "version": "5.15.133", - "hash": "sha256:1paxzzcagc7s8i491zjny43rxhfamafyly438kj8hyw96iwmx17g" + "version": "5.15.138", + "hash": "sha256:1ajaxy97gx0c9cdxiyxa49ykfsykir22i9abfrcizh71ci0yb15g" }, "5.10": { - "version": "5.10.197", - "hash": "sha256:1awkm7lln5gf6kld9z5h4mg39bd778jsdswwlwb7iv7bn03lafhq" + "version": "5.10.200", + "hash": "sha256:012i41bj8rcqn0vhfxrwq3gg82nb6pp2cwq8n146wj47pwgrcbcx" }, "5.4": { - "version": "5.4.257", - "hash": "sha256:1w1x91slzg9ggakqhyxnmvz77v2cwfk8bz0knrpgz9qya9q5jxrf" + "version": "5.4.260", + "hash": "sha256:1zpbaipd2j3idj8h9iznlj0ywcq5nkhwj707a1f9ixf82h3q4c4q" }, "4.19": { - "version": "4.19.295", - "hash": "sha256:1b1qslpk1kka7nxam48s22xsqd9qmp716hmibgfsjxl5y3jc4cmp" + "version": "4.19.298", + "hash": "sha256:0mhgq6hdcls1af7nj999x1mds5b37s7vwin8nsb4q0lnx2y1da4x" }, "4.14": { - "version": "4.14.326", - "hash": "sha256:0y0lvzidw775mgx211wnc1c6223iqv8amz5y9jkz9h7l3l7y8p2m" + "version": "4.14.329", + "hash": "sha256:1dvb4xf0b7snabznl7bg7gga7ffdmywy8vr8q65pzl9yf6fnhdny" + }, + "6.6": { + "version": "6.6.1", + "hash": "sha256:0d42b1hbvv9w3y3q4wydr6il0g5a823n54a06p4p5vcpgkadf7ns" } } diff --git a/pkgs/os-specific/linux/kernel/linux-hardkernel-4.14.nix b/pkgs/os-specific/linux/kernel/linux-hardkernel-4.14.nix deleted file mode 100644 index 69bbdf648d2..00000000000 --- a/pkgs/os-specific/linux/kernel/linux-hardkernel-4.14.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ buildPackages, fetchFromGitHub, fetchurl, perl, buildLinux, libelf, util-linux, kernelPatches ? [], ... } @ args: - -buildLinux (args // rec { - version = "4.14.180-176"; - - # modDirVersion needs to be x.y.z. - modDirVersion = "4.14.180"; - - # branchVersion needs to be x.y. - extraMeta.branch = "4.14"; - - src = fetchFromGitHub { - owner = "hardkernel"; - repo = "linux"; - rev = version; - sha256 = "0n7i7a2bkrm9p1wfr20h54cqm32fbjvwyn703r6zm1f6ivqhk43v"; - }; - - kernelPatches = args.kernelPatches ++ [{ - name = "usbip-tools-fno-common"; - patch = fetchurl { - url = "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=d5efc2e6b98fe661dbd8dd0d5d5bfb961728e57a"; - hash = "sha256-1CXYCV5zMLA4YdbCr8cO2N4CHEDzQChS9qbKYHPm3U4="; - }; - }]; - - defconfig = "odroidxu4_defconfig"; - - # This extraConfig is (only) required because the gator module fails to build as-is. - extraConfig = '' - - GATOR n - - # This attempted fix applies correctly but does not fix the build. - #GATOR_MALI_MIDGARD_PATH ${src}/drivers/gpu/arm/midgard - - '' + (args.extraConfig or ""); - - extraMeta.platforms = [ "armv7l-linux" ]; - -} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix index ef020b7eb56..9cf5f46cfb8 100644 --- a/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "19408"; - sha256 = "1bfpzdfd7k859ids5d5ixzn36c7f62gh2lw6gv4szwakw032gh9i"; + rev = "19441"; + sha256 = "1z0x8cw9nr7qf5qh3xjf6rg20q0i79bg71lik847sabyb6vcrk0z"; } , ... }: diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index eb2031b129d..65ca352b53b 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.180-rt89"; # updated by ./update-rt.sh + version = "5.10.199-rt97"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -17,14 +17,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0a8cicvcyl5w4vi7gxhgd59ny44gj9cbv4z5pnwn9jgny55rm0ys"; + sha256 = "1h944syk7n6c4j1djlx19n77alzwbxcdza77c9ykicgfynhpgsm0"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "00m6psnjam26x70f8wpssvjp6v49dyllp356fpfbhjqmj7y142bm"; + sha256 = "13k7md0a63q4r5vqqvbszmg3kzp5np0hdaj1siyl4yvs9j78d03s"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix index 6d3955f2012..bc45a86905c 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.15.129-rt67"; # updated by ./update-rt.sh + version = "5.15.137-rt71"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0ribh1jalbnapfrjzjk5kqg6nypalkn5ayin5cwkwiziwiycj3km"; + sha256 = "1xxjbxldrhmnh2q6rykpxyfbj8xqgl82q30n8sfavrzr14bb4jcp"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1qh2v8i2sa334mkfwx9k8jjvqpp21bj2wmvvdib8wfxbnjnj3vzy"; + sha256 = "11zk02ni3b0l1wwrfvyc1q92bd9as61hwgbwlj42xv5gbpd39jlw"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix index cd1249605ec..22e07bfd0f5 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.4.254-rt85"; # updated by ./update-rt.sh + version = "5.4.257-rt87"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -14,14 +14,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1iyrm2xql15ifhy2b939ywrrc44yd41b79sjjim4vqxmc6lqsq2i"; + sha256 = "1w1x91slzg9ggakqhyxnmvz77v2cwfk8bz0knrpgz9qya9q5jxrf"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0vq5lrqqy7yspznbbkla2cjakz7w1n8qvg31a856qs6abynwrw6x"; + sha256 = "0rgkk5ibagsyz9in12clzn7szsw1i3m96s8wy5yxwa26aaa2wki7"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix b/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix index f45926020b5..85c8a8b8a10 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "6.1.54-rt15"; # updated by ./update-rt.sh + version = "6.1.59-rt16"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${kversion}.tar.xz"; - sha256 = "09sfrq2l8f777mx2n9mhb6bgz1064bl04921byqnmk87si31w653"; + sha256 = "1860r1aan258yi2jq68bp1kdbcyy7ygc7d8g54wnc0vmqqj7fzv2"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0ihdid1ihg26kjini66j87vh4220gl8xm9dai7zignha2zh238kh"; + sha256 = "1cmgw6a8zlj89172mp85lxaksz1pvc155mj2fq59l1ry35gwb5q7"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index 0763ffda26b..c58c4e67e4d 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -6,27 +6,32 @@ # bcachefs-tools stores the expected-revision in: # https://evilpiepirate.org/git/bcachefs-tools.git/tree/.bcachefs_revision # but this does not means that it'll be the latest-compatible revision -, currentCommit ? "84f132d5696138bb038d2dc8f1162d2fab5ac832" -, diffHash ? "sha256-RaBWBU7rXjJFb1euFAFBHWCBQAG7npaCodjp/vMYpyw=" +, currentCommit ? "4d2faeb4fb58c389dc9f76b8d5ae991ef4497e04" +, diffHash ? "sha256-DtMc8P4lTRzvS6PVvD7WtWEPsfnxIXSpqMsKKWs+edI=" , kernelPatches # must always be defined in bcachefs' all-packages.nix entry because it's also a top-level attribute supplied by callPackage , argsOverride ? {} , ... } @ args: - # NOTE: bcachefs-tools should be updated simultaneously to preserve compatibility (kernel.override ( args // { - version = "${kernel.version}-bcachefs-unstable-${commitDate}"; - extraMeta = { - branch = "master"; - broken = stdenv.isAarch64; - maintainers = with lib.maintainers; [ davidak Madouura pedrohlc raitobezarius ]; - }; + argsOverride = { + version = "${kernel.version}-bcachefs-unstable-${commitDate}"; + modDirVersion = kernel.modDirVersion; + + extraMeta = { + homepage = "https://bcachefs.org/"; + branch = "master"; + maintainers = with lib.maintainers; [ davidak Madouura pedrohlc raitobezarius YellowOnion ]; + }; + } // argsOverride; structuredExtraConfig = with lib.kernel; { BCACHEFS_FS = module; BCACHEFS_QUOTA = option yes; BCACHEFS_POSIX_ACL = option yes; + # useful for bug reports + FTRACE = option yes; }; kernelPatches = [ { diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 7c3084d7ebd..2ba31fbc978 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -1,5 +1,5 @@ { lib, stdenv, buildPackages, runCommand, nettools, bc, bison, flex, perl, rsync, gmp, libmpc, mpfr, openssl -, libelf, cpio, elfutils, zstd, python3Minimal, zlib, pahole, kmod +, libelf, cpio, elfutils, zstd, python3Minimal, zlib, pahole, kmod, ubootTools , fetchpatch }: @@ -117,11 +117,8 @@ let }); postPatch = '' - sed -i Makefile -e 's|= depmod|= ${buildPackages.kmod}/bin/depmod|' - - # fixup for pre-5.4 kernels using the $(cd $foo && /bin/pwd) pattern - # FIXME: remove when no longer needed - substituteInPlace Makefile tools/scripts/Makefile.include --replace /bin/pwd pwd + # Ensure that depmod gets resolved through PATH + sed -i Makefile -e 's|= /sbin/depmod|= depmod|' # Don't include a (random) NT_GNU_BUILD_ID, to make the build more deterministic. # This way kernels can be bit-by-bit reproducible depending on settings @@ -332,9 +329,6 @@ let # Delete empty directories find -empty -type d -delete - - # Remove reference to kmod - sed -i Makefile -e 's|= ${buildPackages.kmod}/bin/depmod|= depmod|' ''; requiredSystemFeatures = [ "big-parallel" ]; @@ -370,13 +364,11 @@ stdenv.mkDerivation ((drvAttrs config stdenv.hostPlatform.linux-kernel kernelPat enableParallelBuilding = true; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr zstd python3Minimal ] - ++ optional (stdenv.hostPlatform.linux-kernel.target == "uImage") buildPackages.ubootTools + nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr zstd python3Minimal kmod ubootTools ] ++ optional (lib.versionOlder version "5.8") libelf ++ optionals (lib.versionAtLeast version "4.16") [ bison flex ] ++ optionals (lib.versionAtLeast version "5.2") [ cpio pahole zlib ] ++ optional (lib.versionAtLeast version "5.8") elfutils - ++ optional (lib.versionAtLeast version "6.6") kmod ; hardeningDisable = [ "bindnow" "format" "fortify" "stackprotector" "pic" "pie" ]; diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index ab3b4e56066..5d4ebc214dc 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -44,8 +44,6 @@ patch = ./modinst-arg-list-too-long.patch; }; - cpu-cgroup-v2 = import ./cpu-cgroup-v2-patches; - hardened = let mkPatch = kernelVersion: { version, sha256, patch }: let src = patch; in { name = lib.removeSuffix ".patch" src.name; diff --git a/pkgs/os-specific/linux/kernel/update-mainline.py b/pkgs/os-specific/linux/kernel/update-mainline.py index df8257fa0ef..30b9ebec984 100755 --- a/pkgs/os-specific/linux/kernel/update-mainline.py +++ b/pkgs/os-specific/linux/kernel/update-mainline.py @@ -89,8 +89,8 @@ def main(): soup = BeautifulSoup(kernel_org.read().decode(), "lxml") release_table = soup.find(id="releases") if not release_table or isinstance(release_table, NavigableString): - print(release_table) - print("Failed to find the release table on https://kernel.org") + print(release_table, file=sys.stderr) + print("Failed to find the release table on https://kernel.org", file=sys.stderr) sys.exit(1) releases = release_table.find_all("tr") @@ -111,7 +111,7 @@ def main(): else: message = f"linux_{nixpkgs_branch}: {old_version} -> {kernel.version}" - print(message) + print(message, file=sys.stderr) all_kernels[branch] = { "version": kernel.version, diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix index c3fd01670a2..4f967734d5e 100644 --- a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -2,15 +2,18 @@ let # These names are how they are designated in https://xanmod.org. + + # NOTE: When updating these, please also take a look at the changes done to + # kernel config in the xanmod version commit ltsVariant = { - version = "6.1.53"; - hash = "sha256-+70dp+zVOvfKJv9hEy3FpEs2ldrxHiWbokaUnXrNj5o="; + version = "6.1.62"; + hash = "sha256-fo5OQ/MZ+QVdCmLzX0OgFUBedfqrkqp+Ev081RVdtWw="; variant = "lts"; }; mainVariant = { - version = "6.5.3"; - hash = "sha256-2giaFyN3kWzQ9cl1mTM9ecSlwoQS+dm3/LvbTAHjZ/A="; + version = "6.5.11"; + hash = "sha256-1bb5LG6JvqX5eNSe2Xyu86HxaqkUVkKUf1H3T7bFkGE="; variant = "main"; }; @@ -26,33 +29,22 @@ let }; structuredExtraConfig = with lib.kernel; { - # AMD P-state driver - X86_AMD_PSTATE = lib.mkOverride 60 yes; - # Google's BBRv3 TCP congestion Control TCP_CONG_BBR = yes; DEFAULT_BBR = yes; - # FQ-PIE Packet Scheduling - NET_SCH_DEFAULT = yes; - DEFAULT_FQ_PIE = yes; - - # Futex WAIT_MULTIPLE implementation for Wine / Proton Fsync. - FUTEX = yes; - FUTEX_PI = yes; - # WineSync driver for fast kernel-backed Wine WINESYNC = module; - # Preemptive Full Tickless Kernel at 500Hz - HZ = freeform "500"; - HZ_500 = yes; + # Preemptive Full Tickless Kernel at 250Hz + HZ = freeform "250"; + HZ_250 = yes; HZ_1000 = no; }; extraMeta = { branch = lib.versions.majorMinor version; - maintainers = with lib.maintainers; [ fortuneteller2k lovesegfault atemu shawn8901 ]; + maintainers = with lib.maintainers; [ moni lovesegfault atemu shawn8901 zzzsy ]; description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; broken = stdenv.isAarch64; }; diff --git a/pkgs/os-specific/linux/kernel/zen-kernels.nix b/pkgs/os-specific/linux/kernel/zen-kernels.nix index 13c8ca22c4e..456a6c7c27d 100644 --- a/pkgs/os-specific/linux/kernel/zen-kernels.nix +++ b/pkgs/os-specific/linux/kernel/zen-kernels.nix @@ -4,16 +4,16 @@ let # comments with variant added for update script # ./update-zen.py zen zenVariant = { - version = "6.5.5"; #zen + version = "6.6.1"; #zen suffix = "zen1"; #zen - sha256 = "069hxkww14dpz7k5hd93qnv6clc0dkpd3ncf1wzr5k84a0i9syj8"; #zen + sha256 = "13m820wggf6pkp351w06mdn2lfcwbn08ydwksyxilqb88vmr0lpq"; #zen isLqx = false; }; # ./update-zen.py lqx lqxVariant = { - version = "6.5.5"; #lqx - suffix = "lqx1"; #lqx - sha256 = "1sr23yjwl7sh58s5f9yy9ld163c5lm0qbn0gqg8bnkshx08r39h8"; #lqx + version = "6.5.11"; #lqx + suffix = "lqx2"; #lqx + sha256 = "0rak2ald95bwb5qlp8pf2g93a0gkv8rypiv5s8dpds3cilwmxrg9"; #lqx isLqx = true; }; zenKernelsFor = { version, suffix, sha256, isLqx }: buildLinux (args // { @@ -102,7 +102,7 @@ let extraMeta = { branch = lib.versions.majorMinor version + "/master"; - maintainers = with lib.maintainers; [ thiagokokada ]; + maintainers = with lib.maintainers; [ thiagokokada jerrysm64 ]; description = "Built using the best configuration and kernel sources for desktop, multimedia, and gaming workloads." + lib.optionalString isLqx " (Same as linux_zen, but less aggressive release schedule and additional extra config)"; broken = stdenv.isAarch64; diff --git a/pkgs/os-specific/linux/klibc/default.nix b/pkgs/os-specific/linux/klibc/default.nix index 36128a081a2..3a044cf9d84 100644 --- a/pkgs/os-specific/linux/klibc/default.nix +++ b/pkgs/os-specific/linux/klibc/default.nix @@ -9,11 +9,11 @@ in stdenv.mkDerivation rec { pname = "klibc"; - version = "2.0.12"; + version = "2.0.13"; src = fetchurl { url = "mirror://kernel/linux/libs/klibc/2.0/klibc-${version}.tar.xz"; - hash = "sha256-cfgWoNOr46uotGMZrlyhR+eno4QBs/XiYgJfTcCMR10="; + hash = "sha256-1nOilPdC1ZNoIi/1w4Ri2BCYxVBjeZ3m+4p7o9SvBDY="; }; patches = [ ./no-reinstall-kernel-headers.patch ]; diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index 0843ca3556a..3f971e7a6ed 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -12,7 +12,7 @@ let in stdenv.mkDerivation rec { pname = "kmod"; - version = "30"; + version = "31"; # autogen.sh is missing from the release tarball, # and we need to run it to regenerate gtk_doc.make, @@ -21,7 +21,7 @@ in stdenv.mkDerivation rec { # https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/commit/.gitignore?id=61a93a043aa52ad62a11ba940d4ba93cb3254e78 src = fetchzip { url = "https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/snapshot/kmod-${version}.tar.gz"; - sha256 = "sha256-/dih2LoqgRrAsVdHRwld28T8pXgqnzapnQhqkXnxbbc="; + hash = "sha256-FNR015/AoYBbi7Eb1M2TXH3yxUuddKICCu+ot10CdeQ="; }; outputs = [ "out" "dev" "lib" ] ++ lib.optional withDevdoc "devdoc"; diff --git a/pkgs/os-specific/linux/kmscon/default.nix b/pkgs/os-specific/linux/kmscon/default.nix index 0d146613542..4762b63eda9 100644 --- a/pkgs/os-specific/linux/kmscon/default.nix +++ b/pkgs/os-specific/linux/kmscon/default.nix @@ -72,7 +72,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "KMS/DRM based System Console"; - homepage = "http://www.freedesktop.org/wiki/Software/kmscon/"; + homepage = "https://www.freedesktop.org/wiki/Software/kmscon/"; license = licenses.mit; maintainers = with maintainers; [ omasanori ]; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/ksmbd-tools/0001-skip-installing-example-configuration.patch b/pkgs/os-specific/linux/ksmbd-tools/0001-skip-installing-example-configuration.patch new file mode 100644 index 00000000000..2b4b35774d1 --- /dev/null +++ b/pkgs/os-specific/linux/ksmbd-tools/0001-skip-installing-example-configuration.patch @@ -0,0 +1,38 @@ +From 592de67191a3969fcccef6293740c7142793d461 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Wed, 1 Nov 2023 21:54:05 +0100 +Subject: [PATCH] skip installing example configuration +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This requires root if prefix dir is pointed to /etc, +which we cannot do in nix builds. + +Signed-off-by: Jörg Thalheim <joerg@thalheim.io> +--- + meson.build | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/meson.build b/meson.build +index 5f5935f..8373013 100644 +--- a/meson.build ++++ b/meson.build +@@ -114,10 +114,10 @@ else + runstatedir = rundir + endif + +-install_data( +- sources: 'ksmbd.conf.example', +- install_dir: get_option('sysconfdir') / 'ksmbd', +-) ++#install_data( ++# sources: 'ksmbd.conf.example', ++# install_dir: get_option('sysconfdir') / 'ksmbd', ++#) + + systemdsystemunitdir = get_option('systemdsystemunitdir') + if systemdsystemunitdir == '' +-- +2.42.0 + diff --git a/pkgs/os-specific/linux/ksmbd-tools/default.nix b/pkgs/os-specific/linux/ksmbd-tools/default.nix index 6813e773a95..4098f6c2225 100644 --- a/pkgs/os-specific/linux/ksmbd-tools/default.nix +++ b/pkgs/os-specific/linux/ksmbd-tools/default.nix @@ -1,8 +1,8 @@ { lib , stdenv , fetchFromGitHub -, autoconf -, automake +, meson +, ninja , glib , libkrb5 , libnl @@ -13,22 +13,23 @@ stdenv.mkDerivation rec { pname = "ksmbd-tools"; - version = "3.4.9"; + version = "3.5.0"; src = fetchFromGitHub { owner = "cifsd-team"; repo = pname; rev = version; - sha256 = "sha256-GZccOlp9zZMqtv3+u8JnKFfIe8sjwbZBLkDk8lt3CGk="; + sha256 = "sha256-8mjfKCazigHnuN7Egf11ZuD+nQx7ZTesn0a4LsVvV/M="; }; buildInputs = [ glib libnl ] ++ lib.optional withKerberos libkrb5; - nativeBuildInputs = [ autoconf automake libtool pkg-config ]; - - preConfigure = "./autogen.sh"; - - configureFlags = lib.optional withKerberos "--enable-krb5"; + nativeBuildInputs = [ meson ninja libtool pkg-config ]; + patches = [ ./0001-skip-installing-example-configuration.patch ]; + mesonFlags = [ + "-Drundir=/run" + "--sysconfdir /etc" + ]; meta = with lib; { description = "Userspace utilities for the ksmbd kernel SMB server"; diff --git a/pkgs/os-specific/linux/lenovo-legion/app.nix b/pkgs/os-specific/linux/lenovo-legion/app.nix index fe5535eea8d..a409ad2fbf4 100644 --- a/pkgs/os-specific/linux/lenovo-legion/app.nix +++ b/pkgs/os-specific/linux/lenovo-legion/app.nix @@ -2,13 +2,13 @@ python3.pkgs.buildPythonApplication rec { pname = "lenovo-legion-app"; - version = "0.0.5"; + version = "0.0.9"; src = fetchFromGitHub { owner = "johnfanv2"; repo = "LenovoLegionLinux"; - rev = "v${version}-prerelease"; - sha256 = "sha256-s4JFFmawokdC4qoqNvZDhuJSinhQ3YKSIfAYi79VTTA="; + rev = "v${version}-prerelese"; + hash = "sha256-P4vqzNX2nF4LnoQDOV8WEiXAICQCyjj9xPpFNvMu93k="; }; sourceRoot = "${src.name}/python/legion_linux"; @@ -19,15 +19,22 @@ python3.pkgs.buildPythonApplication rec { pyqt5 argcomplete pyyaml + darkdetect xorg.libxcb libsForQt5.qtbase ]; - postInstall = '' - cp -r ./{legion.py,legion_cli.py,legion_gui.py} $out/${python3.sitePackages} - cp ./legion_logo.png $out/${python3.sitePackages}/legion_logo.png + postPatch = '' + substituteInPlace ./setup.cfg \ + --replace "_VERSION" "${version}" + substituteInPlace ../../extra/service/fancurve-set \ + --replace "FOLDER=/etc/legion_linux/" "FOLDER=$out/share/legion_linux" + substituteInPlace ./legion_linux/legion.py \ + --replace "/etc/legion_linux" "$out/share/legion_linux" + ''; - rm -rf $out/data + postInstall = '' + cp ./legion_linux/legion_logo.png $out/${python3.sitePackages}/legion_logo.png ''; dontWrapQtApps = true; diff --git a/pkgs/os-specific/linux/libnl/default.nix b/pkgs/os-specific/linux/libnl/default.nix index c9eea70db99..5248c263b3b 100644 --- a/pkgs/os-specific/linux/libnl/default.nix +++ b/pkgs/os-specific/linux/libnl/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { postBuild = lib.optionalString (pythonSupport) '' cd python - ${python.pythonForBuild.interpreter} setup.py install --prefix=../pythonlib + ${python.pythonOnBuildForHost.interpreter} setup.py install --prefix=../pythonlib cd - ''; diff --git a/pkgs/os-specific/linux/libnvme/default.nix b/pkgs/os-specific/linux/libnvme/default.nix index fa7af44298a..129bb49e81e 100644 --- a/pkgs/os-specific/linux/libnvme/default.nix +++ b/pkgs/os-specific/linux/libnvme/default.nix @@ -11,27 +11,34 @@ , stdenv , swig , systemd +, fetchpatch # ImportError: cannot import name 'mlog' from 'mesonbuild' , withDocs ? stdenv.hostPlatform.canExecute stdenv.buildPlatform }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "libnvme"; - version = "1.4"; + version = "1.6"; outputs = [ "out" ] ++ lib.optionals withDocs [ "man" ]; src = fetchFromGitHub { owner = "linux-nvme"; repo = "libnvme"; - rev = "v${version}"; - sha256 = "sha256-8DlEQ4LH6UhIHr0znJGqkuCosLHqA6hkJjmiCawNE1k="; + rev = "v${finalAttrs.version}"; + hash = "sha256-7bvjsmt16/6RycSDKIECtJ4ES7NTaspU6IMpUw0sViA="; }; + patches = [ + # included in next release + (fetchpatch { + url = "https://github.com/linux-nvme/libnvme/commit/ff742e792725c316ba6de0800188bf36751bd1d1.patch"; + hash = "sha256-IUjPUBmGQC4oAKFFlBrjonqD2YdyNPC9siK4t/t2slE="; + }) + ]; + postPatch = '' - patchShebangs meson-vcs-tag.sh - chmod +x doc/kernel-doc-check - patchShebangs doc/kernel-doc doc/kernel-doc-check doc/list-man-pages.sh + patchShebangs scripts ''; nativeBuildInputs = [ @@ -39,7 +46,7 @@ stdenv.mkDerivation rec { ninja perl # for kernel-doc pkg-config - python3.pythonForBuild + python3.pythonOnBuildForHost swig ]; @@ -53,6 +60,7 @@ stdenv.mkDerivation rec { mesonFlags = [ "-Ddocs=man" + (lib.mesonBool "tests" finalAttrs.doCheck) (lib.mesonBool "docs-build" withDocs) ]; @@ -60,13 +68,14 @@ stdenv.mkDerivation rec { export KBUILD_BUILD_TIMESTAMP="$(date -u -d @$SOURCE_DATE_EPOCH)" ''; - doCheck = true; + # mocked ioctl conflicts with the musl one: https://github.com/NixOS/nixpkgs/pull/263768#issuecomment-1782877974 + doCheck = !stdenv.hostPlatform.isMusl; meta = with lib; { description = "C Library for NVM Express on Linux"; homepage = "https://github.com/linux-nvme/libnvme"; - maintainers = [ maintainers.fogti ]; + maintainers = with maintainers; [ fogti vifino ]; license = with licenses; [ lgpl21Plus ]; platforms = platforms.linux; }; -} +}) diff --git a/pkgs/os-specific/linux/libpsm2/default.nix b/pkgs/os-specific/linux/libpsm2/default.nix index 683448cbe41..0dab09de4c1 100644 --- a/pkgs/os-specific/linux/libpsm2/default.nix +++ b/pkgs/os-specific/linux/libpsm2/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "libpsm2"; - version = "11.2.230"; + version = "12.0.1"; preConfigure= '' export UDEVDIR=$out/etc/udev @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { owner = "intel"; repo = "opa-psm2"; rev = "PSM2_${version}"; - sha256 = "sha256-dMfGq067TqstGAWNSZZaZCwvChTyPUsvaPVjFGGzp64="; + sha256 = "sha256-MzocxY+X2a5rJvTo+gFU0U10YzzazR1IxzgEporJyhI="; }; postInstall = '' diff --git a/pkgs/os-specific/linux/libselinux/default.nix b/pkgs/os-specific/linux/libselinux/default.nix index ec6d3f5aa4b..695012effc5 100644 --- a/pkgs/os-specific/linux/libselinux/default.nix +++ b/pkgs/os-specific/linux/libselinux/default.nix @@ -64,7 +64,7 @@ stdenv.mkDerivation rec { ] ++ optionals stdenv.hostPlatform.isStatic [ "DISABLE_SHARED=y" ] ++ optionals enablePython [ - "PYTHON=${python3.pythonForBuild.interpreter}" + "PYTHON=${python3.pythonOnBuildForHost.interpreter}" "PYTHONLIBDIR=$(py)/${python3.sitePackages}" ]; diff --git a/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix b/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix index 471882ae1b4..01607be58fc 100644 --- a/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix +++ b/pkgs/os-specific/linux/linux-wifi-hotspot/default.nix @@ -26,13 +26,13 @@ stdenv.mkDerivation rec { pname = "linux-wifi-hotspot"; - version = "4.5.0"; + version = "4.6.0"; src = fetchFromGitHub { owner = "lakinduakash"; repo = pname; rev = "v${version}"; - sha256 = "sha256-cCVJPEAZZzOGCf45oo1J7wWtYn/IJfcASHnKR+R0Ge4="; + sha256 = "sha256-u9OdSpdxnjHOrK6PP/SFvGRtezssoZSoJFGVdRbOIPU="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/lxcfs/default.nix b/pkgs/os-specific/linux/lxcfs/default.nix index 70d84d6311c..96477c5f442 100644 --- a/pkgs/os-specific/linux/lxcfs/default.nix +++ b/pkgs/os-specific/linux/lxcfs/default.nix @@ -50,6 +50,6 @@ stdenv.mkDerivation rec { changelog = "https://linuxcontainers.org/lxcfs/news/"; license = licenses.asl20; platforms = platforms.linux; - maintainers = with maintainers; [ mic92 ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/os-specific/linux/mbpfan/default.nix b/pkgs/os-specific/linux/mbpfan/default.nix index 9a56249de39..50fc74d7fa0 100644 --- a/pkgs/os-specific/linux/mbpfan/default.nix +++ b/pkgs/os-specific/linux/mbpfan/default.nix @@ -19,6 +19,6 @@ stdenv.mkDerivation rec { homepage = "https://github.com/dgraziotin/mbpfan"; license = licenses.gpl3; platforms = platforms.linux; - maintainers = with maintainers; [ cstrahan ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/os-specific/linux/microcode/intel.nix b/pkgs/os-specific/linux/microcode/intel.nix index b58d471680b..de51beb2cc1 100644 --- a/pkgs/os-specific/linux/microcode/intel.nix +++ b/pkgs/os-specific/linux/microcode/intel.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "microcode-intel"; - version = "20230808"; + version = "20231114"; src = fetchFromGitHub { owner = "intel"; repo = "Intel-Linux-Processor-Microcode-Data-Files"; rev = "microcode-${version}"; - hash = "sha256-xyb4FUV7vG2YSuN4H6eBaf8c4At70NZiUuepbgg2HNg="; + hash = "sha256-cZ7APDjwjarPCzk1HWxqIXdGwNOl6HG0KSCtffmEhx0="; }; nativeBuildInputs = [ iucode-tool libarchive ]; @@ -25,7 +25,8 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - homepage = "http://www.intel.com/"; + homepage = "https://www.intel.com/"; + changelog = "https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/${src.rev}"; description = "Microcode for Intel processors"; license = licenses.unfreeRedistributableFirmware; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/minimal-bootstrap/bash/2.nix b/pkgs/os-specific/linux/minimal-bootstrap/bash/2.nix index 41e3547a786..5eea877803a 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/bash/2.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/bash/2.nix @@ -84,6 +84,17 @@ kaem.runCommand "${pname}-${version}" { "-e" (builtins.toFile "bash-builder.sh" '' export CONFIG_SHELL=$SHELL + + # Normalize the NIX_BUILD_CORES variable. The value might be 0, which + # means that we're supposed to try and auto-detect the number of + # available CPU cores at run-time. We don't have nproc to detect the + # number of available CPU cores so default to 1 if not set. + NIX_BUILD_CORES="''${NIX_BUILD_CORES:-1}" + if [ $NIX_BUILD_CORES -le 0 ]; then + NIX_BUILD_CORES=1 + fi + export NIX_BUILD_CORES + bash -eux $buildCommandPath '') ]; diff --git a/pkgs/os-specific/linux/minimal-bootstrap/bash/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/bash/default.nix index dea5ad9f017..86fa3a58687 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/bash/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/bash/default.nix @@ -4,15 +4,14 @@ , fetchurl , bootBash , gnumake +, gnupatch , gnused , gnugrep , gnutar , gawk , gzip -, gcc -, glibc -, binutils -, linux-headers +, diffutils +, tinycc , derivationWithMeta , bash , coreutils @@ -25,19 +24,26 @@ let url = "mirror://gnu/bash/bash-${version}.tar.gz"; sha256 = "132qng0jy600mv1fs95ylnlisx2wavkkgpb19c6kmz7lnmjhjwhk"; }; + + patches = [ + # flush output for generated code + ./mksignames-flush.patch + ]; in bootBash.runCommand "${pname}-${version}" { inherit pname version; nativeBuildInputs = [ - gcc - binutils + coreutils + tinycc.compiler gnumake + gnupatch gnused gnugrep gnutar gawk gzip + diffutils ]; passthru.runCommand = name: env: buildCommand: @@ -48,6 +54,17 @@ bootBash.runCommand "${pname}-${version}" { "-e" (builtins.toFile "bash-builder.sh" '' export CONFIG_SHELL=$SHELL + + # Normalize the NIX_BUILD_CORES variable. The value might be 0, which + # means that we're supposed to try and auto-detect the number of + # available CPU cores at run-time. + NIX_BUILD_CORES="''${NIX_BUILD_CORES:-1}" + if ((NIX_BUILD_CORES <= 0)); then + guess=$(nproc 2>/dev/null || true) + ((NIX_BUILD_CORES = guess <= 0 ? 1 : guess)) + fi + export NIX_BUILD_CORES + bash -eux $buildCommandPath '') ]; @@ -78,22 +95,23 @@ bootBash.runCommand "${pname}-${version}" { tar xzf ${src} cd bash-${version} + # Patch + ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} + # Configure - export CC="gcc -I${glibc}/include -I${linux-headers}/include" - export LIBRARY_PATH="${glibc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" - export ac_cv_func_dlopen=no + export CC="tcc -B ${tinycc.libs}/lib" + export AR="tcc -ar" + export LD=tcc bash ./configure \ --prefix=$out \ --build=${buildPlatform.config} \ --host=${hostPlatform.config} \ - --disable-nls \ - --disable-net-redirections + --without-bash-malloc # Build - make SHELL=bash + make -j $NIX_BUILD_CORES SHELL=bash # Install - make install + make -j $NIX_BUILD_CORES install ln -s bash $out/bin/sh '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/bash/mksignames-flush.patch b/pkgs/os-specific/linux/minimal-bootstrap/bash/mksignames-flush.patch new file mode 100644 index 00000000000..6e64dfa7fa3 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/bash/mksignames-flush.patch @@ -0,0 +1,10 @@ +--- a/support/mksignames.c ++++ b/support/mksignames.c +@@ -68,6 +68,7 @@ write_signames (stream) + fprintf (stream, "};\n\n"); + fprintf (stream, "#define initialize_signames()\n\n"); + #endif ++ fflush(stream); + } + + int diff --git a/pkgs/os-specific/linux/minimal-bootstrap/binutils/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/binutils/default.nix index f386ebbaf8e..71e391efb55 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/binutils/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/binutils/default.nix @@ -3,35 +3,29 @@ , hostPlatform , fetchurl , bash +, coreutils , gnumake , gnupatch +, gnused , gnugrep -, gnutar , gawk -, bzip2 -, sed -, mesBootstrap ? false, tinycc ? null -, gcc ? null, glibc ? null, binutils ? null, linux-headers +, diffutils +, gnutar +, xz +, tinycc }: -assert mesBootstrap -> tinycc != null; -assert !mesBootstrap -> gcc != null && glibc != null && binutils != null; + let - pname = "binutils" + lib.optionalString mesBootstrap "-mes"; - version = "2.20.1"; - rev = "a"; + # Based on https://github.com/ZilchOS/bootstrap-from-tcc/blob/2e0c68c36b3437386f786d619bc9a16177f2e149/using-nix/2a1-static-binutils.nix + pname = "binutils"; + version = "2.41"; src = fetchurl { - url = "mirror://gnu/binutils/binutils-${version}${rev}.tar.bz2"; - sha256 = "0r7dr0brfpchh5ic0z9r4yxqn4ybzmlh25sbp30cacqk8nb7rlvi"; + url = "mirror://gnu/binutils/binutils-${version}.tar.xz"; + hash = "sha256-rppXieI0WeWWBuZxRyPy0//DHAMXQZHvDQFb3wYAdFA="; }; patches = [ - # Enables building binutils using TCC and Mes C Library - (fetchurl { - url = "https://git.savannah.gnu.org/cgit/guix.git/plain/gnu/packages/patches/binutils-boot-2.20.1a.patch?id=50249cab3a98839ade2433456fe618acc6f804a5"; - sha256 = "086sf6an2k56axvs4jlky5n3hs2l3rq8zq5d37h0b69cdyh7igpn"; - }) - # Make binutils output deterministic by default. ./deterministic.patch ]; @@ -40,10 +34,10 @@ let "--prefix=${placeholder "out"}" "--build=${buildPlatform.config}" "--host=${hostPlatform.config}" - "--disable-nls" - "--disable-shared" - "--disable-werror" "--with-sysroot=/" + "--enable-deterministic-archives" + # depends on bison + "--disable-gprofng" # Turn on --enable-new-dtags by default to make the linker set # RUNPATH instead of RPATH on binaries. This is important because @@ -60,15 +54,16 @@ bash.runCommand "${pname}-${version}" { inherit pname version; nativeBuildInputs = [ - (if mesBootstrap then tinycc.compiler else gcc) + tinycc.compiler gnumake gnupatch + gnused gnugrep - gnutar gawk - bzip2 - sed - ] ++ lib.optional (!mesBootstrap) binutils; + diffutils + gnutar + xz + ]; passthru.tests.get-version = result: bash.runCommand "${pname}-get-version-${version}" {} '' @@ -85,32 +80,35 @@ bash.runCommand "${pname}-${version}" { }; } '' # Unpack - cp ${src} binutils.tar.bz2 - bunzip2 binutils.tar.bz2 + cp ${src} binutils.tar.xz + unxz binutils.tar.xz tar xf binutils.tar rm binutils.tar cd binutils-${version} # Patch ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} + sed -i 's|/bin/sh|${bash}/bin/bash|' \ + missing install-sh mkinstalldirs + # see libtool's 74c8993c178a1386ea5e2363a01d919738402f30 + sed -i 's/| \$NL2SP/| sort | $NL2SP/' ltmain.sh + # alias makeinfo to true + mkdir aliases + ln -s ${coreutils}/bin/true aliases/makeinfo + export PATH="$(pwd)/aliases/:$PATH" # Configure - ${if mesBootstrap then '' - export CC="tcc -B ${tinycc.libs}/lib -D __GLIBC_MINOR__=6 -D MES_BOOTSTRAP=1" - export AR="tcc -ar" - '' else '' - export CC="gcc -B ${glibc}/lib -I${glibc}/include -I${linux-headers}/include" - export CPP="gcc -E -I${glibc}/include -I${linux-headers}/include" - export AR="ar" - export LIBRARY_PATH="${glibc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" - ''} - export SED=sed + export CC="tcc -B ${tinycc.libs}/lib" + export AR="tcc -ar" + export lt_cv_sys_max_cmd_len=32768 + export CFLAGS="-D__LITTLE_ENDIAN__=1" bash ./configure ${lib.concatStringsSep " " configureFlags} # Build - make + make -j $NIX_BUILD_CORES all-libiberty all-gas all-bfd all-libctf all-zlib all-gprof + make all-ld # race condition on ld/.deps/ldwrite.Po, serialize + make -j $NIX_BUILD_CORES # Install - make install + make -j $NIX_BUILD_CORES install '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/bzip2/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/bzip2/default.nix index 84fb7a0a1b7..05da061ac26 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/bzip2/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/bzip2/default.nix @@ -3,7 +3,7 @@ , bash , tinycc , gnumake -, gnupatch +, gnutar , gzip }: let @@ -14,16 +14,6 @@ let url = "https://sourceware.org/pub/bzip2/bzip2-${version}.tar.gz"; sha256 = "0s92986cv0p692icqlw1j42y9nld8zd83qwhzbqd61p1dqbh6nmb"; }; - - patches = [ - # mes libc has no time support, so we remove that. - # It also does not have fch{own,mod}, which we don't care about in the bootstrap - # anyway, so we can null-op those calls. - (fetchurl { - url = "https://github.com/fosslinux/live-bootstrap/raw/87e9d7db9d22b400d1c05247254ac39ee2577e80/sysa/bzip2-1.0.8/patches/mes-libc.patch"; - sha256 = "14dciwib28h413skzfkh7samzh8x87dmwhldyxxphff04pvl1j3c"; - }) - ]; in bash.runCommand "${pname}-${version}" { inherit pname version; @@ -31,13 +21,13 @@ bash.runCommand "${pname}-${version}" { nativeBuildInputs = [ tinycc.compiler gnumake - gnupatch + gnutar gzip ]; passthru.tests.get-version = result: bash.runCommand "${pname}-get-version-${version}" {} '' - ${result}/bin/bzip2 --version --help + ${result}/bin/bzip2 --help mkdir $out ''; @@ -50,21 +40,16 @@ bash.runCommand "${pname}-${version}" { }; } '' # Unpack - cp ${src} bzip2.tar.gz - gunzip bzip2.tar.gz - untar --file bzip2.tar - rm bzip2.tar + tar xzf ${src} cd bzip2-${version} - # Patch - ${lib.concatMapStringsSep "\n" (f: "patch -Np0 -i ${f}") patches} - # Build make \ - CC="tcc -B ${tinycc.libs}/lib -I ." \ + -j $NIX_BUILD_CORES \ + CC="tcc -B ${tinycc.libs}/lib" \ AR="tcc -ar" \ bzip2 bzip2recover # Install - make install PREFIX=$out + make install -j $NIX_BUILD_CORES PREFIX=$out '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/coreutils/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/coreutils/default.nix index eb4fe9bcf99..9d7480d239f 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/coreutils/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/coreutils/default.nix @@ -6,7 +6,7 @@ , gnupatch }: let - pname = "coreutils"; + pname = "bootstrap-coreutils"; version = "5.0"; src = fetchurl { diff --git a/pkgs/os-specific/linux/minimal-bootstrap/coreutils/musl.nix b/pkgs/os-specific/linux/minimal-bootstrap/coreutils/musl.nix new file mode 100644 index 00000000000..14584e0a7e6 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/coreutils/musl.nix @@ -0,0 +1,74 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, tinycc +, gnumake +, gnugrep +, gnused +, gawk +, gnutar +, gzip +}: +let + pname = "bootstrap-coreutils-musl"; + version = "9.4"; + + src = fetchurl { + url = "mirror://gnu/coreutils/coreutils-${version}.tar.gz"; + hash = "sha256-X2ANkJOXOwr+JTk9m8GMRPIjJlf0yg2V6jHHAutmtzk="; + }; + + configureFlags = [ + "--prefix=${placeholder "out"}" + "--build=${buildPlatform.config}" + "--host=${hostPlatform.config}" + # musl 1.1.x doesn't use 64bit time_t + "--disable-year2038" + # libstdbuf.so fails in static builds + "--enable-no-install-program=stdbuf" + ]; +in +bash.runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ + tinycc.compiler + gnumake + gnused + gnugrep + gawk + gnutar + gzip + ]; + + passthru.tests.get-version = result: + bash.runCommand "${pname}-get-version-${version}" {} '' + ${result}/bin/cat --version + mkdir $out + ''; + + meta = with lib; { + description = "The GNU Core Utilities"; + homepage = "https://www.gnu.org/software/coreutils"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + platforms = platforms.unix; + }; +} '' + # Unpack + tar xzf ${src} + cd coreutils-${version} + + # Configure + export CC="tcc -B ${tinycc.libs}/lib" + export LD=tcc + bash ./configure ${lib.concatStringsSep " " configureFlags} + + # Build + make -j $NIX_BUILD_CORES AR="tcc -ar" MAKEINFO="true" + + # Install + make -j $NIX_BUILD_CORES install MAKEINFO="true" +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/default.nix index 55900f86d21..a246b587dd4 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/default.nix @@ -17,46 +17,43 @@ lib.makeScope bash = callPackage ./bash { bootBash = bash_2_05; - gcc = gcc2; - glibc = glibc22; - gawk = gawk-mes; + tinycc = tinycc-musl; + coreutils = coreutils-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; }; binutils = callPackage ./binutils { - bash = bash_2_05; - gcc = gcc2; - binutils = binutils-mes; - glibc = glibc22; - sed = heirloom.sed; - gawk = gawk-mes; - }; - binutils-mes = callPackage ./binutils { - bash = bash_2_05; - tinycc = tinycc-mes; - sed = heirloom.sed; - gawk = gawk-mes; - mesBootstrap = true; + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; }; bzip2 = callPackage ./bzip2 { - bash = bash_2_05; - tinycc = tinycc-mes; + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; }; coreutils = callPackage ./coreutils { tinycc = tinycc-mes; }; + coreutils-musl = callPackage ./coreutils/musl.nix { + bash = bash_2_05; + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; + }; diffutils = callPackage ./diffutils { bash = bash_2_05; - gcc = gcc2; - glibc = glibc22; - gawk = gawk-mes; + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; }; findutils = callPackage ./findutils { - bash = bash_2_05; - gcc = gcc2; - glibc = glibc22; - gawk = gawk-mes; + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; }; gawk-mes = callPackage ./gawk/mes.nix { @@ -67,35 +64,42 @@ lib.makeScope gawk = callPackage ./gawk { bash = bash_2_05; - gcc = gcc2; - glibc = glibc22; + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; bootGawk = gawk-mes; }; - gcc2 = callPackage ./gcc/2.nix { - bash = bash_2_05; - gcc = gcc2-mes; - binutils = binutils-mes; - glibc = glibc22; + gcc46 = callPackage ./gcc/4.6.nix { + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; + # FIXME: not sure why new gawk doesn't work + gawk = gawk-mes; }; - gcc2-mes = callPackage ./gcc/2.nix { - bash = bash_2_05; - tinycc = tinycc-mes; - binutils = binutils-mes; - mesBootstrap = true; + gcc46-cxx = callPackage ./gcc/4.6.cxx.nix { + gcc = gcc46; + gnumake = gnumake-musl; + gnutar = gnutar-musl; + # FIXME: not sure why new gawk doesn't work + gawk = gawk-mes; }; - gcc46 = callPackage ./gcc/4.6.nix { - gcc = gcc2; - glibc = glibc22; + gcc8 = callPackage ./gcc/8.nix { + gcc = gcc46-cxx; + gnumake = gnumake-musl; + gnutar = gnutar-latest; + # FIXME: not sure why new gawk doesn't work gawk = gawk-mes; }; - inherit (callPackage ./glibc { - bash = bash_2_05; - gnused = gnused-mes; + gcc-latest = callPackage ./gcc/latest.nix { + gcc = gcc8; + gnumake = gnumake-musl; + gnutar = gnutar-latest; + # FIXME: not sure why new gawk doesn't work gawk = gawk-mes; - }) glibc22; + }; gnugrep = callPackage ./gnugrep { bash = bash_2_05; @@ -104,26 +108,44 @@ lib.makeScope gnumake = callPackage ./gnumake { tinycc = tinycc-mes; }; + gnumake-musl = callPackage ./gnumake/musl.nix { + bash = bash_2_05; + tinycc = tinycc-musl; + gawk = gawk-mes; + gnumakeBoot = gnumake; + }; + gnupatch = callPackage ./gnupatch { tinycc = tinycc-mes; }; gnused = callPackage ./gnused { bash = bash_2_05; - gcc = gcc2; - glibc = glibc22; + tinycc = tinycc-musl; gnused = gnused-mes; }; - gnused-mes = callPackage ./gnused { + gnused-mes = callPackage ./gnused/mes.nix { bash = bash_2_05; tinycc = tinycc-mes; - mesBootstrap = true; }; - gnutar = callPackage ./gnutar { + gnutar = callPackage ./gnutar/mes.nix { bash = bash_2_05; tinycc = tinycc-mes; gnused = gnused-mes; }; + gnutar-musl = callPackage ./gnutar/musl.nix { + bash = bash_2_05; + tinycc = tinycc-musl; + gnused = gnused-mes; + }; + + # FIXME: better package naming scheme + gnutar-latest = callPackage ./gnutar/latest.nix { + gcc = gcc46; + gnumake = gnumake-musl; + gnutarBoot = gnutar-musl; + }; + gzip = callPackage ./gzip { bash = bash_2_05; tinycc = tinycc-mes; @@ -144,9 +166,15 @@ lib.makeScope mes = lib.recurseIntoAttrs (callPackage ./mes { }); mes-libc = callPackage ./mes/libc.nix { }; + musl11 = callPackage ./musl/1.1.nix { + bash = bash_2_05; + tinycc = tinycc-mes; + gnused = gnused-mes; + }; + musl = callPackage ./musl { gcc = gcc46; - gawk = gawk-mes; + gnumake = gnumake-musl; }; stage0-posix = callPackage ./stage0-posix { }; @@ -155,12 +183,16 @@ lib.makeScope tinycc-bootstrappable = lib.recurseIntoAttrs (callPackage ./tinycc/bootstrappable.nix { }); tinycc-mes = lib.recurseIntoAttrs (callPackage ./tinycc/mes.nix { }); + tinycc-musl = lib.recurseIntoAttrs (callPackage ./tinycc/musl.nix { + bash = bash_2_05; + musl = musl11; + }); xz = callPackage ./xz { bash = bash_2_05; - tinycc = tinycc-mes; - gawk = gawk-mes; - inherit (heirloom) sed; + tinycc = tinycc-musl; + gnumake = gnumake-musl; + gnutar = gnutar-musl; }; inherit (callPackage ./utils.nix { }) derivationWithMeta writeTextFile writeText; @@ -169,24 +201,28 @@ lib.makeScope echo ${bash.tests.get-version} echo ${bash_2_05.tests.get-version} echo ${binutils.tests.get-version} - echo ${binutils-mes.tests.get-version} echo ${bzip2.tests.get-version} + echo ${coreutils-musl.tests.get-version} echo ${diffutils.tests.get-version} echo ${findutils.tests.get-version} echo ${gawk-mes.tests.get-version} echo ${gawk.tests.get-version} - echo ${gcc2.tests.get-version} - echo ${gcc2-mes.tests.get-version} echo ${gcc46.tests.get-version} + echo ${gcc46-cxx.tests.hello-world} + echo ${gcc8.tests.hello-world} + echo ${gcc-latest.tests.hello-world} echo ${gnugrep.tests.get-version} echo ${gnused.tests.get-version} echo ${gnused-mes.tests.get-version} echo ${gnutar.tests.get-version} + echo ${gnutar-musl.tests.get-version} + echo ${gnutar-latest.tests.get-version} echo ${gzip.tests.get-version} echo ${heirloom.tests.get-version} echo ${mes.compiler.tests.get-version} echo ${musl.tests.hello-world} echo ${tinycc-mes.compiler.tests.chain} + echo ${tinycc-musl.compiler.tests.hello-world} echo ${xz.tests.get-version} mkdir ''${out} ''; diff --git a/pkgs/os-specific/linux/minimal-bootstrap/diffutils/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/diffutils/default.nix index 7545a52524a..24cd643b349 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/diffutils/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/diffutils/default.nix @@ -3,38 +3,35 @@ , hostPlatform , fetchurl , bash -, gcc -, glibc -, binutils -, linux-headers +, tinycc , gnumake , gnugrep , gnused , gawk , gnutar -, gzip +, xz }: let pname = "diffutils"; - version = "2.8.1"; + # last version that can be built by tinycc-musl 0.9.27 + version = "3.8"; src = fetchurl { - url = "mirror://gnu/diffutils/diffutils-${version}.tar.gz"; - sha256 = "0nizs9r76aiymzasmj1jngl7s71jfzl9xfziigcls8k9n141f065"; + url = "mirror://gnu/diffutils/diffutils-${version}.tar.xz"; + hash = "sha256-pr3X0bMSZtEcT03mwbdI1GB6sCMa9RiPwlM9CuJDj+w="; }; in bash.runCommand "${pname}-${version}" { inherit pname version; nativeBuildInputs = [ - gcc - binutils + tinycc.compiler gnumake gnused gnugrep gawk gnutar - gzip + xz ]; passthru.tests.get-version = result: @@ -52,21 +49,23 @@ bash.runCommand "${pname}-${version}" { }; } '' # Unpack - tar xzf ${src} + cp ${src} diffutils.tar.xz + unxz diffutils.tar.xz + tar xf diffutils.tar + rm diffutils.tar cd diffutils-${version} # Configure - export C_INCLUDE_PATH="${glibc}/include:${linux-headers}/include" - export LIBRARY_PATH="${glibc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" + export CC="tcc -B ${tinycc.libs}/lib" + export LD=tcc bash ./configure \ --prefix=$out \ --build=${buildPlatform.config} \ --host=${hostPlatform.config} # Build - make + make -j $NIX_BUILD_CORES AR="tcc -ar" # Install - make install + make -j $NIX_BUILD_CORES install '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/findutils/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/findutils/default.nix index cf26abd2138..97418d218fb 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/findutils/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/findutils/default.nix @@ -3,38 +3,34 @@ , hostPlatform , fetchurl , bash -, gcc -, glibc -, binutils -, linux-headers +, tinycc , gnumake , gnugrep , gnused , gawk , gnutar -, gzip +, xz }: let pname = "findutils"; - version = "4.4.2"; + version = "4.9.0"; src = fetchurl { - url = "mirror://gnu/findutils/findutils-${version}.tar.gz"; - sha256 = "0amn0bbwqvsvvsh6drfwz20ydc2czk374lzw5kksbh6bf78k4ks3"; + url = "mirror://gnu/findutils/findutils-${version}.tar.xz"; + hash = "sha256-or+4wJ1DZ3DtxZ9Q+kg+eFsWGjt7nVR1c8sIBl/UYv4="; }; in bash.runCommand "${pname}-${version}" { inherit pname version; nativeBuildInputs = [ - gcc - binutils + tinycc.compiler gnumake gnused gnugrep gawk gnutar - gzip + xz ]; passthru.tests.get-version = result: @@ -52,21 +48,28 @@ bash.runCommand "${pname}-${version}" { }; } '' # Unpack - tar xzf ${src} + cp ${src} findutils.tar.xz + unxz findutils.tar.xz + tar xf findutils.tar + rm findutils.tar cd findutils-${version} + # Patch + # configure fails to accurately detect PATH_MAX support + sed -i 's/chdir_long/chdir/' gl/lib/save-cwd.c + # Configure - export C_INCLUDE_PATH="${glibc}/include:${linux-headers}/include" - export LIBRARY_PATH="${glibc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" + export CC="tcc -B ${tinycc.libs}/lib" + export AR="tcc -ar" + export LD=tcc bash ./configure \ --prefix=$out \ --build=${buildPlatform.config} \ --host=${hostPlatform.config} # Build - make + make -j $NIX_BUILD_CORES # Install - make install + make -j $NIX_BUILD_CORES install '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gawk/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/gawk/default.nix index 935414f2176..879b98bf00c 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/gawk/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/gawk/default.nix @@ -3,10 +3,7 @@ , hostPlatform , fetchurl , bash -, gcc -, glibc -, binutils -, linux-headers +, tinycc , gnumake , gnugrep , gnused @@ -17,21 +14,18 @@ let inherit (import ./common.nix { inherit lib; }) meta; pname = "gawk"; - # >= 4.2.0 fails to cleanly build. may be worth investigating in the future. - # for now this version is sufficient to build glibc 2.16 - version = "4.1.4"; + version = "5.2.2"; src = fetchurl { url = "mirror://gnu/gawk/gawk-${version}.tar.gz"; - sha256 = "0dadjkpyyizmyd0l098qps8lb39r0vrz3xl3hwz2cmjs5c70h0wc"; + hash = "sha256-lFrvfM/xAfILIqEIArwAXplKsrjqPnJMwaGXxi9B9lA="; }; in bash.runCommand "${pname}-${version}" { inherit pname version meta; nativeBuildInputs = [ - gcc - binutils + tinycc.compiler gnumake gnused gnugrep @@ -51,18 +45,17 @@ bash.runCommand "${pname}-${version}" { cd gawk-${version} # Configure - export C_INCLUDE_PATH="${glibc}/include:${linux-headers}/include" - export LIBRARY_PATH="${glibc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" + export CC="tcc -B ${tinycc.libs}/lib" + export AR="tcc -ar" + export LD=tcc bash ./configure \ --prefix=$out \ --build=${buildPlatform.config} \ --host=${hostPlatform.config} # Build - make gawk + make -j $NIX_BUILD_CORES # Install - install -D gawk $out/bin/gawk - ln -s gawk $out/bin/awk + make -j $NIX_BUILD_CORES install '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gcc/2.nix b/pkgs/os-specific/linux/minimal-bootstrap/gcc/2.nix deleted file mode 100644 index c879fd30aaf..00000000000 --- a/pkgs/os-specific/linux/minimal-bootstrap/gcc/2.nix +++ /dev/null @@ -1,140 +0,0 @@ -{ lib -, buildPlatform -, hostPlatform -, fetchurl -, bash -, gnumake -, gnupatch -, gnugrep -, gnutar -, gzip -, heirloom -, binutils -, mesBootstrap ? false, tinycc ? null, mes-libc -, gcc ? null, glibc ? null, linux-headers -}: -assert mesBootstrap -> tinycc != null; -assert !mesBootstrap -> gcc != null && glibc != null; -let - # Gcc-2.95.3 is the most recent GCC that is supported by what the Mes C - # Library v0.16 offers. Gcc-3.x (and 4.x) place higher demands on a C - # library, such as dir.h/struct DIR/readdir, locales, signals... Also, - # with gcc-2.95.3, binutils (2.14.0, 2.20.1a) and glibc-2.2.5 we found a - # GNU toolchain triplet "that works". - # - from guix/gnu/packages/commencement.scm - pname = "gcc" + lib.optionalString mesBootstrap "-mes"; - version = "2.95.3"; - - src = fetchurl { - url = "mirror://gnu/gcc/gcc-${version}/gcc-core-${version}.tar.gz"; - sha256 = "1xvfy4pqhrd5v2cv8lzf63iqg92k09g6z9n2ah6ndd4h17k1x0an"; - }; - - patches = [ - # This patch enables building gcc-2.95.3 using TCC and Mes C Library. - # * Disable building DOC - # * Avoid running `fixproto'. - # * Force running `fixinc'. - # * Replace Makefile trickery of creating an libgcc1.a archive, then - # extracting the .o files later to create a new libgcc2.a archive. - # Instead, keep temporary .o files. - (fetchurl { - url = "https://git.savannah.gnu.org/cgit/guix.git/plain/gnu/packages/patches/gcc-boot-2.95.3.patch?id=50249cab3a98839ade2433456fe618acc6f804a5"; - sha256 = "03l3jaxch6d76mx4zkn6ky64paj58jk0biddck01qd4bnw9z8hiw"; - }) - ]; - - makeFlags = [ - "LANGUAGES=c" - ] ++ lib.optionals mesBootstrap [ - "LIBGCC2_INCLUDES=\"-I ${mes-libc}/include\"" - "BOOT_LDFLAGS=\" -B ${tinycc.libs}/lib\"" - ] ++ lib.optionals (!mesBootstrap) [ - "LIBGCC2_INCLUDES=\"-I ${glibc}/include -I ${linux-headers}/include\"" - ]; -in -bash.runCommand "${pname}-${version}" { - inherit pname version; - - nativeBuildInputs = [ - (if mesBootstrap then tinycc.compiler else gcc) - gnumake - gnupatch - gnugrep - gnutar - gzip - heirloom.sed - binutils - ]; - - passthru.tests.get-version = result: - bash.runCommand "${pname}-get-version-${version}" {} '' - ${result}/bin/gcc --version - mkdir $out - ''; - - meta = with lib; { - description = "GNU Compiler Collection, version ${version}"; - homepage = "https://gcc.gnu.org"; - license = licenses.gpl3Plus; - maintainers = teams.minimal-bootstrap.members; - platforms = platforms.unix; - }; -} '' - # Unpack - tar xzf ${src} - cd gcc-${version} - - # Patch - ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} - # /build/glibc-2.2.5/intl/loadmsgcat.c:334: multiple definition of `_nl_load_domain' - # ../intl/libintl.a(loadmsgcat.o):/build/gcc-2.95.3/texinfo/intl/loadmsgcat.c:66: first defined here - rm -R texinfo - mkdir -p texinfo - echo 'all:'>texinfo/Makefile.in - echo 'install:'>>texinfo/Makefile.in - - # Configure - ${if mesBootstrap then '' - export CC="tcc -B ${tinycc.libs}/lib -D __GLIBC_MINOR__=6" - export CPP="tcc -E" - export ac_cv_func_setlocale=no - '' else '' - export CC="gcc -I${glibc}/include -I${linux-headers}/include -I${gcc}/lib/gcc-lib/${hostPlatform.config}/${version}/include" - export CPP="gcc -E -I${glibc}/include -I${linux-headers}/include -I${gcc}/lib/gcc-lib/${hostPlatform.config}/${version}/include" - export LIBRARY_PATH="${glibc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" - ''} - export OLDCC="$CC" - export CC_FOR_BUILD="$CC" - export AR=ar - export RANLIB=ranlib - export ac_cv_c_float_format='IEEE (little-endian)' - bash ./configure \ - --build=${buildPlatform.config} \ - --host=${hostPlatform.config} \ - --enable-static \ - --disable-shared \ - --disable-werror \ - --prefix=$out - # no info at this stage - touch gcc/cpp.info gcc/gcc.info - - # Build - make ${lib.concatStringsSep " " makeFlags} - - # Install - make install - mkdir tmp - cd tmp - ar x ../gcc/libgcc2.a - ${lib.optionalString mesBootstrap "ar x ${tinycc.libs}/lib/libtcc1.a"} - ar r $out/lib/gcc-lib/${hostPlatform.config}/${version}/libgcc.a *.o - cd .. - cp gcc/libgcc2.a $out/lib/libgcc2.a - ${lib.optionalString mesBootstrap '' - ar x ${tinycc.libs}/lib/libtcc1.a - ar x ${tinycc.libs}/lib/libc.a - ar r $out/lib/gcc-lib/${hostPlatform.config}/${version}/libc.a libc.o libtcc1.o - ''} -'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gcc/4.6.cxx.nix b/pkgs/os-specific/linux/minimal-bootstrap/gcc/4.6.cxx.nix new file mode 100644 index 00000000000..277c5e82cc3 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gcc/4.6.cxx.nix @@ -0,0 +1,140 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, coreutils +, gcc +, musl +, binutils +, gnumake +, gnupatch +, gnused +, gnugrep +, gawk +, diffutils +, findutils +, gnutar +, gzip +}: +let + pname = "gcc-cxx"; + version = "4.6.4"; + + src = fetchurl { + url = "mirror://gnu/gcc/gcc-${version}/gcc-core-${version}.tar.gz"; + sha256 = "173kdb188qg79pcz073cj9967rs2vzanyjdjyxy9v0xb0p5sad75"; + }; + + ccSrc = fetchurl { + url = "mirror://gnu/gcc/gcc-${version}/gcc-g++-${version}.tar.gz"; + sha256 = "1fqqk5zkmdg4vmqzdmip9i42q6b82i3f6yc0n86n9021cr7ms2k9"; + }; + + gmpVersion = "4.3.2"; + gmp = fetchurl { + url = "mirror://gnu/gmp/gmp-${gmpVersion}.tar.gz"; + sha256 = "15rwq54fi3s11izas6g985y9jklm3xprfsmym3v1g6xr84bavqvv"; + }; + + mpfrVersion = "2.4.2"; + mpfr = fetchurl { + url = "mirror://gnu/mpfr/mpfr-${mpfrVersion}.tar.gz"; + sha256 = "0dxn4904dra50xa22hi047lj8kkpr41d6vb9sd4grca880c7wv94"; + }; + + mpcVersion = "1.0.3"; + mpc = fetchurl { + url = "mirror://gnu/mpc/mpc-${mpcVersion}.tar.gz"; + sha256 = "1hzci2zrrd7v3g1jk35qindq05hbl0bhjcyyisq9z209xb3fqzb1"; + }; + + patches = [ + # Remove hardcoded NATIVE_SYSTEM_HEADER_DIR + ./no-system-headers.patch + ]; +in +bash.runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ + gcc + binutils + gnumake + gnupatch + gnused + gnugrep + gawk + diffutils + findutils + gnutar + gzip + ]; + + passthru.tests.hello-world = result: + bash.runCommand "${pname}-simple-program-${version}" { + nativeBuildInputs = [ binutils musl result ]; + } '' + cat <<EOF >> test.c + #include <stdio.h> + int main() { + printf("Hello World!\n"); + return 0; + } + EOF + musl-gcc -o test test.c + ./test + mkdir $out + ''; + + meta = with lib; { + description = "GNU Compiler Collection, version ${version}"; + homepage = "https://gcc.gnu.org"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + platforms = platforms.unix; + }; +} '' + # Unpack + tar xzf ${src} + tar xzf ${ccSrc} + tar xzf ${gmp} + tar xzf ${mpfr} + tar xzf ${mpc} + cd gcc-${version} + + ln -s ../gmp-${gmpVersion} gmp + ln -s ../mpfr-${mpfrVersion} mpfr + ln -s ../mpc-${mpcVersion} mpc + + # Patch + ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} + # doesn't recognise musl + sed -i 's|"os/gnu-linux"|"os/generic"|' libstdc++-v3/configure.host + + # Configure + export CC="gcc -Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export CFLAGS_FOR_TARGET="-Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export C_INCLUDE_PATH="${musl}/include" + export CPLUS_INCLUDE_PATH="$C_INCLUDE_PATH" + export LIBRARY_PATH="${musl}/lib" + + bash ./configure \ + --prefix=$out \ + --build=${buildPlatform.config} \ + --host=${hostPlatform.config} \ + --with-native-system-header-dir=${musl}/include \ + --with-build-sysroot=${musl} \ + --enable-languages=c,c++ \ + --disable-bootstrap \ + --disable-libmudflap \ + --disable-libstdcxx-pch \ + --disable-lto \ + --disable-multilib + + # Build + make -j $NIX_BUILD_CORES + + # Install + make -j $NIX_BUILD_CORES install +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gcc/4.6.nix b/pkgs/os-specific/linux/minimal-bootstrap/gcc/4.6.nix index ce348352b67..8b56dff5882 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/gcc/4.6.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/gcc/4.6.nix @@ -3,9 +3,7 @@ , hostPlatform , fetchurl , bash -, gcc -, glibc -, linux-headers +, tinycc , binutils , gnumake , gnupatch @@ -31,24 +29,6 @@ let sha256 = "1fqqk5zkmdg4vmqzdmip9i42q6b82i3f6yc0n86n9021cr7ms2k9"; }; - patches = [ - # This patch enables building gcc-4.6.4 using gcc-2.95.3 and glibc-2.2.5 - # * Tweak Makefile to allow overriding NATIVE_SYSTEM_HEADER_DIR using #:makeflags - # * Add missing limits.h include. - # * Add SSIZE_MAX define. The SSIZE_MAX define has been added to Mes - # upstream and can be removed with the next Mes release. - # * Remove -fbuilding-libgcc flag, it assumes features being present from a - # newer gcc or glibc. - # * [MES_BOOTSTRAP_GCC]: Disable threads harder. - (fetchurl { - url = "https://git.savannah.gnu.org/cgit/guix.git/plain/gnu/packages/patches/gcc-boot-4.6.4.patch?id=50249cab3a98839ade2433456fe618acc6f804a5"; - sha256 = "1zzd8gnihw6znrgb6c6pfsmm0vix89xw3giv1nnsykm57j0v3z0d"; - }) - ./libstdc++-target.patch - ]; - - # To reduce the set of pre-built bootstrap inputs, build - # GMP & co. from GCC. gmpVersion = "4.3.2"; gmp = fetchurl { url = "mirror://gnu/gmp/gmp-${gmpVersion}.tar.gz"; @@ -66,12 +46,17 @@ let url = "mirror://gnu/mpc/mpc-${mpcVersion}.tar.gz"; sha256 = "1hzci2zrrd7v3g1jk35qindq05hbl0bhjcyyisq9z209xb3fqzb1"; }; + + patches = [ + # Remove hardcoded NATIVE_SYSTEM_HEADER_DIR + ./no-system-headers.patch + ]; in bash.runCommand "${pname}-${version}" { inherit pname version; nativeBuildInputs = [ - gcc + tinycc.compiler binutils gnumake gnupatch @@ -84,10 +69,6 @@ bash.runCommand "${pname}-${version}" { gzip ]; - # condition in ./libcpp/configure requires `env` which is not available in this coreutils - am_cv_CXX_dependencies_compiler_type = "gcc"; - am_cv_CC_dependencies_compiler_type = "gcc"; - passthru.tests.get-version = result: bash.runCommand "${pname}-get-version-${version}" {} '' ${result}/bin/gcc --version @@ -118,18 +99,21 @@ bash.runCommand "${pname}-${version}" { ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} # Configure - export C_INCLUDE_PATH="${gcc}/lib/gcc-lib/${hostPlatform.config}/${gcc.version}/include:${linux-headers}/include:${glibc}/include:$(pwd)/mpfr/src" + export CC="tcc -B ${tinycc.libs}/lib" + export C_INCLUDE_PATH="${tinycc.libs}/include:$(pwd)/mpfr/src" export CPLUS_INCLUDE_PATH="$C_INCLUDE_PATH" - export LDFLAGS="-B${glibc}/lib -Wl,-dynamic-linker -Wl,${glibc}" - export LDFLAGS_FOR_TARGET=$LDFLAGS - export LIBRARY_PATH="${glibc}/lib:${gcc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" + + # Avoid "Link tests are not allowed after GCC_NO_EXECUTABLES" + export lt_cv_shlibpath_overrides_runpath=yes + export ac_cv_func_memcpy=yes + export ac_cv_func_strerror=yes + bash ./configure \ --prefix=$out \ --build=${buildPlatform.config} \ --host=${hostPlatform.config} \ - --with-native-system-header-dir=${glibc}/include \ - --with-build-sysroot=${glibc}/include \ + --with-native-system-header-dir=${tinycc.libs}/include \ + --with-build-sysroot=${tinycc.libs}/include \ --disable-bootstrap \ --disable-decimal-float \ --disable-libatomic \ @@ -146,7 +130,7 @@ bash.runCommand "${pname}-${version}" { --disable-multilib \ --disable-plugin \ --disable-threads \ - --enable-languages=c,c++ \ + --enable-languages=c \ --enable-static \ --disable-shared \ --enable-threads=single \ @@ -154,8 +138,8 @@ bash.runCommand "${pname}-${version}" { --disable-build-with-cxx # Build - make + make -j $NIX_BUILD_CORES # Install - make install + make -j $NIX_BUILD_CORES install '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gcc/8.nix b/pkgs/os-specific/linux/minimal-bootstrap/gcc/8.nix new file mode 100644 index 00000000000..ea9fdaf8854 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gcc/8.nix @@ -0,0 +1,141 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, coreutils +, gcc +, musl +, binutils +, gnumake +, gnused +, gnugrep +, gawk +, diffutils +, findutils +, gnutar +, gzip +, bzip2 +, xz +}: +let + pname = "gcc"; + version = "8.5.0"; + + src = fetchurl { + url = "mirror://gnu/gcc/gcc-${version}/gcc-${version}.tar.xz"; + hash = "sha256-0wiEGlEbuDCmEAOXsAQtskzhH2Qtq26m7kSELlMl7VA="; + }; + + # last version to compile with gcc 4.6 + gmpVersion = "6.2.1"; + gmp = fetchurl { + url = "mirror://gnu/gmp/gmp-${gmpVersion}.tar.xz"; + hash = "sha256-/UgpkSzd0S+EGBw0Ucx1K+IkZD6H+sSXtp7d2txJtPI="; + }; + + mpfrVersion = "4.2.1"; + mpfr = fetchurl { + url = "mirror://gnu/mpfr/mpfr-${mpfrVersion}.tar.xz"; + hash = "sha256-J3gHNTpnJpeJlpRa8T5Sgp46vXqaW3+yeTiU4Y8fy7I="; + }; + + mpcVersion = "1.3.1"; + mpc = fetchurl { + url = "mirror://gnu/mpc/mpc-${mpcVersion}.tar.gz"; + hash = "sha256-q2QkkvXPiCt0qgy3MM1BCoHtzb7IlRg86TDnBsHHWbg="; + }; + + islVersion = "0.24"; + isl = fetchurl { + url = "https://gcc.gnu.org/pub/gcc/infrastructure/isl-${islVersion}.tar.bz2"; + hash = "sha256-/PeN2WVsEOuM+fvV9ZoLawE4YgX+GTSzsoegoYmBRcA="; + }; +in +bash.runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ + gcc + binutils + gnumake + gnused + gnugrep + gawk + diffutils + findutils + gnutar + gzip + bzip2 + xz + ]; + + passthru.tests.hello-world = result: + bash.runCommand "${pname}-simple-program-${version}" { + nativeBuildInputs = [ binutils musl result ]; + } '' + cat <<EOF >> test.c + #include <stdio.h> + int main() { + printf("Hello World!\n"); + return 0; + } + EOF + musl-gcc -o test test.c + ./test + mkdir $out + ''; + + meta = with lib; { + description = "GNU Compiler Collection, version ${version}"; + homepage = "https://gcc.gnu.org"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + platforms = platforms.unix; + }; +} '' + # Unpack + tar xf ${src} + tar xf ${gmp} + tar xf ${mpfr} + tar xf ${mpc} + tar xf ${isl} + cd gcc-${version} + + ln -s ../gmp-${gmpVersion} gmp + ln -s ../mpfr-${mpfrVersion} mpfr + ln -s ../mpc-${mpcVersion} mpc + ln -s ../isl-${islVersion} isl + + # Patch + # doesn't recognise musl + sed -i 's|"os/gnu-linux"|"os/generic"|' libstdc++-v3/configure.host + + # Configure + export CC="gcc -Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export CXX="g++ -Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export CFLAGS_FOR_TARGET="-Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export C_INCLUDE_PATH="${musl}/include" + export CPLUS_INCLUDE_PATH="$C_INCLUDE_PATH" + export LIBRARY_PATH="${musl}/lib" + + bash ./configure \ + --prefix=$out \ + --build=${buildPlatform.config} \ + --host=${hostPlatform.config} \ + --with-native-system-header-dir=/include \ + --with-sysroot=${musl} \ + --enable-languages=c,c++ \ + --disable-bootstrap \ + --disable-libmpx \ + --disable-libsanitizer \ + --disable-lto \ + --disable-multilib \ + --disable-plugin + + # Build + make -j $NIX_BUILD_CORES + + # Install + make -j $NIX_BUILD_CORES install-strip +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gcc/latest.nix b/pkgs/os-specific/linux/minimal-bootstrap/gcc/latest.nix new file mode 100644 index 00000000000..fba3b731a00 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gcc/latest.nix @@ -0,0 +1,137 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, coreutils +, gcc +, musl +, binutils +, gnumake +, gnused +, gnugrep +, gawk +, diffutils +, findutils +, gnutar +, gzip +, bzip2 +, xz +}: +let + pname = "gcc"; + version = "13.2.0"; + + src = fetchurl { + url = "mirror://gnu/gcc/gcc-${version}/gcc-${version}.tar.xz"; + hash = "sha256-4nXnZEKmBnNBon8Exca4PYYTFEAEwEE1KIY9xrXHQ9o="; + }; + + gmpVersion = "6.3.0"; + gmp = fetchurl { + url = "mirror://gnu/gmp/gmp-${gmpVersion}.tar.xz"; + hash = "sha256-o8K4AgG4nmhhb0rTC8Zq7kknw85Q4zkpyoGdXENTiJg="; + }; + + mpfrVersion = "4.2.1"; + mpfr = fetchurl { + url = "mirror://gnu/mpfr/mpfr-${mpfrVersion}.tar.xz"; + hash = "sha256-J3gHNTpnJpeJlpRa8T5Sgp46vXqaW3+yeTiU4Y8fy7I="; + }; + + mpcVersion = "1.3.1"; + mpc = fetchurl { + url = "mirror://gnu/mpc/mpc-${mpcVersion}.tar.gz"; + hash = "sha256-q2QkkvXPiCt0qgy3MM1BCoHtzb7IlRg86TDnBsHHWbg="; + }; + + islVersion = "0.24"; + isl = fetchurl { + url = "https://gcc.gnu.org/pub/gcc/infrastructure/isl-${islVersion}.tar.bz2"; + hash = "sha256-/PeN2WVsEOuM+fvV9ZoLawE4YgX+GTSzsoegoYmBRcA="; + }; +in +bash.runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ + gcc + binutils + gnumake + gnused + gnugrep + gawk + diffutils + findutils + gnutar + gzip + bzip2 + xz + ]; + + passthru.tests.hello-world = result: + bash.runCommand "${pname}-simple-program-${version}" { + nativeBuildInputs = [ binutils musl result ]; + } '' + cat <<EOF >> test.c + #include <stdio.h> + int main() { + printf("Hello World!\n"); + return 0; + } + EOF + musl-gcc -o test test.c + ./test + mkdir $out + ''; + + meta = with lib; { + description = "GNU Compiler Collection, version ${version}"; + homepage = "https://gcc.gnu.org"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + platforms = platforms.unix; + }; +} '' + # Unpack + tar xf ${src} + tar xf ${gmp} + tar xf ${mpfr} + tar xf ${mpc} + tar xf ${isl} + cd gcc-${version} + + ln -s ../gmp-${gmpVersion} gmp + ln -s ../mpfr-${mpfrVersion} mpfr + ln -s ../mpc-${mpcVersion} mpc + ln -s ../isl-${islVersion} isl + + # Patch + # force musl even if host triple is gnu + sed -i 's|"os/gnu-linux"|"os/generic"|' libstdc++-v3/configure.host + + # Configure + export CC="gcc -Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export CXX="g++ -Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export CFLAGS_FOR_TARGET="-Wl,-dynamic-linker -Wl,${musl}/lib/libc.so" + export LIBRARY_PATH="${musl}/lib" + + bash ./configure \ + --prefix=$out \ + --build=${buildPlatform.config} \ + --host=${hostPlatform.config} \ + --with-native-system-header-dir=/include \ + --with-sysroot=${musl} \ + --enable-languages=c,c++ \ + --disable-bootstrap \ + --disable-libsanitizer \ + --disable-lto \ + --disable-multilib \ + --disable-plugin + + # Build + make -j $NIX_BUILD_CORES + + # Install + make -j $NIX_BUILD_CORES install-strip +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gcc/libstdc++-target.patch b/pkgs/os-specific/linux/minimal-bootstrap/gcc/libstdc++-target.patch deleted file mode 100644 index fb622b39580..00000000000 --- a/pkgs/os-specific/linux/minimal-bootstrap/gcc/libstdc++-target.patch +++ /dev/null @@ -1,32 +0,0 @@ -Patch to make the target libraries 'configure' scripts find the proper CPP. -I noticed that building the mingw32 cross compiler. -Looking at the build script for mingw in archlinux, I think that only nixos -needs this patch. I don't know why. -diff --git a/Makefile.in b/Makefile.in -index 93f66b6..d691917 100644 ---- a/Makefile.in -+++ b/Makefile.in -@@ -266,6 +266,7 @@ BASE_TARGET_EXPORTS = \ - AR="$(AR_FOR_TARGET)"; export AR; \ - AS="$(COMPILER_AS_FOR_TARGET)"; export AS; \ - CC="$(CC_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS"; export CC; \ -+ CPP="$(CC_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS -E"; export CC; \ - CFLAGS="$(CFLAGS_FOR_TARGET)"; export CFLAGS; \ - CONFIG_SHELL="$(SHELL)"; export CONFIG_SHELL; \ - CPPFLAGS="$(CPPFLAGS_FOR_TARGET)"; export CPPFLAGS; \ -@@ -291,11 +292,13 @@ BASE_TARGET_EXPORTS = \ - RAW_CXX_TARGET_EXPORTS = \ - $(BASE_TARGET_EXPORTS) \ - CXX_FOR_TARGET="$(RAW_CXX_FOR_TARGET)"; export CXX_FOR_TARGET; \ -- CXX="$(RAW_CXX_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS"; export CXX; -+ CXX="$(RAW_CXX_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS"; export CXX; \ -+ CXXCPP="$(RAW_CXX_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS -E"; export CXX; - - NORMAL_TARGET_EXPORTS = \ - $(BASE_TARGET_EXPORTS) \ -- CXX="$(CXX_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS"; export CXX; -+ CXX="$(CXX_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS"; export CXX; \ -+ CXXCPP="$(CXX_FOR_TARGET) $(XGCC_FLAGS_FOR_TARGET) $$TFLAGS -E"; export CXX; - - # Where to find GMP - HOST_GMPLIBS = @gmplibs@ diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gcc/no-system-headers.patch b/pkgs/os-specific/linux/minimal-bootstrap/gcc/no-system-headers.patch new file mode 100644 index 00000000000..318553bf916 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gcc/no-system-headers.patch @@ -0,0 +1,11 @@ +--- a/gcc/Makefile.in ++++ b/gcc/Makefile.in +@@ -440,7 +440,7 @@ LINKER_PLUGIN_API_H = $(srcdir)/../include/plugin-api.h + LTO_SYMTAB_H = $(srcdir)/../include/lto-symtab.h + + # Default native SYSTEM_HEADER_DIR, to be overridden by targets. +-NATIVE_SYSTEM_HEADER_DIR = /usr/include ++# NATIVE_SYSTEM_HEADER_DIR = /usr/include + # Default cross SYSTEM_HEADER_DIR, to be overridden by targets. + CROSS_SYSTEM_HEADER_DIR = @CROSS_SYSTEM_HEADER_DIR@ + diff --git a/pkgs/os-specific/linux/minimal-bootstrap/glibc/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/glibc/default.nix deleted file mode 100644 index 5c4ff386add..00000000000 --- a/pkgs/os-specific/linux/minimal-bootstrap/glibc/default.nix +++ /dev/null @@ -1,121 +0,0 @@ -{ lib -, buildPlatform -, hostPlatform -, fetchurl -, bash -, gcc2-mes -, gnumake -, gnupatch -, gnused -, gnugrep -, gnutar -, gzip -, gawk -, heirloom -, binutils-mes -, linux-headers -}: -let - pname = "glibc"; - - buildGlibc = { version, src, patches, configureFlags, gcc, binutils, CC, CPP }: - bash.runCommand "${pname}-${version}" { - inherit pname version; - - nativeBuildInputs = [ - gcc - gnumake - gnupatch - gnused - gnugrep - gnutar - gzip - gawk - binutils - ]; - - meta = with lib; { - description = "The GNU C Library"; - homepage = "https://www.gnu.org/software/libc"; - license = licenses.lgpl2Plus; - maintainers = teams.minimal-bootstrap.members; - platforms = platforms.linux; - }; - } '' - # Unpack - tar xzf ${src} - cd glibc-${version} - - # Patch - ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} - - # Configure - export CC="${CC}" - export CPP="${CPP}" - bash ./configure --prefix=$out ${lib.concatStringsSep " " ( - [ - "--build=${buildPlatform.config}" - "--host=${hostPlatform.config}" - "--with-headers=${linux-headers}/include" - "--enable-static" - "--disable-shared" - ] ++ configureFlags)} - - # Build - make - - # Install - # GNU sed w/ mes-libc crashes on certain stdio actions - export PATH="${heirloom.sed}/bin:$PATH" - make install - ''; -in -{ - glibc22 = buildGlibc rec { - # GNU C Library 2.2.5 is the most recent glibc that we managed to build - # using gcc-2.95.3. Newer versions (2.3.x, 2.6, 2.1x) seem to need a newer - # gcc. - # - from guix/gnu/packages/commencement.scm - version = "2.2.5"; - src = fetchurl { - url = "mirror://gnu/glibc/glibc-${version}.tar.gz"; - sha256 = "1vl48i16gx6h68whjyhgnn1s57vqq32f9ygfa2fls7pdkbsqvp2q"; - }; - - patches = [ - # This patch enables building glibc-2.2.5 using TCC and GNU Make 4.x and Mes C Library. - # * Makefile: Do not assemble from stdin, use file indirection. - # * Makefile: Add new target: install-lib-all. - # * Makefile: Avoid building stub DOC. - # * [_LIBC_REENTRANT]: Add missing guarding. - # * [MES_BOOTSTRAP]: Disable some GCC extensions. - # * [MES_BOOTSTRAP]: Add missing GCC div/mod defines. - (fetchurl { - url = "https://git.savannah.gnu.org/cgit/guix.git/plain/gnu/packages/patches/glibc-boot-${version}.patch?id=50249cab3a98839ade2433456fe618acc6f804a5"; - sha256 = "1nyz2dr9g7scqwwygd6jvbl7xxpwh11ryvgdz8aikkkna02q1pm8"; - }) - # We want to allow builds in chroots that lack /bin/sh. Thus, system(3) - # and popen(3) need to be tweaked to use the right shell. For the bootstrap - # glibc, we just use whatever `sh' can be found in $PATH. The final glibc - # instead uses the hard-coded absolute file name of `bash'. - (fetchurl { - url = "https://git.savannah.gnu.org/cgit/guix.git/plain/gnu/packages/patches/glibc-bootstrap-system-${version}.patch?id=50249cab3a98839ade2433456fe618acc6f804a5"; - sha256 = "1l67w9rysrlsg2i0r210qxxn37h2969ba9lx7pp3ywlnikvi98m8"; - }) - ]; - - configureFlags = [ - "--disable-sanity-checks" - "--enable-static-nss" - "--without-__thread" - "--without-cvs" - "--without-gd" - "--without-tls" - ]; - - gcc = gcc2-mes; - binutils = binutils-mes; - CC = "gcc -D MES_BOOTSTRAP=1 -D BOOTSTRAP_GLIBC=1 -L $(pwd)"; - CPP = "gcc -E -D MES_BOOTSTRAP=1 -D BOOTSTRAP_GLIBC=1"; - }; -} diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnumake/musl.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/musl.nix new file mode 100644 index 00000000000..504095732e8 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/musl.nix @@ -0,0 +1,82 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, tinycc +, gnumakeBoot +, gnupatch +, gnused +, gnugrep +, gawk +, gnutar +, gzip +}: +let + pname = "gnumake-musl"; + version = "4.4.1"; + + src = fetchurl { + url = "mirror://gnu/make/make-${version}.tar.gz"; + hash = "sha256-3Rb7HWe/q3mnL16DkHNcSePo5wtJRaFasfgd23hlj7M="; + }; + + patches = [ + # Replaces /bin/sh with sh, see patch file for reasoning + ./0001-No-impure-bin-sh.patch + # Purity: don't look for library dependencies (of the form `-lfoo') in /lib + # and /usr/lib. It's a stupid feature anyway. Likewise, when searching for + # included Makefiles, don't look in /usr/include and friends. + ./0002-remove-impure-dirs.patch + ]; +in +bash.runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ + tinycc.compiler + gnumakeBoot + gnupatch + gnused + gnugrep + gawk + gnutar + gzip + ]; + + passthru.tests.get-version = result: + bash.runCommand "${pname}-get-version-${version}" {} '' + ${result}/bin/make --version + mkdir $out + ''; + + meta = with lib; { + description = "A tool to control the generation of non-source files from sources"; + homepage = "https://www.gnu.org/software/make"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + mainProgram = "make"; + platforms = platforms.unix; + }; +} '' + # Unpack + tar xzf ${src} + cd make-${version} + + # Patch + ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} + + # Configure + export CC="tcc -B ${tinycc.libs}/lib" + export LD=tcc + bash ./configure \ + --prefix=$out \ + --build=${buildPlatform.config} \ + --host=${hostPlatform.config} + + # Build + make AR="tcc -ar" + + # Install + make install +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnused/common.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnused/common.nix new file mode 100644 index 00000000000..658f05923ac --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnused/common.nix @@ -0,0 +1,12 @@ +{ lib }: + +{ + meta = with lib; { + description = "GNU sed, a batch stream editor"; + homepage = "https://www.gnu.org/software/sed"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + mainProgram = "sed"; + platforms = platforms.unix; + }; +} diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnused/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnused/default.nix index b5647b96ee3..ee566f93c16 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/gnused/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnused/default.nix @@ -4,41 +4,34 @@ , fetchurl , bash , gnumake -, mesBootstrap ? false, tinycc ? null -, gcc ? null, glibc ? null, binutils ? null, gnused ? null, linux-headers, gnugrep +, tinycc +, gnused +, gnugrep +, gnutar +, gzip }: -assert mesBootstrap -> tinycc != null; -assert !mesBootstrap -> gcc != null && glibc != null && binutils != null && gnused != null; + let - pname = "gnused" + lib.optionalString mesBootstrap "-mes"; - # last version that can be compiled with mes-libc - version = "4.0.9"; + inherit (import ./common.nix { inherit lib; }) meta; + pname = "gnused"; + # last version that can be bootstrapped with our slightly buggy gnused-mes + version = "4.2"; src = fetchurl { url = "mirror://gnu/sed/sed-${version}.tar.gz"; - sha256 = "0006gk1dw2582xsvgx6y6rzs9zw8b36rhafjwm288zqqji3qfrf3"; - }; - - # Thanks to the live-bootstrap project! - # See https://github.com/fosslinux/live-bootstrap/blob/1bc4296091c51f53a5598050c8956d16e945b0f5/sysa/sed-4.0.9/sed-4.0.9.kaem - makefile = fetchurl { - url = "https://github.com/fosslinux/live-bootstrap/raw/1bc4296091c51f53a5598050c8956d16e945b0f5/sysa/sed-4.0.9/mk/main.mk"; - sha256 = "0w1f5ri0g5zla31m6l6xyzbqwdvandqfnzrsw90dd6ak126w3mya"; + hash = "sha256-20XNY/0BDmUFN9ZdXfznaJplJ0UjZgbl5ceCk3Jn2YM="; }; in bash.runCommand "${pname}-${version}" { - inherit pname version; + inherit pname version meta; nativeBuildInputs = [ gnumake - ] ++ lib.optionals mesBootstrap [ tinycc.compiler - ] ++ lib.optionals (!mesBootstrap) [ - gcc - glibc - binutils gnused gnugrep + gnutar + gzip ]; passthru.tests.get-version = result: @@ -46,51 +39,25 @@ bash.runCommand "${pname}-${version}" { ${result}/bin/sed --version mkdir ''${out} ''; - - meta = with lib; { - description = "GNU sed, a batch stream editor"; - homepage = "https://www.gnu.org/software/sed"; - license = licenses.gpl3Plus; - maintainers = teams.minimal-bootstrap.members; - mainProgram = "sed"; - platforms = platforms.unix; - }; } ('' # Unpack - ungz --file ${src} --output sed.tar - untar --file sed.tar - rm sed.tar + tar xzf ${src} cd sed-${version} -'' + lib.optionalString mesBootstrap '' - # Configure - cp ${makefile} Makefile - catm config.h - - # Build - make \ - CC="tcc -B ${tinycc.libs}/lib" \ - LIBC=mes - -'' + lib.optionalString (!mesBootstrap) '' # Configure - export CC="gcc -I${glibc}/include -I${linux-headers}/include" - export LIBRARY_PATH="${glibc}/lib" - export LIBS="-lc -lnss_files -lnss_dns -lresolv" - chmod +x configure + export CC="tcc -B ${tinycc.libs}/lib" + export LD=tcc ./configure \ --build=${buildPlatform.config} \ --host=${hostPlatform.config} \ --disable-shared \ --disable-nls \ --disable-dependency-tracking \ - --without-included-regex \ --prefix=$out # Build - make + make AR="tcc -ar" -'' + '' # Install - make install PREFIX=$out + make install '') diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnused/mes.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnused/mes.nix new file mode 100644 index 00000000000..031b5b5f0db --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnused/mes.nix @@ -0,0 +1,59 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, gnumake +, tinycc +}: + +let + inherit (import ./common.nix { inherit lib; }) meta; + pname = "gnused-mes"; + # last version that can be compiled with mes-libc + version = "4.0.9"; + + src = fetchurl { + url = "mirror://gnu/sed/sed-${version}.tar.gz"; + sha256 = "0006gk1dw2582xsvgx6y6rzs9zw8b36rhafjwm288zqqji3qfrf3"; + }; + + # Thanks to the live-bootstrap project! + # See https://github.com/fosslinux/live-bootstrap/blob/1bc4296091c51f53a5598050c8956d16e945b0f5/sysa/sed-4.0.9/sed-4.0.9.kaem + makefile = fetchurl { + url = "https://github.com/fosslinux/live-bootstrap/raw/1bc4296091c51f53a5598050c8956d16e945b0f5/sysa/sed-4.0.9/mk/main.mk"; + sha256 = "0w1f5ri0g5zla31m6l6xyzbqwdvandqfnzrsw90dd6ak126w3mya"; + }; +in +bash.runCommand "${pname}-${version}" { + inherit pname version meta; + + nativeBuildInputs = [ + gnumake + tinycc.compiler + ]; + + passthru.tests.get-version = result: + bash.runCommand "${pname}-get-version-${version}" {} '' + ${result}/bin/sed --version + mkdir ''${out} + ''; +} ('' + # Unpack + ungz --file ${src} --output sed.tar + untar --file sed.tar + rm sed.tar + cd sed-${version} + + # Configure + cp ${makefile} Makefile + catm config.h + + # Build + make \ + CC="tcc -B ${tinycc.libs}/lib" \ + LIBC=mes + + # Install + make install PREFIX=$out +'') diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnutar/latest.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnutar/latest.nix new file mode 100644 index 00000000000..717ea9868fd --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnutar/latest.nix @@ -0,0 +1,71 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, gcc +, musl +, binutils +, gnumake +, gnused +, gnugrep +, gawk +, gzip +, gnutarBoot +}: +let + pname = "gnutar"; + version = "1.35"; + + src = fetchurl { + url = "mirror://gnu/tar/tar-${version}.tar.gz"; + hash = "sha256-FNVeMgY+qVJuBX+/Nfyr1TN452l4fv95GcN1WwLStX4="; + }; +in +bash.runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ + gcc + musl + binutils + gnumake + gnused + gnugrep + gawk + gzip + gnutarBoot + ]; + + passthru.tests.get-version = result: + bash.runCommand "${pname}-get-version-${version}" {} '' + ${result}/bin/tar --version + mkdir $out + ''; + + meta = with lib; { + description = "GNU implementation of the `tar' archiver"; + homepage = "https://www.gnu.org/software/tar"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + mainProgram = "tar"; + platforms = platforms.unix; + }; +} '' + # Unpack + tar xzf ${src} + cd tar-${version} + + # Configure + bash ./configure \ + --prefix=$out \ + --build=${buildPlatform.config} \ + --host=${hostPlatform.config} \ + CC=musl-gcc + + # Build + make -j $NIX_BUILD_CORES + + # Install + make -j $NIX_BUILD_CORES install +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnutar/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnutar/mes.nix index e07561b3e7e..e07561b3e7e 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/gnutar/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnutar/mes.nix diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnutar/musl.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnutar/musl.nix new file mode 100644 index 00000000000..0818a0de39a --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnutar/musl.nix @@ -0,0 +1,70 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, tinycc +, gnumake +, gnugrep +, gnused +}: +let + # gnutar with musl preserves modify times, allowing make to not try + # rebuilding pregenerated files + pname = "gnutar-musl"; + version = "1.12"; + + src = fetchurl { + url = "mirror://gnu/tar/tar-${version}.tar.gz"; + hash = "sha256-xsN+iIsTbM76uQPFEUn0t71lnWnUrqISRfYQU6V6pgo="; + }; +in +bash.runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ + tinycc.compiler + gnumake + gnused + gnugrep + ]; + + passthru.tests.get-version = result: + bash.runCommand "${pname}-get-version-${version}" {} '' + ${result}/bin/tar --version + mkdir $out + ''; + + meta = with lib; { + description = "GNU implementation of the `tar' archiver"; + homepage = "https://www.gnu.org/software/tar"; + license = licenses.gpl3Plus; + maintainers = teams.minimal-bootstrap.members; + mainProgram = "tar"; + platforms = platforms.unix; + }; +} '' + # Unpack + ungz --file ${src} --output tar.tar + untar --file tar.tar + rm tar.tar + cd tar-${version} + + # Configure + export CC="tcc -B ${tinycc.libs}/lib" + export LD=tcc + export ac_cv_sizeof_unsigned_long=4 + export ac_cv_sizeof_long_long=8 + export ac_cv_header_netdb_h=no + bash ./configure \ + --prefix=$out \ + --build=${buildPlatform.config} \ + --host=${hostPlatform.config} \ + --disable-nls + + # Build + make AR="tcc -ar" + + # Install + make install +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/musl/1.1.nix b/pkgs/os-specific/linux/minimal-bootstrap/musl/1.1.nix new file mode 100644 index 00000000000..704ee42edeb --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/musl/1.1.nix @@ -0,0 +1,116 @@ +{ lib +, buildPlatform +, hostPlatform +, fetchurl +, bash +, tinycc +, gnumake +, gnupatch +, gnused +, gnugrep +, gnutar +, gzip +}: + +let + inherit (import ./common.nix { inherit lib; }) pname meta; + version = "1.1.24"; + + src = fetchurl { + url = "https://musl.libc.org/releases/musl-${version}.tar.gz"; + hash = "sha256-E3DJqBKyzyp9koAlEMygBYzDfmanvt1wBR8KNAFQIqM="; + }; + + # Thanks to the live-bootstrap project! + # See https://github.com/fosslinux/live-bootstrap/blob/d98f97e21413efc32c770d0356f1feda66025686/sysa/musl-1.1.24/musl-1.1.24.sh + liveBootstrap = "https://github.com/fosslinux/live-bootstrap/raw/d98f97e21413efc32c770d0356f1feda66025686/sysa/musl-1.1.24"; + patches = [ + (fetchurl { + url = "${liveBootstrap}/patches/avoid_set_thread_area.patch"; + hash = "sha256-TsbBZXk4/KMZG9EKi7cF+sullVXrxlizLNH0UHGXsPs="; + }) + (fetchurl { + url = "${liveBootstrap}/patches/avoid_sys_clone.patch"; + hash = "sha256-/ZmH64J57MmbxdfQ4RNjamAiBdkImMTlHsHdgV4gMj4="; + }) + (fetchurl { + url = "${liveBootstrap}/patches/fenv.patch"; + hash = "sha256-vMVGjoN4deAJW5gsSqA207SJqAbvhrnOsGK49DdEiTI="; + }) + (fetchurl { + url = "${liveBootstrap}/patches/makefile.patch"; + hash = "sha256-03iYBAUnsrEdLIIhhhq5mM6BGnPn2EfUmIHu51opxbw="; + }) + (fetchurl { + url = "${liveBootstrap}/patches/musl_weak_symbols.patch"; + hash = "sha256-/d9a2eUkpe9uyi1ye6T4CiYc9MR3FZ9na0Gb90+g4v0="; + }) + (fetchurl { + url = "${liveBootstrap}/patches/set_thread_area.patch"; + hash = "sha256-RIZYqbbRSx4X/0iFUhriwwBRmoXVR295GNBUjf2UrM0="; + }) + (fetchurl { + url = "${liveBootstrap}/patches/sigsetjmp.patch"; + hash = "sha256-wd2Aev1zPJXy3q933aiup5p1IMKzVJBquAyl3gbK4PU="; + }) + # FIXME: this patch causes the build to fail + # (fetchurl { + # url = "${liveBootstrap}/patches/stdio_flush_on_exit.patch"; + # hash = "sha256-/z5ze3h3QTysay8nRvyvwPv3pmTcKptdkBIaMCoeLDg="; + # }) + # HACK: always flush stdio immediately + ./always-flush.patch + (fetchurl { + url = "${liveBootstrap}/patches/va_list.patch"; + hash = "sha256-UmcMIl+YCi3wIeVvjbsCyqFlkyYsM4ECNwTfXP+s7vg="; + }) + ]; +in +bash.runCommand "${pname}-${version}" { + inherit pname version meta; + + nativeBuildInputs = [ + tinycc.compiler + gnumake + gnupatch + gnused + gnugrep + gnutar + gzip + ]; +} '' + # Unpack + tar xzf ${src} + cd musl-${version} + + # Patch + ${lib.concatMapStringsSep "\n" (f: "patch -Np0 -i ${f}") patches} + # tcc does not support complex types + rm -rf src/complex + # Configure fails without this + mkdir -p /dev + # https://github.com/ZilchOS/bootstrap-from-tcc/blob/2e0c68c36b3437386f786d619bc9a16177f2e149/using-nix/2a3-intermediate-musl.nix + sed -i 's|/bin/sh|${bash}/bin/bash|' \ + tools/*.sh + chmod 755 tools/*.sh + # patch popen/system to search in PATH instead of hardcoding /bin/sh + sed -i 's|posix_spawn(&pid, "/bin/sh",|posix_spawnp(\&pid, "sh",|' \ + src/stdio/popen.c src/process/system.c + sed -i 's|execl("/bin/sh", "sh", "-c",|execlp("sh", "-c",|'\ + src/misc/wordexp.c + + # Configure + bash ./configure \ + --prefix=$out \ + --build=${buildPlatform.config} \ + --host=${hostPlatform.config} \ + --disable-shared \ + CC=tcc + + # Build + make AR="tcc -ar" RANLIB=true CFLAGS="-DSYSCALL_NO_TLS" + + # Install + make install + cp ${tinycc.libs}/lib/libtcc1.a $out/lib +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/musl/always-flush.patch b/pkgs/os-specific/linux/minimal-bootstrap/musl/always-flush.patch new file mode 100644 index 00000000000..cdeddf962d9 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/musl/always-flush.patch @@ -0,0 +1,12 @@ +diff --git src/env/__libc_start_main.c src/env/__libc_start_main.c +index 8fbe526..9476c22 100644 +--- src/env/__libc_start_main.c ++++ src/env/__libc_start_main.c +@@ -91,6 +91,7 @@ static int libc_start_main_stage2(int (*main)(int,char **,char **), int argc, ch + __libc_start_init(); + + /* Pass control to the application */ ++ setbuf(stdout, NULL); + exit(main(argc, argv, envp)); + return 0; + } diff --git a/pkgs/os-specific/linux/minimal-bootstrap/musl/common.nix b/pkgs/os-specific/linux/minimal-bootstrap/musl/common.nix new file mode 100644 index 00000000000..52db5f94742 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/musl/common.nix @@ -0,0 +1,13 @@ +{ lib }: + +{ + pname = "musl"; + + meta = with lib; { + description = "An efficient, small, quality libc implementation"; + homepage = "https://musl.libc.org"; + license = licenses.mit; + maintainers = teams.minimal-bootstrap.members; + platforms = platforms.unix; + }; +} diff --git a/pkgs/os-specific/linux/minimal-bootstrap/musl/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/musl/default.nix index c252d60328e..437ef342f6a 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/musl/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/musl/default.nix @@ -8,12 +8,11 @@ , gnumake , gnugrep , gnused -, gawk , gnutar , gzip }: let - pname = "musl"; + inherit (import ./common.nix { inherit lib; }) pname meta; version = "1.2.4"; src = fetchurl { @@ -22,7 +21,7 @@ let }; in bash.runCommand "${pname}-${version}" { - inherit pname version; + inherit pname version meta; nativeBuildInputs = [ gcc @@ -30,14 +29,13 @@ bash.runCommand "${pname}-${version}" { gnumake gnused gnugrep - gawk gnutar gzip ]; passthru.tests.hello-world = result: bash.runCommand "${pname}-simple-program-${version}" { - nativeBuildInputs = [ gcc binutils ]; + nativeBuildInputs = [ gcc binutils result ]; } '' cat <<EOF >> test.c #include <stdio.h> @@ -46,18 +44,10 @@ bash.runCommand "${pname}-${version}" { return 0; } EOF - gcc -static -B${result}/lib -I${result}/include -o test test.c + musl-gcc -o test test.c ./test mkdir $out ''; - - meta = with lib; { - description = "An efficient, small, quality libc implementation"; - homepage = "https://musl.libc.org"; - license = licenses.mit; - maintainers = teams.minimal-bootstrap.members; - platforms = platforms.unix; - }; } '' # Unpack tar xzf ${src} @@ -77,11 +67,15 @@ bash.runCommand "${pname}-${version}" { bash ./configure \ --prefix=$out \ --build=${buildPlatform.config} \ - --host=${hostPlatform.config} + --host=${hostPlatform.config} \ + --syslibdir=$out/lib \ + --enable-wrapper # Build - make + make -j $NIX_BUILD_CORES # Install - make install + make -j $NIX_BUILD_CORES install + sed -i 's|/bin/sh|${bash}/bin/bash|' $out/bin/* + ln -s ../lib/libc.so $out/bin/ldd '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/bootstrap-sources.nix b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/bootstrap-sources.nix index 203b480326e..7f2e8ab81a3 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/bootstrap-sources.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/bootstrap-sources.nix @@ -1,13 +1,12 @@ -{ +{ hostPlatform }: rec { - name = "stage0-posix-${version}-${rev}-source"; - # Pinned from https://github.com/oriansj/stage0-posix/commit/3189b5f325b7ef8b88e3edec7c1cde4fce73c76c - version = "unstable-2023-05-02"; - rev = "3189b5f325b7ef8b88e3edec7c1cde4fce73c76c"; + name = "stage0-posix-${version}-source"; + version = "1.6.0"; + rev = "Release_${version}"; outputHashAlgo = "sha256"; - outputHash = "sha256-FpMp7z+B3cR3LkQ+PooH/b1/NlxH8NHVJNWifaPWt4U="; + outputHash = "sha256-epUaShjKiAd749ICvc6rS6WhUkS8R4heKuPdwUjEtsQ="; /* Since `make-minimal-bootstrap-sources` requires nixpkgs and nix it @@ -65,7 +64,7 @@ rec { */ minimal-bootstrap-sources = derivation { inherit name; - system = builtins.currentSystem; + system = hostPlatform.system; outputHashMode = "recursive"; inherit outputHashAlgo outputHash; diff --git a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/hex0.nix b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/hex0.nix index 996f2f33ea3..9808e25711c 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/hex0.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/hex0.nix @@ -9,8 +9,9 @@ let hash = { - "x86" = "sha256-QU3RPGy51W7M2xnfFY1IqruKzusrSLU+L190ztN6JW8="; - "AMD64" = "sha256-RCgK9oZRDQUiWLVkcIBSR2HeoB+Bh0czthrpjFEkCaY="; + "AArch64" = "sha256-XTPsoKeI6wTZAF0UwEJPzuHelWOJe//wXg4HYO0dEJo="; + "AMD64" = "sha256-RCgK9oZRDQUiWLVkcIBSR2HeoB+Bh0czthrpjFEkCaY="; + "x86" = "sha256-QU3RPGy51W7M2xnfFY1IqruKzusrSLU+L190ztN6JW8="; }.${stage0Arch} or (throw "Unsupported system: ${hostPlatform.system}"); # Pinned from https://github.com/oriansj/stage0-posix/commit/3189b5f325b7ef8b88e3edec7c1cde4fce73c76c diff --git a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/make-bootstrap-sources.nix b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/make-bootstrap-sources.nix index 2675d055aec..6cc7cddb82a 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/make-bootstrap-sources.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/make-bootstrap-sources.nix @@ -12,11 +12,13 @@ # { lib +, hostPlatform , fetchFromGitHub +, fetchpatch }: let - expected = import ./bootstrap-sources.nix { }; + expected = import ./bootstrap-sources.nix { inherit hostPlatform; }; in fetchFromGitHub { @@ -37,6 +39,13 @@ fetchFromGitHub { $out/M2-Planet/M2libc \ $out/mescc-tools/M2libc \ $out/mescc-tools-extra/M2libc + + # aarch64: syscall: mkdir -> mkdirat + # https://github.com/oriansj/M2libc/pull/17 + patch -Np1 -d $out/M2libc -i ${(fetchpatch { + url = "https://github.com/oriansj/M2libc/commit/ff7c3023b3ab6cfcffc5364620b25f8d0279e96b.patch"; + hash = "sha256-QAKddv4TixIQHpFa9SVu9fAkeKbzhQaxjaWzW2yJy7A="; + })} ''; meta = with lib; { diff --git a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/mescc-tools-boot.nix b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/mescc-tools-boot.nix index 65f0fb4c2ff..2114ffc707b 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/mescc-tools-boot.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/mescc-tools-boot.nix @@ -83,7 +83,11 @@ rec { # Phase-2b Build catm from hex2 # ################################# - catm = run "catm" hex2-0 ["${src}/${stage0Arch}/catm_${stage0Arch}.hex2" out]; + catm = + if hostPlatform.isAarch64 then + run "catm" hex1 ["${src}/${stage0Arch}/catm_${stage0Arch}.hex1" out] + else + run "catm" hex2-0 ["${src}/${stage0Arch}/catm_${stage0Arch}.hex2" out]; # catm removes the need for cat or shell support for redirection by providing # equivalent functionality via catm output_file input1 input2 ... inputN diff --git a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/platforms.nix b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/platforms.nix index c68f7630f3d..53147df3344 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/platforms.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/stage0-posix/platforms.nix @@ -6,14 +6,16 @@ rec { # meta.platforms platforms = [ + "aarch64-linux" "i686-linux" "x86_64-linux" ]; # system arch as used within the stage0 project stage0Arch = { - "i686-linux" = "x86"; - "x86_64-linux" = "AMD64"; + "aarch64-linux" = "AArch64"; + "i686-linux" = "x86"; + "x86_64-linux" = "AMD64"; }.${hostPlatform.system} or (throw "Unsupported system: ${hostPlatform.system}"); # lower-case form is widely used by m2libc @@ -23,7 +25,8 @@ rec { m2libcOS = if hostPlatform.isLinux then "linux" else throw "Unsupported system: ${hostPlatform.system}"; baseAddress = { - "i686-linux" = "0x08048000"; - "x86_64-linux" = "0x00600000"; + "aarch64-linux" = "0x00600000"; + "i686-linux" = "0x08048000"; + "x86_64-linux" = "0x00600000"; }.${hostPlatform.system} or (throw "Unsupported system: ${hostPlatform.system}"); } diff --git a/pkgs/os-specific/linux/minimal-bootstrap/tinycc/ignore-duplicate-symbols.patch b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/ignore-duplicate-symbols.patch new file mode 100644 index 00000000000..0aec8b465bf --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/ignore-duplicate-symbols.patch @@ -0,0 +1,13 @@ +--- tccelf.c ++++ tccelf.c +@@ -710,8 +710,9 @@ ST_FUNC int set_elf_sym(Section *s, addr_t value, unsigned long size, + #if 0 + printf("new_bind=%x new_shndx=%x new_vis=%x old_bind=%x old_shndx=%x old_vis=%x\n", + sym_bind, shndx, new_vis, esym_bind, esym->st_shndx, esym_vis); +-#endif + tcc_error_noabort("'%s' defined twice", name); ++#endif ++ goto do_patch; + } + } else { + esym->st_other = other; diff --git a/pkgs/os-specific/linux/minimal-bootstrap/tinycc/ignore-static-inside-array.patch b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/ignore-static-inside-array.patch new file mode 100644 index 00000000000..8dc2fe3fcfb --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/ignore-static-inside-array.patch @@ -0,0 +1,21 @@ +--- tccgen.c ++++ tccgen.c +@@ -4941,7 +4941,7 @@ static int post_type(CType *type, AttributeDef *ad, int storage, int td) + next(); + n = -1; + t1 = 0; +- if (td & TYPE_PARAM) while (1) { ++ while (1) { + /* XXX The optional type-quals and static should only be accepted + in parameter decls. The '*' as well, and then even only + in prototypes (not function defs). */ +@@ -4972,7 +4972,8 @@ static int post_type(CType *type, AttributeDef *ad, int storage, int td) + } + break; + +- } else if (tok != ']') { ++ } ++ if (tok != ']') { + if (!local_stack || (storage & VT_STATIC)) + vpushi(expr_const()); + else { diff --git a/pkgs/os-specific/linux/minimal-bootstrap/tinycc/musl.nix b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/musl.nix new file mode 100644 index 00000000000..4d26faac20b --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/musl.nix @@ -0,0 +1,155 @@ +{ lib +, fetchurl +, callPackage +, bash +, tinycc-bootstrappable +, musl +, gnupatch +, gnutar +, gzip +}: +let + pname = "tinycc-musl"; + # next commit introduces use of realpath (unsupported in mes-libc) + version = "unstable-2023-07-10"; + rev = "fd6d2180c5c801bb0b4c5dde27d61503059fc97d"; + + src = fetchurl { + url = "https://repo.or.cz/tinycc.git/snapshot/${rev}.tar.gz"; + hash = "sha256-R81SNbEmh4s9FNQxCWZwUiMCYRkkwOHAdRf0aMnnRiA="; + }; + + patches = [ + ./ignore-duplicate-symbols.patch + ./ignore-static-inside-array.patch + ./static-link.patch + ]; + + meta = with lib; { + description = "Small, fast, and embeddable C compiler and interpreter"; + homepage = "https://repo.or.cz/w/tinycc.git"; + license = licenses.lgpl21Only; + maintainers = teams.minimal-bootstrap.members; + platforms = [ "i686-linux" ]; + }; + + tinycc-musl = bash.runCommand "${pname}-${version}" { + inherit pname version meta; + + nativeBuildInputs = [ + tinycc-bootstrappable.compiler + gnupatch + gnutar + gzip + ]; + } '' + # Unpack + tar xzf ${src} + cd tinycc-${builtins.substring 0 7 rev} + + # Patch + ${lib.concatMapStringsSep "\n" (f: "patch -Np0 -i ${f}") patches} + + # Configure + touch config.h + + # Build + # We first have to recompile using tcc-0.9.26 as tcc-0.9.27 is not self-hosting, + # but when linked with musl it is. + ln -s ${musl}/lib/libtcc1.a ./libtcc1.a + + tcc \ + -B ${tinycc-bootstrappable.libs}/lib \ + -DC2STR \ + -o c2str \ + conftest.c + ./c2str include/tccdefs.h tccdefs_.h + + tcc -v \ + -static \ + -o tcc-musl \ + -D TCC_TARGET_I386=1 \ + -D CONFIG_TCCDIR=\"\" \ + -D CONFIG_TCC_CRTPREFIX=\"{B}\" \ + -D CONFIG_TCC_ELFINTERP=\"/musl/loader\" \ + -D CONFIG_TCC_LIBPATHS=\"{B}\" \ + -D CONFIG_TCC_SYSINCLUDEPATHS=\"${musl}/include\" \ + -D TCC_LIBGCC=\"libc.a\" \ + -D TCC_LIBTCC1=\"libtcc1.a\" \ + -D CONFIG_TCC_STATIC=1 \ + -D CONFIG_USE_LIBGCC=1 \ + -D TCC_VERSION=\"0.9.27\" \ + -D ONE_SOURCE=1 \ + -D TCC_MUSL=1 \ + -D CONFIG_TCC_PREDEFS=1 \ + -D CONFIG_TCC_SEMLOCK=0 \ + -B . \ + -B ${tinycc-bootstrappable.libs}/lib \ + tcc.c + # libtcc1.a + rm -f libtcc1.a + tcc -c -D HAVE_CONFIG_H=1 lib/libtcc1.c + tcc -ar cr libtcc1.a libtcc1.o + + # Rebuild tcc-musl with itself + ./tcc-musl \ + -v \ + -static \ + -o tcc-musl \ + -D TCC_TARGET_I386=1 \ + -D CONFIG_TCCDIR=\"\" \ + -D CONFIG_TCC_CRTPREFIX=\"{B}\" \ + -D CONFIG_TCC_ELFINTERP=\"/musl/loader\" \ + -D CONFIG_TCC_LIBPATHS=\"{B}\" \ + -D CONFIG_TCC_SYSINCLUDEPATHS=\"${musl}/include\" \ + -D TCC_LIBGCC=\"libc.a\" \ + -D TCC_LIBTCC1=\"libtcc1.a\" \ + -D CONFIG_TCC_STATIC=1 \ + -D CONFIG_USE_LIBGCC=1 \ + -D TCC_VERSION=\"0.9.27\" \ + -D ONE_SOURCE=1 \ + -D TCC_MUSL=1 \ + -D CONFIG_TCC_PREDEFS=1 \ + -D CONFIG_TCC_SEMLOCK=0 \ + -B . \ + -B ${musl}/lib \ + tcc.c + # libtcc1.a + rm -f libtcc1.a + ./tcc-musl -c -D HAVE_CONFIG_H=1 lib/libtcc1.c + ./tcc-musl -c -D HAVE_CONFIG_H=1 lib/alloca.S + ./tcc-musl -ar cr libtcc1.a libtcc1.o alloca.o + + # Install + install -D tcc-musl $out/bin/tcc + install -Dm444 libtcc1.a $out/lib/libtcc1.a + ''; +in +{ + compiler = bash.runCommand "${pname}-${version}-compiler" { + inherit pname version meta; + passthru.tests.hello-world = result: + bash.runCommand "${pname}-simple-program-${version}" {} '' + cat <<EOF >> test.c + #include <stdio.h> + int main() { + printf("Hello World!\n"); + return 0; + } + EOF + ${result}/bin/tcc -v -static -B${musl}/lib -o test test.c + ./test + mkdir $out + ''; + passthru.tinycc-musl = tinycc-musl; + } "install -D ${tinycc-musl}/bin/tcc $out/bin/tcc"; + + libs = bash.runCommand "${pname}-${version}-libs" { + inherit pname version meta; + } '' + mkdir $out + cp -r ${musl}/* $out + chmod +w $out/lib/libtcc1.a + cp ${tinycc-musl}/lib/libtcc1.a $out/lib/libtcc1.a + ''; +} diff --git a/pkgs/os-specific/linux/minimal-bootstrap/tinycc/static-link.patch b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/static-link.patch new file mode 100644 index 00000000000..671a3b37f98 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/tinycc/static-link.patch @@ -0,0 +1,10 @@ +--- libtcc.c ++++ libtcc.c +@@ -793,6 +793,7 @@ LIBTCCAPI TCCState *tcc_new(void) + + s->gnu_ext = 1; + s->tcc_ext = 1; ++ s->static_link = 1; + s->nocommon = 1; + s->dollars_in_identifiers = 1; /*on by default like in gcc/clang*/ + s->cversion = 199901; /* default unless -std=c11 is supplied */ diff --git a/pkgs/os-specific/linux/minimal-bootstrap/xz/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/xz/default.nix index 92cb240c5f1..8dcccbacaca 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/xz/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/xz/default.nix @@ -5,18 +5,19 @@ , bash , tinycc , gnumake +, gnused , gnugrep , gawk -, sed +, gnutar +, gzip }: let pname = "xz"; - # >=5.2 uses poll.h, unsupported by meslibc - version = "5.0.8"; + version = "5.4.3"; src = fetchurl { - url = "https://tukaani.org/xz/xz-${version}.tar.bz2"; - sha256 = "1nkb68dyrf16xwyqichcy1vhgbfg20dxz459rcsdx85h1gczk1i2"; + url = "https://tukaani.org/xz/xz-${version}.tar.gz"; + hash = "sha256-HDguC8Lk4K9YOYqQPdYv/35RAXHS3keh6+BtFSjpt+k="; }; in bash.runCommand "${pname}-${version}" { @@ -25,9 +26,11 @@ bash.runCommand "${pname}-${version}" { nativeBuildInputs = [ tinycc.compiler gnumake + gnused gnugrep gawk - sed + gnutar + gzip ]; passthru.tests.get-version = result: @@ -45,34 +48,23 @@ bash.runCommand "${pname}-${version}" { }; } '' # Unpack - unbz2 --file ${src} --output xz.tar - untar --file xz.tar - rm xz.tar + tar xzf ${src} cd xz-${version} # Configure - export CC="tcc -B ${tinycc.libs}/lib -include${./stubs.h}" - export CPP="tcc -E" - export LD=tcc + export CC="tcc -B ${tinycc.libs}/lib" export AR="tcc -ar" - export SED=sed - export ac_cv_prog_cc_c99= - export ac_cv_header_fcntl_h=yes - export ac_cv_header_limits_h=yes - export ac_cv_header_sys_time_h=yes - export ac_cv_func_utime=no + export LD=tcc bash ./configure \ --prefix=$out \ --build=${buildPlatform.config} \ --host=${hostPlatform.config} \ --disable-shared \ - --disable-nls \ - --disable-threads \ --disable-assembler # Build - make all + make -j $NIX_BUILD_CORES # Install - make install + make -j $NIX_BUILD_CORES install '' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/xz/stubs.h b/pkgs/os-specific/linux/minimal-bootstrap/xz/stubs.h deleted file mode 100644 index cbf6f823299..00000000000 --- a/pkgs/os-specific/linux/minimal-bootstrap/xz/stubs.h +++ /dev/null @@ -1,25 +0,0 @@ -#define sig_atomic_t int - -#define SSIZE_MAX LONG_MAX - -#define O_NOCTTY 0400 -#define O_NONBLOCK 04000 - -#define S_ISVTX 01000 -#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK) - -int fchmod (int fd, int mode) -{ - return 0; -} - -int fchown (int fd, int owner, int group) -{ - return 0; -} - -#include <signal.h> -int sigfillset (sigset_t * set) -{ - return 0; -} diff --git a/pkgs/os-specific/linux/mmc-utils/default.nix b/pkgs/os-specific/linux/mmc-utils/default.nix index 58ceb7404b9..0fea46da56d 100644 --- a/pkgs/os-specific/linux/mmc-utils/default.nix +++ b/pkgs/os-specific/linux/mmc-utils/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation { pname = "mmc-utils"; - version = "unstable-2023-08-07"; + version = "unstable-2023-10-10"; src = fetchzip rec { url = "https://git.kernel.org/pub/scm/utils/mmc/mmc-utils.git/snapshot/mmc-utils-${passthru.rev}.tar.gz"; - passthru.rev = "613495ecaca97a19fa7f8f3ea23306472b36453c"; - sha256 = "zOjm/YDxqU6bu6GMyQTuzuZbrCfaU4FBodRWLb8GTdE="; + passthru.rev = "b5ca140312d279ad2f22068fd72a6230eea13436"; + sha256 = "QU4r8eajrrhT6u6WHEf1xtB1iyecBeHxu4vS+QcwAgM="; }; makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" "prefix=$(out)" ]; diff --git a/pkgs/os-specific/linux/mstflint_access/default.nix b/pkgs/os-specific/linux/mstflint_access/default.nix new file mode 100644 index 00000000000..6e29e27ccbf --- /dev/null +++ b/pkgs/os-specific/linux/mstflint_access/default.nix @@ -0,0 +1,40 @@ +{ lib, stdenv, fetchurl, kernel, kmod, mstflint }: + +stdenv.mkDerivation rec { + pname = "mstflint_access"; + inherit (mstflint) version; + + src = fetchurl { + url = "https://github.com/Mellanox/mstflint/releases/download/v${version}/kernel-mstflint-${version}.tar.gz"; + hash = "sha256-rfZts0m8x6clVazpbAa2xK+dYgRU9Us5rbcWa0uHJ1M="; + }; + + nativeBuildInputs = [ kmod ] ++ kernel.moduleBuildDependencies; + + makeFlags = kernel.makeFlags ++ [ + "KVER=${kernel.modDirVersion}" + "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + enableParallelBuilding = true; + + preConfigure = lib.optionals (lib.versionAtLeast kernel.version "6.4") '' + sed -i "s/class_create(THIS_MODULE, dev->name)/class_create(dev->name)/g" mst_main.c + ''; + + installPhase = '' + runHook preInstall + + install -D ${pname}.ko $out/lib/modules/${kernel.modDirVersion}/extra/${pname}.ko + + runHook postInstall + ''; + + meta = with lib; { + description = "A kernel module for Nvidia NIC firmware update"; + homepage = "https://github.com/Mellanox/mstflint"; + license = [ licenses.gpl2Only ]; + maintainers = with maintainers; [ thillux ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/nct6687d/default.nix b/pkgs/os-specific/linux/nct6687d/default.nix new file mode 100644 index 00000000000..493d0e6af10 --- /dev/null +++ b/pkgs/os-specific/linux/nct6687d/default.nix @@ -0,0 +1,40 @@ +{ lib +, stdenv +, fetchFromGitHub +, kernel +}: + +stdenv.mkDerivation rec { + pname = "nct6687d"; + version = "unstable-2023-09-22"; + + src = fetchFromGitHub { + owner = "Fred78290"; + repo = "nct6687d"; + rev = "cdfe855342a9383a9c4c918d51576c36d989070d"; + hash = "sha256-iOLWxj4I6oYkNXFSkmw7meTQEnrIfb4Mw+/LkzgzDxM="; + }; + + setSourceRoot = '' + export sourceRoot=$(pwd)/source + ''; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + makeFlags = kernel.makeFlags ++ [ + "-C" "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "M=$(sourceRoot)" + ]; + + buildFlags = [ "modules" ]; + installFlags = [ "INSTALL_MOD_PATH=${placeholder "out"}" ]; + installTargets = [ "modules_install" ]; + + meta = with lib; { + description = "Kernel module for the Nuvoton NCT6687-R chipset found on many B550/B650 motherboards from ASUS and MSI"; + license = with licenses; [ gpl2Only ]; + homepage = "https://github.com/Fred78290/nct6687d/"; + platforms = platforms.linux; + maintainers = with maintainers; [ atemu ]; + }; +} diff --git a/pkgs/os-specific/linux/net-tools/default.nix b/pkgs/os-specific/linux/net-tools/default.nix index 9630b5c0c7a..bedeaadc294 100644 --- a/pkgs/os-specific/linux/net-tools/default.nix +++ b/pkgs/os-specific/linux/net-tools/default.nix @@ -5,7 +5,7 @@ stdenv.mkDerivation rec { version = "2.10"; src = fetchurl { - url = "mirror://gentoo/distfiles/${pname}-${version}.tar.xz"; + url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.xz"; sha256 = "sha256-smJDWlJB6Jv6UcPKvVEzdTlS96e3uT8y4Iy52W9YDWk="; }; diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index e84d6aa6ac5..4482170d346 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -11,12 +11,12 @@ }: stdenv.mkDerivation rec { - version = "1.0.8"; + version = "1.0.9"; pname = "nftables"; src = fetchurl { url = "https://netfilter.org/projects/nftables/files/${pname}-${version}.tar.xz"; - hash = "sha256-k3N0DeQagtvJiBjgpGoHP664qNBon6T6GnQ5nDK/PVA="; + hash = "sha256-o8MEzZugYSOe4EdPmvuTipu5nYm5YCRvZvDDoKheFM0="; }; nativeBuildInputs = [ @@ -44,7 +44,8 @@ stdenv.mkDerivation rec { ++ lib.optional withXtables "--with-xtables"; passthru.tests = { - inherit (nixosTests) firewall-nftables lxd-nftables; + inherit (nixosTests) firewall-nftables; + lxd-nftables = nixosTests.lxd.nftables; nat = { inherit (nixosTests.nat.nftables) firewall standalone; }; }; diff --git a/pkgs/os-specific/linux/nixos-rebuild/_nixos-rebuild b/pkgs/os-specific/linux/nixos-rebuild/_nixos-rebuild new file mode 100644 index 00000000000..84e8d223bd8 --- /dev/null +++ b/pkgs/os-specific/linux/nixos-rebuild/_nixos-rebuild @@ -0,0 +1,165 @@ +#!/usr/bin/env bash + +# We're faking a `nix build` command-line to re-use Nix's own completion +# for the few options passed through to Nix. +_nixos-rebuild_pretend-nix() { + COMP_LINE="nix build ${COMP_LINE}" + # number of prepended chars + (( COMP_POINT = COMP_POINT + 10)) + + COMP_WORDS=( + nix build + "${COMP_WORDS[@]}" + ) + # Add the amount of prepended words + (( COMP_CWORD = COMP_CWORD + 2)) + _complete_nix "nix" +} + +_nixos-rebuild() { + local curr="$2" + local prev="$3" + local subcommandGiven=0 + local word + local subcommand + + __load_completion nix + + # Arrays are re-ordered by the completion, so it's fine to sort them in logical chunks + local all_args=( + --verbose -v + + # nixos-rebuild options + --fast + --no-build-nix + --profile-name -p # name + --rollback + --specialisation -c # name + --use-remote-sudo + --build-host # host + --target-host # host + # Used with list-generations + --json + + # generation switching options + --install-bootloader + + # nix-channel options + --upgrade + --upgrade-all + + # flakes options + --commit-lock-file + --flake # flake-uri + --override-input # input-name flake-uri + --recreate-lock-file + --update-input + --no-flake + --no-registries + --no-update-lock-file + --no-write-lock-file + + # Nix-copy options + --use-substitutes --substitute-on-destination -s + + # Nix options + --option + --impure + --builders # builder-spec + --show-trace + --keep-failed -K + --keep-going -k + --max-jobs -j # number + --log-format # format + -I # NIX_PATH + ) + + local all_subcommands=( + boot + build + build-vm + build-vm-with-bootloader + dry-activate + dry-build + edit + list-generations + switch + test + ) + + # Suggest arguments that can be consumed under some conditions only + for word in "${COMP_WORDS[@]}"; do + for subcommand in "${all_subcommands[@]}"; do + if [[ "$word" == "$subcommand" ]]; then + subcommandGiven=1 + fi + done + done + + # Fake out a way to complete the second arg to some options + case "${COMP_WORDS[COMP_CWORD-2]}" in + "--override-input") + prev="--override-input_2" + ;; + "--option") + prev="--option_2" + ;; + esac + + case "$prev" in + --max-jobs|-j) + COMPREPLY=( ) + ;; + + --profile-name|-p) + if [[ "$curr" == "" ]]; then + COMPREPLY=( /nix/var/nix/profiles/* ) + else + COMPREPLY=( "$curr"* ) + fi + ;; + + --build-host|--target-host|-t|-h) + _known_hosts_real "$curr" + ;; + + --specialisation|-c) + COMPREPLY=() + ;; + + -I) + _nixos-rebuild_pretend-nix + ;; + --builders) + _nixos-rebuild_pretend-nix + ;; + --flake) + _nixos-rebuild_pretend-nix + ;; + --override-input) + _nixos-rebuild_pretend-nix + ;; + --override-input_2) + _nixos-rebuild_pretend-nix + ;; + --log-format) + _nixos-rebuild_pretend-nix + ;; + --option) + _nixos-rebuild_pretend-nix + ;; + --option_2) + _nixos-rebuild_pretend-nix + ;; + + *) + if [[ "$curr" == -* ]] || (( subcommandGiven )); then + COMPREPLY=( $(compgen -W "${all_args[*]}" -- "$2") ) + else + COMPREPLY=( $(compgen -W "${all_subcommands[*]}" -- "$2") ) + fi + ;; + esac +} + +complete -F _nixos-rebuild nixos-rebuild diff --git a/pkgs/os-specific/linux/nixos-rebuild/default.nix b/pkgs/os-specific/linux/nixos-rebuild/default.nix index c6ec0866791..6c150b1b8cd 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/default.nix +++ b/pkgs/os-specific/linux/nixos-rebuild/default.nix @@ -28,10 +28,14 @@ substituteAll { ]; postInstall = '' installManPage ${./nixos-rebuild.8} + + installShellCompletion \ + --bash ${./_nixos-rebuild} ''; # run some a simple installer tests to make sure nixos-rebuild still works for them passthru.tests = { + install-bootloader = nixosTests.nixos-rebuild-install-bootloader; simple-installer = nixosTests.installer.simple; specialisations = nixosTests.nixos-rebuild-specialisations; }; diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 index b0ff5b0a672..d947361b3bc 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 @@ -421,6 +421,14 @@ nixpkgs=./my-nixpkgs Additional options to be passed to .Ic ssh on the command line. +.Ed +. +.It Ev NIXOS_SWITCH_USE_DIRTY_ENV +Expose the the current environment variables to post activation scripts. Will +skip usage of +.Ic systemd-run +during system activation. Possibly dangerous, specially in remote environments +(e.g.: via SSH). Will be removed in the future. .El . . diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 2f89642845e..dddae8da206 100755 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -117,11 +117,11 @@ while [ "$#" -gt 0 ]; do specialisation="$1" shift 1 ;; - --build-host|h) + --build-host) buildHost="$1" shift 1 ;; - --target-host|t) + --target-host) targetHost="$1" shift 1 ;; @@ -653,18 +653,54 @@ fi # If we're not just building, then make the new configuration the boot # default and/or activate it now. if [[ "$action" = switch || "$action" = boot || "$action" = test || "$action" = dry-activate ]]; then + # Using systemd-run here to protect against PTY failures/network + # disconnections during rebuild. + # See: https://github.com/NixOS/nixpkgs/issues/39118 + cmd=( + "systemd-run" + "-E" "LOCALE_ARCHIVE" # Will be set to new value early in switch-to-configuration script, but interpreter starts out with old value + "-E" "NIXOS_INSTALL_BOOTLOADER" + "--collect" + "--no-ask-password" + "--pty" + "--quiet" + "--same-dir" + "--service-type=exec" + "--unit=nixos-rebuild-switch-to-configuration" + "--wait" + ) + # Check if we have a working systemd-run. In chroot environments we may have + # a non-working systemd, so we fallback to not using systemd-run. + # You may also want to explicitly set NIXOS_SWITCH_USE_DIRTY_ENV environment + # variable, since systemd-run runs inside an isolated environment and + # this may break some post-switch scripts. However keep in mind that this + # may be dangerous in remote access (e.g. SSH). + if [[ -n "$NIXOS_SWITCH_USE_DIRTY_ENV" ]]; then + log "warning: skipping systemd-run since NIXOS_SWITCH_USE_DIRTY_ENV is set. This environment variable will be ignored in the future" + cmd=() + elif ! targetHostCmd "${cmd[@]}" true &>/dev/null; then + logVerbose "Skipping systemd-run to switch configuration since it is not working in target host." + cmd=( + "env" + "-i" + "LOCALE_ARCHIVE=$LOCALE_ARCHIVE" + "NIXOS_INSTALL_BOOTLOADER=$NIXOS_INSTALL_BOOTLOADER" + ) + else + logVerbose "Using systemd-run to switch configuration." + fi if [[ -z "$specialisation" ]]; then - cmd="$pathToConfig/bin/switch-to-configuration" + cmd+=("$pathToConfig/bin/switch-to-configuration") else - cmd="$pathToConfig/specialisation/$specialisation/bin/switch-to-configuration" + cmd+=("$pathToConfig/specialisation/$specialisation/bin/switch-to-configuration") - if [[ ! -f "$cmd" ]]; then + if [[ ! -f "${cmd[-1]}" ]]; then log "error: specialisation not found: $specialisation" exit 1 fi fi - if ! targetHostCmd "$cmd" "$action"; then + if ! targetHostCmd "${cmd[@]}" "$action"; then log "warning: error(s) occurred while switching to the new configuration" exit 1 fi diff --git a/pkgs/os-specific/linux/nmon/default.nix b/pkgs/os-specific/linux/nmon/default.nix index 768e8e43edc..30285f9c5b2 100644 --- a/pkgs/os-specific/linux/nmon/default.nix +++ b/pkgs/os-specific/linux/nmon/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { buildInputs = [ ncurses ]; dontUnpack = true; buildPhase = "${stdenv.cc.targetPrefix}cc -o nmon ${src} -g -O2 -D JFS -D GETUSER -Wall -D LARGEMEM -lncurses -lm -g -D ${ - with stdenv.targetPlatform; + with stdenv.hostPlatform; if isx86 then "X86" else if isAarch then "ARM" else if isPower then "POWER" diff --git a/pkgs/os-specific/linux/nsncd/default.nix b/pkgs/os-specific/linux/nsncd/default.nix index da26a13c404..81590a6f869 100644 --- a/pkgs/os-specific/linux/nsncd/default.nix +++ b/pkgs/os-specific/linux/nsncd/default.nix @@ -7,16 +7,19 @@ rustPlatform.buildRustPackage rec { pname = "nsncd"; - version = "unstable-2022-11-14"; + version = "unstable-2023-10-26"; + # https://github.com/twosigma/nsncd/pull/71 has not been upstreamed + # to twosigma/nsncd yet. Using the nix-community fork in the + # meantime. src = fetchFromGitHub { owner = "nix-community"; repo = "nsncd"; - rev = "47e580f1db99603df6e212a2e62f18cc970cef40"; - hash = "sha256-Nv3MYZcuYgD66BAGs3Tg37s086HAGsaDBFvELqQF3Tk="; + rev = "d6513421f420e407248c6d0aee39ae2f861a7cec"; + hash = "sha256-PykzwpPxMDHJOr2HubXuw+Krk9Jbi0E3M2lEAOXhx2M="; }; - cargoSha256 = "sha256-c1L6nEUBHw1YegmoRrI3WU/bF80Nzbz13hsGlNyBR9o="; + cargoSha256 = "sha256-cUM7rYXWpJ0aMiurXBp15IlxAmf/x5uiodxEqBPCQT0="; meta = with lib; { description = "the name service non-caching daemon"; @@ -25,7 +28,7 @@ rustPlatform.buildRustPackage rec { ''; homepage = "https://github.com/twosigma/nsncd"; license = licenses.asl20; - maintainers = with maintainers; [ flokli ninjatrappeur ]; + maintainers = with maintainers; [ flokli picnoir ]; # never built on aarch64-darwin, x86_64-darwin since first introduction in nixpkgs broken = stdenv.isDarwin; }; diff --git a/pkgs/os-specific/linux/numatop/default.nix b/pkgs/os-specific/linux/numatop/default.nix index ad0138f18b7..f4995264b09 100644 --- a/pkgs/os-specific/linux/numatop/default.nix +++ b/pkgs/os-specific/linux/numatop/default.nix @@ -16,12 +16,14 @@ stdenv.mkDerivation rec { patches = [ (fetchpatch { - url = "https://github.com/intel/numatop/pull/54.patch"; + # https://github.com/intel/numatop/pull/54 + url = "https://github.com/intel/numatop/compare/eab0ac5253c5843aa0f0ac36e2eec7612207711b...c1001fd926c24eae2d40729492e07270ce133b72.patch"; sha256 = "sha256-TbMLv7TT9T8wE4uJ1a/AroyPPwrwL0eX5IBLsh9GTTM="; name = "fix-string-operations.patch"; }) (fetchpatch { - url = "https://github.com/intel/numatop/pull/64.patch"; + # https://github.com/intel/numatop/pull/64 + url = "https://github.com/intel/numatop/commit/635e2ce2ccb1ac793cc276a7fcb8a92b1ffefa5d.patch"; sha256 = "sha256-IevbSFJRTS5iQ5apHOVXzF67f3LJaW6j7DySFmVuyiM="; name = "fix-format-strings-mvwprintw.patch"; }) diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index b7824f20977..fbb116ab42a 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup unpackManually() { diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index 69e4ae8729d..7fec21a8237 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -27,49 +27,43 @@ rec { stable = if stdenv.hostPlatform.system == "i686-linux" then legacy_390 else latest; production = generic { - version = "535.113.01"; - sha256_64bit = "sha256-KOME2N/oG39en2BAS/OMYvyjVXjZdSLjxwoOjyMWdIE="; - sha256_aarch64 = "sha256-mw/p5ELGTNcM4P94soJIGqpLMBJHSPf+z9qsGnISuCk="; - openSha256 = "sha256-SePRFb5S2T0pOmkSGflYfJkJBjG3Dx/Z0MjwnWccfcI="; - settingsSha256 = "sha256-hiX5Nc4JhiYYt0jaRgQzfnmlEQikQjuO0kHnqGdDa04="; - persistencedSha256 = "sha256-V5Wu8a7EhwZarGsflAhEQDE9s9PjuQ3JNMU1nWvNNsQ="; + version = "535.129.03"; + sha256_64bit = "sha256-5tylYmomCMa7KgRs/LfBrzOLnpYafdkKwJu4oSb/AC4="; + sha256_aarch64 = "sha256-i6jZYUV6JBvN+Rt21v4vNstHPIu9sC+2ZQpiLOLoWzM="; + openSha256 = "sha256-/Hxod/LQ4CGZN1B1GRpgE/xgoYlkPpMh+n8L7tmxwjs="; + settingsSha256 = "sha256-QKN/gLGlT+/hAdYKlkIjZTgvubzQTt4/ki5Y+2Zj3pk="; + persistencedSha256 = "sha256-FRMqY5uAJzq3o+YdM2Mdjj8Df6/cuUUAnh52Ne4koME="; }; latest = selectHighestVersion production (generic { - version = "530.41.03"; - sha256_64bit = "sha256-riehapaMhVA/XRYd2jQ8FgJhKwJfSu4V+S4uoKy3hLE="; - sha256_aarch64 = "sha256-uM5zMEO/AO32VmqUOzmc05FFm/lz76jPSSaQmeZUlFo="; - openSha256 = "sha256-etbtw6LMRUcFoZC9EDDRrTDekV8JFRYmkp3idLaMk5g="; - settingsSha256 = "sha256-8KB6T9f+gWl8Ni+uOyrJKiiH5mNx9eyfCcW/RjPTQQA="; - persistencedSha256 = "sha256-zrstlt/0YVGnsPGUuBbR9ULutywi2wNDVxh7OhJM7tM="; + version = "545.29.02"; + sha256_64bit = "sha256-RncPlaSjhvBFUCOzWdXSE3PAfRPCIrWAXyJMdLPKuIU="; + sha256_aarch64 = "sha256-Y2RDOuDtiIclr06gmLrPDfE5VFmFamXxiIIKtKAewro="; + openSha256 = "sha256-PukpOBtG5KvZKWYfJHVQO6SuToJUd/rkjpOlEi8pSmk="; + settingsSha256 = "sha256-zj173HCZJaxAbVV/A2sbJ9IPdT1+3yrwyxD+AQdkSD8="; + persistencedSha256 = "sha256-mmMi2pfwzI1WYOffMVdD0N1HfbswTGg7o57x9/IiyVU="; patchFlags = [ "-p1" "-d" "kernel" ]; - patches = [ - # source: https://gist.github.com/joanbm/77f0650d45747b9a4dc8e330ade2bf5c - (fetchpatch { - url = "https://gist.github.com/joanbm/77f0650d45747b9a4dc8e330ade2bf5c/raw/688b612624945926676de28059fe749203b4b549/nvidia-470xx-fix-linux-6.4.patch"; - hash = "sha256-OyRmezyzqAi7mSJHDjsWQVocSsgJPTW5DvHDFVNX7Dk="; - }) - ]; + patches = []; }); beta = selectHighestVersion latest (generic { - version = "535.43.02"; - sha256_64bit = "sha256-4KTdk4kGDmBGyHntMIzWRivUpEpzmra+p7RBsTL8mYM="; - sha256_aarch64 = "sha256-0blD8R+xpOVlitWefIbtw1d3KAnmWHBy7hkxGZHBrE4="; - openSha256 = "sha256-W1fwbbEEM7Z/S3J0djxGTtVTewbSALqX1G1OSpdajCM="; - settingsSha256 = "sha256-j0sSEbtF2fapv4GSthVTkmJga+ycmrGc1OnGpV6jEkc="; - persistencedSha256 = "sha256-M0ovNaJo8SZwLW4CQz9accNK79Z5JtTJ9kKwOzicRZ4="; + version = "545.23.06"; + sha256_64bit = "sha256-QTnTKAGfcvKvKHik0BgAemV3PrRqRlM3B9jjZeupCC8="; + sha256_aarch64 = "sha256-qkVP6AiXNoRTqgqPvs/AfErEq8BTQw25rtJ6GS06JTM="; + openSha256 = "sha256-m7D5LZdhFCZYAIbhrgZ0pN2z19LsU3I3Q7qsKX7Z6mM="; + settingsSha256 = "sha256-+X6gDeU8Qlvprb05aB2quM55y0zEcBXtb65e3Rq9gKg="; + persistencedSha256 = "sha256-RQJAIwPqOUI5FB3uf0/Y4K/iwFfoLpU1/+BOK/KF5VA="; }); # Vulkan developer beta driver # See here for more information: https://developer.nvidia.com/vulkan-driver vulkan_beta = generic rec { - version = "535.43.09"; + version = "535.43.16"; persistencedVersion = "535.98"; settingsVersion = "535.98"; - sha256_64bit = "sha256-7QDp+VDgxH7RGW40kbQp4F/luh0DCYb4BS0gU/6wn+c="; - openSha256 = "sha256-7MOwKQCTaOo1//8OlSaNdpKeDXejZvmKFFeqhFrhAk8="; + sha256_64bit = "sha256-c93CJSMPlGZgk+jhp9zTHCKSZ0LdnJu+ifLo+qMvIIk="; + openSha256 = "sha256-509KaBavGIOOpzdrdJuAR1PYq91Clwo8n+nhruxO1wM="; settingsSha256 = "sha256-jCRfeB1w6/dA27gaz6t5/Qo7On0zbAPIi74LYLel34s="; persistencedSha256 = "sha256-WviDU6B50YG8dO64CGvU3xK8WFUX8nvvVYm/fuGyroM="; url = "https://developer.nvidia.com/downloads/vulkan-beta-${lib.concatStrings (lib.splitString "." version)}-linux"; @@ -93,25 +87,14 @@ rec { # Last one supporting Kepler architecture legacy_470 = generic { - version = "470.199.02"; - sha256_64bit = "sha256-/fggDt8RzjLDW0JiGjr4aV4RGnfEKL8MTTQ4tCjXaP0="; - sha256_aarch64 = "sha256-UmF7LszdrO2d+bOaoQYrTVKXUwDqzMy1UDBW5SPuZy4="; - settingsSha256 = "sha256-FkKPE4QV5IiVizGYUNUYoEXRpEhojt/cbH/I8iCn3hw="; - persistencedSha256 = "sha256-JP71wt3uCNOgheLNlQbW3DqVFQNTC5vj4y4COWKQzAs="; + version = "470.223.02"; + sha256_64bit = "sha256-s2hi1TNsw+br6Ow6tPiFsYPaJY8d+x4FrkBrP2xNRPg="; + sha256_aarch64 = "sha256-CFkg2ARlGWqlFQKm8SlbwMH6eLidHKA/q5QGVOpPGuU="; + settingsSha256 = "sha256-r6DuIH/rnsCm/y51iRgPNi5/kz+EFMVABREdTjBneZ0="; + persistencedSha256 = "sha256-e71fpPBBv8S/aoeXxBXkzKy5bsMMbv8y024cSLc8DYc="; patchFlags = [ "-p1" "-d" "kernel" ]; - patches = [ - # source: https://gist.github.com/joanbm/dfe8dc59af1c83e2530a1376b77be8ba - (fetchpatch { - url = "https://gist.github.com/joanbm/dfe8dc59af1c83e2530a1376b77be8ba/raw/37ff2b5ccf99f295ff958c9a44ca4ed4f42503b4/nvidia-470xx-fix-linux-6.5.patch"; - hash = "sha256-s5r7nwuMva0BLy2qJBVKqNtnUN9am5+PptnVwNdzdbk="; - }) - # source: https://gist.github.com/joanbm/2ec3c512a1ac21f5f5c6b3c1a4dbef35 - (fetchpatch { - url = "https://gist.github.com/joanbm/2ec3c512a1ac21f5f5c6b3c1a4dbef35/raw/615feaefed2de3a28bd12fe9783894b84a7c86e4/nvidia-470xx-fix-linux-6.6.patch"; - hash = "sha256-gdV+a+JFzQX8MzRz9eb4gVbnOfTWN+Ds9sOeyIBN5y0="; - }) - ]; + patches = []; }; # Last one supporting x86 diff --git a/pkgs/os-specific/linux/nvidia-x11/settings.nix b/pkgs/os-specific/linux/nvidia-x11/settings.nix index 0b801d4b272..b11dc06c85e 100644 --- a/pkgs/os-specific/linux/nvidia-x11/settings.nix +++ b/pkgs/os-specific/linux/nvidia-x11/settings.nix @@ -69,7 +69,9 @@ stdenv.mkDerivation { url = "https://github.com/NVIDIA/nvidia-settings/commit/a7c1f5fce6303a643fadff7d85d59934bd0cf6b6.patch"; hash = "sha256-ZwF3dRTYt/hO8ELg9weoz1U/XcU93qiJL2d1aq1Jlak="; }) - ++ lib.optional (lib.versionAtLeast nvidia_x11.settingsVersion "515.43.04") + ++ lib.optional + ((lib.versionAtLeast nvidia_x11.settingsVersion "515.43.04") + && (lib.versionOlder nvidia_x11.settingsVersion "545.29")) (fetchpatch { # fix wayland support for compositors that use wl_output version 4 url = "https://github.com/NVIDIA/nvidia-settings/pull/99/commits/2e0575197e2b3247deafd2a48f45afc038939a06.patch"; diff --git a/pkgs/os-specific/linux/nvme-cli/default.nix b/pkgs/os-specific/linux/nvme-cli/default.nix index d267a12266b..e0d0372fd6f 100644 --- a/pkgs/os-specific/linux/nvme-cli/default.nix +++ b/pkgs/os-specific/linux/nvme-cli/default.nix @@ -4,18 +4,19 @@ , libnvme , json_c , zlib +, libhugetlbfs , python3Packages }: stdenv.mkDerivation rec { pname = "nvme-cli"; - version = "2.4"; + version = "2.6"; src = fetchFromGitHub { owner = "linux-nvme"; repo = "nvme-cli"; rev = "v${version}"; - hash = "sha256-vnhvVVfEDnmEIdIkfTRoiLB7dZ1rJV3U4PmUUoaxTUs="; + hash = "sha256-MFyBkwTNOBQdHWj7In1OquRIAsjsd4/DHYfUyFA9YDQ="; }; mesonFlags = [ @@ -32,6 +33,8 @@ stdenv.mkDerivation rec { libnvme json_c zlib + ] ++ lib.optionals (lib.meta.availableOn stdenv.hostPlatform libhugetlbfs) [ + libhugetlbfs ]; meta = with lib; { @@ -47,7 +50,7 @@ stdenv.mkDerivation rec { ''; license = licenses.gpl2Plus; platforms = platforms.linux; - maintainers = with maintainers; [ mic92 ]; + maintainers = with maintainers; [ mic92 vifino ]; mainProgram = "nvme"; }; } diff --git a/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix b/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix index 40ef0796dfa..61a27bd51f0 100644 --- a/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix +++ b/pkgs/os-specific/linux/oci-seccomp-bpf-hook/default.nix @@ -10,12 +10,12 @@ buildGoModule rec { pname = "oci-seccomp-bpf-hook"; - version = "1.2.9"; + version = "1.2.10"; src = fetchFromGitHub { owner = "containers"; repo = "oci-seccomp-bpf-hook"; rev = "v${version}"; - sha256 = "sha256-KPO9xqLgPML6smoO7P50yP81b4iCvRFIR74ciUiva7o="; + sha256 = "sha256-bWlm+JYNf7+faKSQfW5fhxoH/D2I8ujjakswH+1r49o="; }; vendorHash = null; diff --git a/pkgs/os-specific/linux/odp-dpdk/default.nix b/pkgs/os-specific/linux/odp-dpdk/default.nix index 5c8cd9efc98..7ac560824db 100644 --- a/pkgs/os-specific/linux/odp-dpdk/default.nix +++ b/pkgs/os-specific/linux/odp-dpdk/default.nix @@ -18,11 +18,11 @@ stdenv.mkDerivation rec { pname = "odp-dpdk"; - version = "1.41.0.0_DPDK_22.11"; + version = "1.42.0.0_DPDK_22.11"; src = fetchurl { url = "https://git.linaro.org/lng/odp-dpdk.git/snapshot/${pname}-${version}.tar.gz"; - hash = "sha256-4p+R+7IeDKQFqBzQTvXfR407exxhoS8pnKxF9Qnr8tw="; + hash = "sha256-qtdqYE4+ab6/9Z0YXXCItcfj+3+gyprcNMAnAZkl4GA="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh b/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh index 34f9b157945..ed2c60da261 100644 --- a/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh +++ b/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup mkdir -p $out/lib diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index b16bebbe3d6..a35f40be595 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -1,5 +1,8 @@ -{ lib, stdenv, buildPackages, fetchurl, flex, cracklib, db4, gettext, audit, libxcrypt +{ lib, stdenv, buildPackages, fetchurl +, fetchpatch +, flex, cracklib, db4, gettext, audit, libxcrypt , nixosTests +, autoreconfHook269, pkg-config-unwrapped }: stdenv.mkDerivation rec { @@ -11,12 +14,25 @@ stdenv.mkDerivation rec { sha256 = "sha256-5OxxMakdpEUSV0Jo9JPG2MoQXIcJFpG46bVspoXU+U0="; }; - patches = [ ./suid-wrapper-path.patch ]; + patches = [ + ./suid-wrapper-path.patch + # Pull support for localization on non-default --prefix: + # https://github.com/NixOS/nixpkgs/issues/249010 + # https://github.com/linux-pam/linux-pam/pull/604 + (fetchpatch { + name = "bind-locales.patch"; + url = "https://github.com/linux-pam/linux-pam/commit/77bd338125cde583ecdfb9fd69619bcd2baf15c2.patch"; + hash = "sha256-tlc9RcLZpEH315NFD4sdN9yOco8qhC6+bszl4OHm+AI="; + }) + ]; outputs = [ "out" "doc" "man" /* "modules" */ ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ flex ] + # autoreconfHook269 is needed for `suid-wrapper-path.patch` and + # `bind-locales.patch` above. + # pkg-config-unwrapped is needed for `AC_CHECK_LIB` and `AC_SEARCH_LIBS` + nativeBuildInputs = [ flex autoreconfHook269 pkg-config-unwrapped ] ++ lib.optional stdenv.buildPlatform.isDarwin gettext; buildInputs = [ cracklib db4 libxcrypt ] diff --git a/pkgs/os-specific/linux/pam/suid-wrapper-path.patch b/pkgs/os-specific/linux/pam/suid-wrapper-path.patch index 71533c51a19..a427ccf3881 100644 --- a/pkgs/os-specific/linux/pam/suid-wrapper-path.patch +++ b/pkgs/os-specific/linux/pam/suid-wrapper-path.patch @@ -1,6 +1,6 @@ It needs the SUID version during runtime, and that can't be in /nix/store/** ---- a/modules/pam_unix/Makefile.in -+++ b/modules/pam_unix/Makefile.in -@@ -651 +651 @@ +--- a/modules/pam_unix/Makefile.am ++++ b/modules/pam_unix/Makefile.am +@@ -21 +21 @@ - -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\" \ + -DCHKPWD_HELPER=\"/run/wrappers/bin/unix_chkpwd\" \ diff --git a/pkgs/os-specific/linux/pam_mktemp/default.nix b/pkgs/os-specific/linux/pam_mktemp/default.nix new file mode 100644 index 00000000000..04ba58785ef --- /dev/null +++ b/pkgs/os-specific/linux/pam_mktemp/default.nix @@ -0,0 +1,48 @@ +{ lib +, stdenv +, fetchurl +, fetchpatch +, pam +, e2fsprogs +}: + +stdenv.mkDerivation rec { + pname = "pam_mktemp"; + version = "1.1.1"; + + src = fetchurl { + url = "https://openwall.com/pam/modules/${pname}/${pname}-${version}.tar.gz"; + hash = "sha256-Zs+AwYQ5yjRW25ZALy7qwUsaBQPMHRvn8rFtXwefPz0="; + }; + + patches = [ + (fetchpatch { + name = "inherit_private_prefix_from_home.patch"; + url = "https://git.altlinux.org/gears/p/pam_mktemp.git?p=pam_mktemp.git;a=commitdiff_plain;h=3d2e8ad6da6a44c047bf7a8afa1e1bb2a6e36a55"; + hash = "sha256-xe44fi2xH9jqlStlIR4QPB0KS7spflRdOsvNPEmxJpU"; + }) + (fetchpatch { + name = "allow_private_prefix_to_be_stricter.patch"; + url = "https://git.altlinux.org/gears/p/pam_mktemp.git?p=pam_mktemp.git;a=commitdiff_plain;h=bb2cee0c695d22310e5364c30d74bccb0dbf3205"; + hash = "sha256-TouysUVlNnl+m7lJ2VKPxUTYD2om1Jh5FEJ6NHMAI4U="; + }) + ]; + + patchFlags = "-p2"; + + dontConfigure = true; + + buildInputs = [ pam e2fsprogs ]; + + makeFlags = [ "DESTDIR=$(out)" ]; + + enableParallelBuilding = true; + + meta = with lib; { + homepage = "https://www.openwall.com/pam/"; + description = "PAM for login service to provide per-user private directories"; + license = licenses.bsd0; + maintainers = with maintainers; [ wladmis ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/pam_p11/default.nix b/pkgs/os-specific/linux/pam_p11/default.nix index 8970f7ed628..0a7e02f4ad8 100644 --- a/pkgs/os-specific/linux/pam_p11/default.nix +++ b/pkgs/os-specific/linux/pam_p11/default.nix @@ -13,8 +13,10 @@ stdenv.mkDerivation rec { patches = [ # fix with openssl 3.x + # https://github.com/OpenSC/pam_p11/pull/22 (fetchpatch { - url = "https://github.com/OpenSC/pam_p11/pull/22.patch"; + name = "OpenSC-pam_p11-pull-22.patch"; + url = "https://github.com/OpenSC/pam_p11/compare/cd4eba2e921e1c2f93cde71922a76af99376246c...debd4f7acfaf998cfe4002e0be5c35ad9a9591b5.patch"; excludes = [ ".github/build.sh" ]; hash = "sha256-bm/agnBgvrr8L8yoGK4gzBqOGgsNWf9NIgcNJG7proE="; }) diff --git a/pkgs/os-specific/linux/pax-utils/default.nix b/pkgs/os-specific/linux/pax-utils/default.nix index 1d27cf80e4d..dcecfa4c13b 100644 --- a/pkgs/os-specific/linux/pax-utils/default.nix +++ b/pkgs/os-specific/linux/pax-utils/default.nix @@ -1,6 +1,6 @@ { stdenv , lib -, fetchurl +, fetchgit , buildPackages , docbook_xml_dtd_44 , docbook_xsl @@ -18,9 +18,10 @@ stdenv.mkDerivation rec { pname = "pax-utils"; version = "1.3.7"; - src = fetchurl { - url = "mirror://gentoo/distfiles/${pname}-${version}.tar.xz"; - sha256 = "sha256-EINi0pZo0lz3sMrcY7FaTBz8DbxxrcFRszxf597Ok5o="; + src = fetchgit { + url = "https://anongit.gentoo.org/git/proj/pax-utils.git"; + rev = "v${version}"; + hash = "sha256-WyNng+UtfRz1+Eu4gwXLxUvBAg+m3mdrc8GdEPYRKVE="; }; strictDeps = true; diff --git a/pkgs/os-specific/linux/pipework/default.nix b/pkgs/os-specific/linux/pipework/default.nix index ea274377ced..3591303a8d0 100644 --- a/pkgs/os-specific/linux/pipework/default.nix +++ b/pkgs/os-specific/linux/pipework/default.nix @@ -22,6 +22,6 @@ stdenv.mkDerivation { homepage = "https://github.com/jpetazzo/pipework"; license = licenses.asl20; platforms = platforms.linux; - maintainers = with maintainers; [ cstrahan ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/os-specific/linux/power-profiles-daemon/default.nix b/pkgs/os-specific/linux/power-profiles-daemon/default.nix index ae08f59cc1a..e81f42b65a2 100644 --- a/pkgs/os-specific/linux/power-profiles-daemon/default.nix +++ b/pkgs/os-specific/linux/power-profiles-daemon/default.nix @@ -53,7 +53,7 @@ stdenv.mkDerivation rec { wrapGAppsNoGuiHook python3.pkgs.wrapPython # checkInput but cheked for during the configuring - (python3.pythonForBuild.withPackages (ps: with ps; [ + (python3.pythonOnBuildForHost.withPackages (ps: with ps; [ pygobject3 dbus-python python-dbusmock diff --git a/pkgs/os-specific/linux/prl-tools/default.nix b/pkgs/os-specific/linux/prl-tools/default.nix index 001162608cd..314a95bd554 100644 --- a/pkgs/os-specific/linux/prl-tools/default.nix +++ b/pkgs/os-specific/linux/prl-tools/default.nix @@ -36,13 +36,13 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "prl-tools"; - version = "19.0.0-54570"; + version = "19.1.1-54734"; # We download the full distribution to extract prl-tools-lin.iso from # => ${dmg}/Parallels\ Desktop.app/Contents/Resources/Tools/prl-tools-lin.iso src = fetchurl { url = "https://download.parallels.com/desktop/v${lib.versions.major finalAttrs.version}/${finalAttrs.version}/ParallelsDesktop-${finalAttrs.version}.dmg"; - hash = "sha256-y7UC+E5i2cxkOJ9nVI6aQAFJ5kTXv9uaZoMO4/SCS6k="; + hash = "sha256-02YxBkV9pZGfXuK6GvUDTgE9U5H2MOMk24h9qGJdFTM="; }; hardeningDisable = [ "pic" "format" ]; diff --git a/pkgs/os-specific/linux/procps-ng/default.nix b/pkgs/os-specific/linux/procps-ng/default.nix index 67b839a1bd3..56a92ffa44e 100644 --- a/pkgs/os-specific/linux/procps-ng/default.nix +++ b/pkgs/os-specific/linux/procps-ng/default.nix @@ -27,7 +27,9 @@ stdenv.mkDerivation rec { sha256 = "sha256-RRiz56r9NOwH0AY9JQ/UdJmbILIAIYw65W9dIRPxQbQ="; }; - patches = lib.optionals stdenv.hostPlatform.isMusl [ + patches = [ + ./v3-CVE-2023-4016.patch + ] ++ lib.optionals stdenv.hostPlatform.isMusl [ # NOTE: Starting from 4.x we will not need a patch anymore, but need to add # "--disable-w" to configureFlags instead to prevent the utmp errors (fetchpatch { diff --git a/pkgs/os-specific/linux/procps-ng/v3-CVE-2023-4016.patch b/pkgs/os-specific/linux/procps-ng/v3-CVE-2023-4016.patch new file mode 100644 index 00000000000..2e260eaf738 --- /dev/null +++ b/pkgs/os-specific/linux/procps-ng/v3-CVE-2023-4016.patch @@ -0,0 +1,63 @@ +This is https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413.diff +back-ported to procps 3.3.17. That commit changes xmalloc to xcalloc. This patch differs in two ways: + +* We modify it to change malloc (no x-) to xcalloc instead +* We pull in procps-4's definition of xcalloc + +Alternative considered: Also pull in commits that changed malloc to xmalloc and defined xcalloc. +This alternative is rejected because those commits contain many other unrelated changes. + +diff --git a/ps/parser.c b/ps/parser.c +index 4263a1fb..ee9a57d9 100644 +--- a/ps/parser.c ++++ b/ps/parser.c +@@ -36,6 +36,14 @@ + #include "common.h" + #include "c.h" + ++static void *xxcalloc(const size_t nelems, const size_t size) ++{ ++ void *ret = calloc(nelems, size); ++ if (!ret && size && nelems) ++ xerrx(EXIT_FAILURE, "cannot allocate %zu bytes", nelems*size); ++ return ret; ++} ++ + #define ARG_GNU 0 + #define ARG_END 1 + #define ARG_PGRP 2 +@@ -184,7 +192,6 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s + const char *err; /* error code that could or did happen */ + /*** prepare to operate ***/ + node = malloc(sizeof(selection_node)); +- node->u = malloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */ + node->n = 0; + buf = strdup(arg); + /*** sanity check and count items ***/ +@@ -205,6 +212,7 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s + } while (*++walk); + if(need_item) goto parse_error; + node->n = items; ++ node->u = xxcalloc(items, sizeof(sel_union)); + /*** actually parse the list ***/ + walk = buf; + while(items--){ +@@ -1031,15 +1039,15 @@ static const char *parse_trailing_pids(void){ + thisarg = ps_argc - 1; /* we must be at the end now */ + + pidnode = malloc(sizeof(selection_node)); +- pidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ ++ pidnode->u = xxcalloc(i, sizeof(sel_union)); /* waste is insignificant */ + pidnode->n = 0; + + grpnode = malloc(sizeof(selection_node)); +- grpnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ ++ grpnode->u = xxcalloc(i, sizeof(sel_union)); /* waste is insignificant */ + grpnode->n = 0; + + sidnode = malloc(sizeof(selection_node)); +- sidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ ++ sidnode->u = xxcalloc(i, sizeof(sel_union)); /* waste is insignificant */ + sidnode->n = 0; + + while(i--){ diff --git a/pkgs/os-specific/linux/projecteur/default.nix b/pkgs/os-specific/linux/projecteur/default.nix index ecb0fe535d3..0477985cc19 100644 --- a/pkgs/os-specific/linux/projecteur/default.nix +++ b/pkgs/os-specific/linux/projecteur/default.nix @@ -1,24 +1,39 @@ -{ lib, mkDerivation, fetchFromGitHub, - cmake, pkg-config, - qtbase, qtgraphicaleffects, wrapQtAppsHook }: +{ lib +, mkDerivation +, fetchFromGitHub +, cmake +, pkg-config +, qtbase +, qtgraphicaleffects +, wrapQtAppsHook +}: + mkDerivation rec { pname = "projecteur"; - version = "0.9.2"; + version = "0.10"; src = fetchFromGitHub { owner = "jahnf"; repo = "Projecteur"; rev = "v${version}"; fetchSubmodules = false; - sha256 = "sha256-kg6oYtJ4H5A6RNATBg+XvMfCb9FlhEBFjfxamGosMQg="; + hash = "sha256-F7o93rBjrDTmArTIz8RB/uGBOYE6ny/U7ppk+jEhM5A="; }; postPatch = '' sed '1i#include <array>' -i src/device.h # gcc12 ''; - buildInputs = [ qtbase qtgraphicaleffects ]; - nativeBuildInputs = [ wrapQtAppsHook cmake pkg-config ]; + buildInputs = [ + qtbase + qtgraphicaleffects + ]; + + nativeBuildInputs = [ + cmake + pkg-config + wrapQtAppsHook + ]; cmakeFlags = [ "-DCMAKE_INSTALL_PREFIX:PATH=${placeholder "out"}" @@ -26,11 +41,12 @@ mkDerivation rec { "-DCMAKE_INSTALL_UDEVRULESDIR=${placeholder "out"}/lib/udev/rules.d" ]; - meta = with lib; { + meta = { description = "Linux/X11 application for the Logitech Spotlight device (and similar devices)."; homepage = "https://github.com/jahnf/Projecteur"; - license = licenses.mit; - platforms = platforms.linux; - maintainers = with maintainers; [ benneti ]; + license = lib.licenses.mit; + mainProgram = "projecteur"; + maintainers = with lib.maintainers; [ benneti drupol ]; + platforms = lib.platforms.linux; }; } diff --git a/pkgs/os-specific/linux/qmk-udev-rules/default.nix b/pkgs/os-specific/linux/qmk-udev-rules/default.nix index 6fc6e0012b3..5b627ea9033 100644 --- a/pkgs/os-specific/linux/qmk-udev-rules/default.nix +++ b/pkgs/os-specific/linux/qmk-udev-rules/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "qmk-udev-rules"; - version = "0.19.11"; + version = "0.22.3"; src = fetchFromGitHub { owner = "qmk"; repo = "qmk_firmware"; rev = version; - hash = "sha256-RevCj+tFlleH08VGRwJjKhZdXwU6VlMsSCR9090pgRI="; + hash = "sha256-HLQxmBlzTdsOAMqfc4taoMM+V2G5novMsbc1drZlNGg="; }; dontBuild = true; diff --git a/pkgs/os-specific/linux/r8125/default.nix b/pkgs/os-specific/linux/r8125/default.nix index 30f8da7d5f4..4517cb29e75 100644 --- a/pkgs/os-specific/linux/r8125/default.nix +++ b/pkgs/os-specific/linux/r8125/default.nix @@ -4,7 +4,7 @@ stdenv.mkDerivation rec { pname = "r8125"; # On update please verify (using `diff -r`) that the source matches the # realtek version. - version = "9.004.01"; + version = "9.011.01"; # This is a mirror. The original website[1] doesn't allow non-interactive # downloads, instead emailing you a download link. @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { owner = "louistakepillz"; repo = "r8125"; rev = version; - sha256 = "0h2y4mzydhc7var5281bk2jj1knig6i64k11ii4b94az3g9dbq24"; + sha256 = "sha256-QV1DKkWVtqcnuqgAdJnPpj6Z6ch+lw61zpouXKlyfqQ="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix b/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix index 3c19db40391..6a429a77c57 100644 --- a/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix +++ b/pkgs/os-specific/linux/raspberrypi-eeprom/default.nix @@ -1,5 +1,5 @@ { stdenvNoCC, lib, fetchFromGitHub, makeWrapper -, python3, binutils-unwrapped, findutils, kmod, pciutils, libraspberrypi +, python3, binutils-unwrapped, findutils, gawk, kmod, pciutils, libraspberrypi }: stdenvNoCC.mkDerivation rec { pname = "raspberrypi-eeprom"; @@ -40,6 +40,7 @@ stdenvNoCC.mkDerivation rec { --prefix PATH : "${lib.makeBinPath ([ binutils-unwrapped findutils + gawk kmod pciutils (placeholder "out") diff --git a/pkgs/os-specific/linux/rdma-core/default.nix b/pkgs/os-specific/linux/rdma-core/default.nix index 59cbc5d83a8..e400e5eba7d 100644 --- a/pkgs/os-specific/linux/rdma-core/default.nix +++ b/pkgs/os-specific/linux/rdma-core/default.nix @@ -26,6 +26,8 @@ stdenv.mkDerivation (finalAttrs: { strictDeps = true; + outputs = [ "out" "man" "dev" ]; + nativeBuildInputs = [ cmake docutils diff --git a/pkgs/os-specific/linux/rt-tests/default.nix b/pkgs/os-specific/linux/rt-tests/default.nix index 6185bf9912d..8e3a9b0ceb0 100644 --- a/pkgs/os-specific/linux/rt-tests/default.nix +++ b/pkgs/os-specific/linux/rt-tests/default.nix @@ -8,11 +8,11 @@ stdenv.mkDerivation rec { pname = "rt-tests"; - version = "2.5"; + version = "2.6"; src = fetchurl { url = "https://git.kernel.org/pub/scm/utils/rt-tests/rt-tests.git/snapshot/${pname}-${version}.tar.gz"; - sha256 = "sha256-LzN3YB3Lb7tjyEplrFaNYtiGwHUUTztZBsMrUndd2cU="; + sha256 = "sha256-apRJwRqcyzfmyGCCv5BDN92pKP3Nafa9SkxlZ+Bxrm0="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix b/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix index ecfd6a87e6b..50793167a34 100644 --- a/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix +++ b/pkgs/os-specific/linux/rtl8188eus-aircrack/default.nix @@ -1,14 +1,14 @@ -{ lib, stdenv, fetchFromGitHub, kernel, bc, fetchpatch }: +{ lib, stdenv, fetchFromGitHub, kernel, bc }: stdenv.mkDerivation { pname = "rtl8188eus-aircrack"; - version = "${kernel.version}-unstable-2022-03-19"; + version = "${kernel.version}-unstable-2023-09-21"; src = fetchFromGitHub { owner = "aircrack-ng"; repo = "rtl8188eus"; - rev = "0958f294f90b49d6bad4972b14f90676e5d858d3"; - sha256 = "sha256-dkCcwvOLxqU1IZ/OXTp67akjWgsaH1Cq4N8d9slMRI8="; + rev = "3fae7237ba121f1169e9a2ea55040dc123697d3b"; + sha256 = "sha256-ILSMEt9nMdg1ZbFeatWm8Yxf6a/E7Vm7KtKhN933KTc="; }; prePatch = '' @@ -18,13 +18,6 @@ stdenv.mkDerivation { --replace '$(MODDESTDIR)' "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" ''; - patches = [ - (fetchpatch { - url = "https://github.com/aircrack-ng/rtl8188eus/commit/daa3a2e12290050be3af956915939a55aed50d5f.patch"; - hash = "sha256-VsvaAhO74LzqUxbmdDT9qwVl6Y9lXfGfrHHK3SbnOVA="; - }) - ]; - hardeningDisable = [ "pic" ]; enableParallelBuilding = true; @@ -39,7 +32,7 @@ stdenv.mkDerivation { description = "RealTek RTL8188eus WiFi driver with monitor mode & frame injection support"; homepage = "https://github.com/aircrack-ng/rtl8188eus"; license = licenses.gpl2Only; - maintainers = with maintainers; [ fortuneteller2k ]; - broken = (lib.versionAtLeast kernel.version "5.17") || ((lib.versions.majorMinor kernel.version) == "5.4" && kernel.isHardened); + maintainers = with maintainers; [ moni ]; + broken = (lib.versionAtLeast kernel.version "6.6") || ((lib.versions.majorMinor kernel.version) == "5.4" && kernel.isHardened); }; } diff --git a/pkgs/os-specific/linux/rtl8812au/default.nix b/pkgs/os-specific/linux/rtl8812au/default.nix index 9646886a6de..adc197a1166 100644 --- a/pkgs/os-specific/linux/rtl8812au/default.nix +++ b/pkgs/os-specific/linux/rtl8812au/default.nix @@ -44,6 +44,6 @@ stdenv.mkDerivation { homepage = "https://github.com/morrownr/8812au-20210629"; license = licenses.gpl2Only; platforms = platforms.linux; - maintainers = with maintainers; [ fortuneteller2k ]; + maintainers = with maintainers; [ moni ]; }; } diff --git a/pkgs/os-specific/linux/rtl8821cu/default.nix b/pkgs/os-specific/linux/rtl8821cu/default.nix index d8518630107..806df9f6dd4 100644 --- a/pkgs/os-specific/linux/rtl8821cu/default.nix +++ b/pkgs/os-specific/linux/rtl8821cu/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "rtl8821cu"; - version = "${kernel.version}-unstable-2023-04-28"; + version = "${kernel.version}-unstable-2023-09-10"; src = fetchFromGitHub { owner = "morrownr"; repo = "8821cu-20210916"; - rev = "e49409f22ceea0d5b5ef431e6170580028b84c9d"; - hash = "sha256-mElZRr4RkRFiraBM8BxT8yesYgvDaj6xP+9T3P+0Ns4="; + rev = "f6d4598290c5e9c8e545130e8a31d130f6d135f4"; + hash = "sha256-jpMf8K9diJ3mbEkP9Cp+VwairK+pwiEGU/AtUIouCqM="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/rtl88x2bu/default.nix b/pkgs/os-specific/linux/rtl88x2bu/default.nix index 2775b180188..73b098894b9 100644 --- a/pkgs/os-specific/linux/rtl88x2bu/default.nix +++ b/pkgs/os-specific/linux/rtl88x2bu/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation { pname = "rtl88x2bu"; - version = "${kernel.version}-unstable-2023-07-23"; + version = "${kernel.version}-unstable-2023-09-24"; src = fetchFromGitHub { owner = "morrownr"; repo = "88x2bu-20210702"; - rev = "83db18e610845df9434a628ca3feb9004296b307"; - sha256 = "sha256-as3S7WQkug3suJ5ovUbRu/UzO5GDrGLdgkiWrCrvztk="; + rev = "888ba1b309e6258a736ef5c37a68836cd0ea5517"; + sha256 = "sha256-oLRGRKUNTmIw+Zn23TArGumo24AIH2YEMpnStyXBNw8="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/ryzenadj/default.nix b/pkgs/os-specific/linux/ryzenadj/default.nix index 9204121a8cf..0744ed2896f 100644 --- a/pkgs/os-specific/linux/ryzenadj/default.nix +++ b/pkgs/os-specific/linux/ryzenadj/default.nix @@ -1,13 +1,13 @@ { lib, stdenv, fetchFromGitHub, pciutils, cmake }: stdenv.mkDerivation rec { pname = "ryzenadj"; - version = "0.13.0"; + version = "0.14.0"; src = fetchFromGitHub { owner = "FlyGoat"; repo = "RyzenAdj"; rev = "v${version}"; - sha256 = "sha256-n/LHFv14aDLbobeamOgDYBml1DgSGJmfmg/qff78i4c="; + sha256 = "sha256-Lqq4LNRmqQyeIJfr/+tYdKMEk+P54VnwZAQZcE0ev8Y="; }; nativeBuildInputs = [ pciutils cmake ]; @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { description = "Adjust power management settings for Ryzen Mobile Processors."; homepage = "https://github.com/FlyGoat/RyzenAdj"; license = licenses.lgpl3Only; - maintainers = with maintainers; [ ]; + maintainers = with maintainers; [ rhendric ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index f0e2c281aa5..38fec65b333 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -1,9 +1,9 @@ { lib, stdenv, fetchFromGitHub -, runtimeShell, nixosTests, fetchpatch +, runtimeShell, nixosTests , autoreconfHook, bison, flex , docbook_xml_dtd_45, docbook_xsl -, itstool , libxml2, libxslt -, libxcrypt +, itstool, libbsd, libxml2, libxslt +, libxcrypt, pkg-config , glibcCross ? null , pam ? null , withTcb ? lib.meta.availableOn stdenv.hostPlatform tcb, tcb @@ -17,13 +17,13 @@ in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.13"; + version = "4.14.1"; src = fetchFromGitHub { owner = "shadow-maint"; repo = pname; rev = version; - sha256 = "sha256-L54DhdBYthfB9436t/XWXiqKhW7rfd0GLS7pYGB32rA="; + hash = "sha256-DzPPnttnJSOMQwXWyFcz6fEtjwBC3p2PpZpBAQ/Ew18="; }; outputs = [ "out" "su" "dev" "man" ]; @@ -34,9 +34,10 @@ stdenv.mkDerivation rec { autoreconfHook bison flex docbook_xml_dtd_45 docbook_xsl itstool libxml2 libxslt + pkg-config ]; - buildInputs = [ libxcrypt ] + buildInputs = [ libbsd libxcrypt ] ++ lib.optional (pam != null && stdenv.isLinux) pam ++ lib.optional withTcb tcb; @@ -46,11 +47,6 @@ stdenv.mkDerivation rec { ./respect-xml-catalog-files-var.patch ./runtime-shell.patch ./fix-install-with-tcb.patch - # Fix HAVE_SHADOWGRP configure check - (fetchpatch { - url = "https://github.com/shadow-maint/shadow/commit/a281f241b592aec636d1b93a99e764499d68c7ef.patch"; - sha256 = "sha256-GJWg/8ggTnrbIgjI+HYa26DdVbjTHTk/IHhy7GU9G5w="; - }) ]; # The nix daemon often forbids even creating set[ug]id files. diff --git a/pkgs/os-specific/linux/sssd/default.nix b/pkgs/os-specific/linux/sssd/default.nix index 96a3ace57d2..62db758c7aa 100644 --- a/pkgs/os-specific/linux/sssd/default.nix +++ b/pkgs/os-specific/linux/sssd/default.nix @@ -5,21 +5,21 @@ libuuid, systemd, nspr, check, cmocka, uid_wrapper, p11-kit, nss_wrapper, ncurses, Po4a, http-parser, jansson, jose, docbook_xsl, docbook_xml_dtd_44, - nixosTests, + testers, nix-update-script, nixosTests, withSudo ? false }: let docbookFiles = "${docbook_xsl}/share/xml/docbook-xsl/catalog.xml:${docbook_xml_dtd_44}/xml/dtd/docbook/catalog.xml"; in -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "sssd"; - version = "2.9.1"; + version = "2.9.3"; src = fetchFromGitHub { owner = "SSSD"; - repo = pname; - rev = version; - sha256 = "sha256-OafSo28MN92py33foE8oMkPUmV9WUUOkKWJgm0i7MJU="; + repo = "sssd"; + rev = "refs/tags/${finalAttrs.version}"; + hash = "sha256-WTVOt2TpTCyMmFYzWJMBQdwgmov7m1Sd8CwyL4ywPUY="; }; postPatch = '' @@ -96,14 +96,23 @@ stdenv.mkDerivation rec { done ''; - passthru.tests = { inherit (nixosTests) sssd sssd-ldap; }; + passthru = { + tests = { + inherit (nixosTests) sssd sssd-ldap; + version = testers.testVersion { + package = finalAttrs.finalPackage; + command = "sssd --version"; + }; + }; + updateScript = nix-update-script { }; + }; meta = with lib; { description = "System Security Services Daemon"; homepage = "https://sssd.io/"; - changelog = "https://sssd.io/release-notes/sssd-${version}.html"; + changelog = "https://sssd.io/release-notes/sssd-${finalAttrs.version}.html"; license = licenses.gpl3Plus; platforms = platforms.linux; maintainers = with maintainers; [ illustris ]; }; -} +}) diff --git a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch index a5cb7ba6bf7..104a9dad959 100644 --- a/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch +++ b/pkgs/os-specific/linux/systemd/0001-Start-device-units-for-uninitialised-encrypted-devic.patch @@ -13,7 +13,7 @@ unit. (However, this ignores the fsck unit, so it's not perfect...) 1 file changed, 4 deletions(-) diff --git a/rules.d/99-systemd.rules.in b/rules.d/99-systemd.rules.in -index 3dbba1f850..40d367d1c8 100644 +index c0defc31de..8f80235731 100644 --- a/rules.d/99-systemd.rules.in +++ b/rules.d/99-systemd.rules.in @@ -20,10 +20,6 @@ SUBSYSTEM=="block", TAG+="systemd" diff --git a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch index 138823ec68f..dda8524c498 100644 --- a/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch +++ b/pkgs/os-specific/linux/systemd/0002-Don-t-try-to-unmount-nix-or-nix-store.patch @@ -1,21 +1,23 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Eelco Dolstra <eelco.dolstra@logicblox.com> -Date: Fri, 12 Apr 2013 13:16:57 +0200 +From: Raito Bezarius <masterancpp@gmail.com> +Date: Mon, 19 Jun 2023 02:11:35 +0200 Subject: [PATCH] Don't try to unmount /nix or /nix/store They'll still be remounted read-only. https://github.com/NixOS/nixos/issues/126 + +Original-Author: Eelco Dolstra <eelco.dolstra@logicblox.com> --- src/shared/fstab-util.c | 2 ++ - src/shutdown/umount.c | 2 ++ - 2 files changed, 4 insertions(+) + src/shutdown/umount.c | 6 ++++-- + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/shared/fstab-util.c b/src/shared/fstab-util.c -index 164e71a150..68e0766594 100644 +index 4ffec25c75..b99031c54e 100644 --- a/src/shared/fstab-util.c +++ b/src/shared/fstab-util.c -@@ -41,6 +41,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) { +@@ -43,6 +43,8 @@ bool fstab_is_extrinsic(const char *mount, const char *opts) { /* Don't bother with the OS data itself */ if (PATH_IN_SET(mount, "/", @@ -25,15 +27,19 @@ index 164e71a150..68e0766594 100644 "/etc")) return true; diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c -index 61bd9d2601..a6243da417 100644 +index 1586c2e214..fcae95f824 100644 --- a/src/shutdown/umount.c +++ b/src/shutdown/umount.c -@@ -531,6 +531,8 @@ static int delete_md(MountPoint *m) { - +@@ -170,8 +170,10 @@ int mount_points_list_get(const char *mountinfo, MountPoint **head) { static bool nonunmountable_path(const char *path) { - return path_equal(path, "/") + assert(path); + +- return PATH_IN_SET(path, "/", "/usr") || +- path_startswith(path, "/run/initramfs"); ++ return PATH_IN_SET(path, "/", "/usr") + || path_equal(path, "/nix") + || path_equal(path, "/nix/store") - #if ! HAVE_SPLIT_USR - || path_equal(path, "/usr") - #endif ++ || path_startswith(path, "/run/initramfs"); + } + + static void log_umount_blockers(const char *mnt) { diff --git a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch index 08499a22834..2d86d1e6957 100644 --- a/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch +++ b/pkgs/os-specific/linux/systemd/0003-Fix-NixOS-containers.patch @@ -10,10 +10,10 @@ container, so checking early whether it exists will fail. 1 file changed, 2 insertions(+) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index 3dabe12672..e5aa4feb1e 100644 +index e170958fc5..898a674631 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -5638,6 +5638,7 @@ static int run(int argc, char *argv[]) { +@@ -5648,6 +5648,7 @@ static int run(int argc, char *argv[]) { goto finish; } } else { @@ -21,7 +21,7 @@ index 3dabe12672..e5aa4feb1e 100644 _cleanup_free_ char *p = NULL; if (arg_pivot_root_new) -@@ -5652,6 +5653,7 @@ static int run(int argc, char *argv[]) { +@@ -5662,6 +5663,7 @@ static int run(int argc, char *argv[]) { "Directory %s doesn't look like it has an OS tree (/usr/ directory is missing). Refusing.", arg_directory); goto finish; } diff --git a/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch index b4a0da30c8f..c905a4d812a 100644 --- a/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0004-Add-some-NixOS-specific-unit-directories.patch @@ -1,6 +1,6 @@ From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Eelco Dolstra <eelco.dolstra@logicblox.com> -Date: Fri, 19 Dec 2014 14:46:17 +0100 +From: Raito Bezarius <masterancpp@gmail.com> +Date: Mon, 19 Jun 2023 02:13:42 +0200 Subject: [PATCH] Add some NixOS-specific unit directories Look in `/nix/var/nix/profiles/default/lib/systemd/{system,user}` for @@ -8,13 +8,15 @@ units provided by packages installed into the default profile via `nix-env -iA nixos.$package`. Also, remove /usr and /lib as these don't exist on NixOS. + +Original-Author: Eelco Dolstra <eelco.dolstra@logicblox.com> --- src/basic/path-lookup.c | 17 ++--------------- src/core/systemd.pc.in | 8 ++++---- 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c -index c99e9d8786..b9f85d1f8c 100644 +index 7d158a8295..f9bd62b631 100644 --- a/src/basic/path-lookup.c +++ b/src/basic/path-lookup.c @@ -92,11 +92,7 @@ int xdg_user_data_dir(char **ret, const char *suffix) { @@ -62,35 +64,37 @@ index c99e9d8786..b9f85d1f8c 100644 STRV_IFNOTNULL(generator_late)); break; -@@ -808,7 +799,6 @@ char **generator_binary_paths(LookupScope scope) { - case LOOKUP_SCOPE_SYSTEM: +@@ -808,7 +799,6 @@ char **generator_binary_paths(RuntimeScope scope) { + case RUNTIME_SCOPE_SYSTEM: add = strv_new("/run/systemd/system-generators", "/etc/systemd/system-generators", - "/usr/local/lib/systemd/system-generators", SYSTEM_GENERATOR_DIR); break; -@@ -816,7 +806,6 @@ char **generator_binary_paths(LookupScope scope) { - case LOOKUP_SCOPE_USER: +@@ -816,7 +806,6 @@ char **generator_binary_paths(RuntimeScope scope) { + case RUNTIME_SCOPE_USER: add = strv_new("/run/systemd/user-generators", "/etc/systemd/user-generators", - "/usr/local/lib/systemd/user-generators", USER_GENERATOR_DIR); break; -@@ -855,12 +844,10 @@ char **env_generator_binary_paths(bool is_system) { - if (is_system) +@@ -855,14 +844,12 @@ char **env_generator_binary_paths(RuntimeScope runtime_scope) { + case RUNTIME_SCOPE_SYSTEM: add = strv_new("/run/systemd/system-environment-generators", "/etc/systemd/system-environment-generators", - "/usr/local/lib/systemd/system-environment-generators", SYSTEM_ENV_GENERATOR_DIR); - else + break; + + case RUNTIME_SCOPE_USER: add = strv_new("/run/systemd/user-environment-generators", "/etc/systemd/user-environment-generators", - "/usr/local/lib/systemd/user-environment-generators", USER_ENV_GENERATOR_DIR); + break; - if (!add) diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in index 693433b34b..5932a21b5b 100644 --- a/src/core/systemd.pc.in diff --git a/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch b/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch index e9f73d7c772..0a80d5ac4e8 100644 --- a/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch +++ b/pkgs/os-specific/linux/systemd/0005-Get-rid-of-a-useless-message-in-user-sessions.patch @@ -13,10 +13,10 @@ in containers. 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 4bc8a06bd2..342892490e 100644 +index 22ec6e79b1..771e8e7f16 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -1486,7 +1486,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { +@@ -1559,7 +1559,8 @@ static unsigned manager_dispatch_stop_when_bound_queue(Manager *m) { if (!unit_is_bound_by_inactive(u, &culprit)) continue; diff --git a/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch b/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch index 2c4c3f6564e..abc6c24dbf5 100644 --- a/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch +++ b/pkgs/os-specific/linux/systemd/0006-hostnamed-localed-timedated-disable-methods-that-cha.patch @@ -11,10 +11,10 @@ Subject: [PATCH] hostnamed, localed, timedated: disable methods that change 3 files changed, 25 insertions(+) diff --git a/src/hostname/hostnamed.c b/src/hostname/hostnamed.c -index 36ab0148b9..7d458d196d 100644 +index 9ef45f8e75..99b1ec2e36 100644 --- a/src/hostname/hostnamed.c +++ b/src/hostname/hostnamed.c -@@ -1028,6 +1028,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ +@@ -1053,6 +1053,9 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_ if (r < 0) return r; @@ -24,7 +24,7 @@ index 36ab0148b9..7d458d196d 100644 name = empty_to_null(name); context_read_etc_hostname(c); -@@ -1091,6 +1094,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess +@@ -1116,6 +1119,9 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess if (r < 0) return r; @@ -35,10 +35,10 @@ index 36ab0148b9..7d458d196d 100644 context_read_machine_info(c); diff --git a/src/locale/localed.c b/src/locale/localed.c -index 841e5e3e91..a21e34430b 100644 +index f544a73580..ce00c262cc 100644 --- a/src/locale/localed.c +++ b/src/locale/localed.c -@@ -264,6 +264,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er +@@ -229,6 +229,9 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er use_localegen = locale_gen_check_available(); @@ -48,7 +48,7 @@ index 841e5e3e91..a21e34430b 100644 /* If single locale without variable name is provided, then we assume it is LANG=. */ if (strv_length(l) == 1 && !strchr(l[0], '=')) { if (!locale_is_valid(l[0])) -@@ -382,6 +385,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro +@@ -347,6 +350,9 @@ static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_erro if (r < 0) return bus_log_parse_error(r); @@ -57,8 +57,8 @@ index 841e5e3e91..a21e34430b 100644 + vc_context_empty_to_null(&in); - FOREACH_STRING(name, in.keymap ?: in.toggle, in.keymap ? in.toggle : NULL) { -@@ -607,6 +613,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err + r = vc_context_verify_and_warn(&in, LOG_ERR, error); +@@ -465,6 +471,9 @@ static int method_set_x11_keyboard(sd_bus_message *m, void *userdata, sd_bus_err if (r < 0) return bus_log_parse_error(r); @@ -67,9 +67,9 @@ index 841e5e3e91..a21e34430b 100644 + x11_context_empty_to_null(&in); - if (!x11_context_is_safe(&in)) + r = x11_context_verify_and_warn(&in, LOG_ERR, error); diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c -index ad483301ef..31ed86955b 100644 +index ad1d492d6b..331af34505 100644 --- a/src/timedate/timedated.c +++ b/src/timedate/timedated.c @@ -665,6 +665,10 @@ static int method_set_timezone(sd_bus_message *m, void *userdata, sd_bus_error * diff --git a/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch b/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch index 300906be04d..3150d97be2e 100644 --- a/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch +++ b/pkgs/os-specific/linux/systemd/0008-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch @@ -35,10 +35,10 @@ index e486474c44..5f373d0723 100644 <literal>Etc/UTC</literal>. The resulting link should lead to the corresponding binary diff --git a/src/basic/time-util.c b/src/basic/time-util.c -index 0bea149324..4b16115d43 100644 +index 1db630003a..31744c3e68 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c -@@ -1283,7 +1283,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { +@@ -1350,7 +1350,7 @@ static int get_timezones_from_zone1970_tab(char ***ret) { assert(ret); @@ -47,16 +47,16 @@ index 0bea149324..4b16115d43 100644 if (!f) return -errno; -@@ -1322,7 +1322,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { - _cleanup_strv_free_ char **zones = NULL; - int r; +@@ -1391,7 +1391,7 @@ static int get_timezones_from_tzdata_zi(char ***ret) { + + assert(ret); - f = fopen("/usr/share/zoneinfo/tzdata.zi", "re"); + f = fopen("/etc/zoneinfo/tzdata.zi", "re"); if (!f) return -errno; -@@ -1434,7 +1434,7 @@ int verify_timezone(const char *name, int log_level) { +@@ -1503,7 +1503,7 @@ int verify_timezone(const char *name, int log_level) { if (p - name >= PATH_MAX) return -ENAMETOOLONG; @@ -65,7 +65,7 @@ index 0bea149324..4b16115d43 100644 fd = open(t, O_RDONLY|O_CLOEXEC); if (fd < 0) -@@ -1492,7 +1492,7 @@ int get_timezone(char **ret) { +@@ -1563,7 +1563,7 @@ int get_timezone(char **ret) { if (r < 0) return r; /* returns EINVAL if not a symlink */ @@ -75,23 +75,23 @@ index 0bea149324..4b16115d43 100644 return -EINVAL; diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c -index 9e79f84691..1a1c75718c 100644 +index 1956ab3b13..9ef356f8af 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c -@@ -512,7 +512,7 @@ static int process_timezone(void) { +@@ -630,7 +630,7 @@ static int process_timezone(int rfd) { if (isempty(arg_timezone)) return 0; - e = strjoina("../usr/share/zoneinfo/", arg_timezone); + e = strjoina("zoneinfo/", arg_timezone); - (void) mkdir_parents(etc_localtime, 0755); - r = symlink_atomic(e, etc_localtime); + r = symlinkat_atomic_full(e, pfd, f, /* make_relative= */ false); + if (r < 0) diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index e5aa4feb1e..a7a8fae860 100644 +index 898a674631..c41a416e04 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c -@@ -1918,8 +1918,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid +@@ -1924,8 +1924,8 @@ int userns_mkdir(const char *root, const char *path, mode_t mode, uid_t uid, gid static const char *timezone_from_path(const char *path) { return PATH_STARTSWITH_SET( path, @@ -103,7 +103,7 @@ index e5aa4feb1e..a7a8fae860 100644 static bool etc_writable(void) { diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c -index 31ed86955b..8db8d8c288 100644 +index 331af34505..722c4b5b4f 100644 --- a/src/timedate/timedated.c +++ b/src/timedate/timedated.c @@ -282,7 +282,7 @@ static int context_read_data(Context *c) { diff --git a/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch b/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch index fac9916cf3b..c0f6afd7fc7 100644 --- a/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch +++ b/pkgs/os-specific/linux/systemd/0009-localectl-use-etc-X11-xkb-for-list-x11.patch @@ -10,7 +10,7 @@ NixOS has an option to link the xkb data files to /etc/X11, but not to 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/locale/localectl.c b/src/locale/localectl.c -index fb83881cc7..c47a33134a 100644 +index d8db9d9d22..4601bb5431 100644 --- a/src/locale/localectl.c +++ b/src/locale/localectl.c @@ -297,7 +297,7 @@ static int list_x11_keymaps(int argc, char **argv, void *userdata) { diff --git a/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch b/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch index eec57111b91..b8f97308acf 100644 --- a/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch +++ b/pkgs/os-specific/linux/systemd/0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch @@ -8,10 +8,10 @@ Subject: [PATCH] build: don't create statedir and don't touch prefixdir 1 file changed, 3 deletions(-) diff --git a/meson.build b/meson.build -index b1f5477836..1a39484855 100644 +index 395eca1943..082cd748bb 100644 --- a/meson.build +++ b/meson.build -@@ -4278,9 +4278,6 @@ install_data('LICENSE.GPL2', +@@ -4707,9 +4707,6 @@ install_data('LICENSE.GPL2', install_subdir('LICENSES', install_dir : docdir) diff --git a/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch b/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch index 6e07928d5fb..fa201126ae2 100644 --- a/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch +++ b/pkgs/os-specific/linux/systemd/0011-add-rootprefix-to-lookup-dir-paths.patch @@ -12,10 +12,10 @@ files that I might have missed. 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/basic/constants.h b/src/basic/constants.h -index 5d68cc6332..33c06c1f65 100644 +index 3f96786da9..6e8fb40c08 100644 --- a/src/basic/constants.h +++ b/src/basic/constants.h -@@ -73,13 +73,15 @@ +@@ -74,13 +74,15 @@ "/run/" n "\0" \ "/usr/local/lib/" n "\0" \ "/usr/lib/" n "\0" \ diff --git a/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch b/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch index 9d0565a6e76..fde1e2b276c 100644 --- a/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch +++ b/pkgs/os-specific/linux/systemd/0012-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch @@ -10,10 +10,10 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/shutdown/shutdown.c b/src/shutdown/shutdown.c -index 5dee1b3a92..c08cf80548 100644 +index 8395bb429d..14fbc85bb4 100644 --- a/src/shutdown/shutdown.c +++ b/src/shutdown/shutdown.c -@@ -339,6 +339,7 @@ static void init_watchdog(void) { +@@ -334,6 +334,7 @@ static void init_watchdog(void) { int main(int argc, char *argv[]) { static const char* const dirs[] = { SYSTEM_SHUTDOWN_PATH, diff --git a/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch b/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch index 5fa3fb14f1f..d91150cfc49 100644 --- a/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch +++ b/pkgs/os-specific/linux/systemd/0013-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch @@ -9,10 +9,10 @@ This is needed for NixOS to use such scripts as systemd directory is immutable. 1 file changed, 1 insertion(+) diff --git a/src/sleep/sleep.c b/src/sleep/sleep.c -index 288fa4ae84..07deb19d7c 100644 +index de1f6c7ec1..d0cdebd80a 100644 --- a/src/sleep/sleep.c +++ b/src/sleep/sleep.c -@@ -186,6 +186,7 @@ static int execute( +@@ -224,6 +224,7 @@ static int execute( }; static const char* const dirs[] = { SYSTEM_SLEEP_PATH, diff --git a/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch b/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch index b3d1db340ef..13dec1070ff 100644 --- a/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch +++ b/pkgs/os-specific/linux/systemd/0014-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch @@ -10,10 +10,10 @@ systemd itself uses extensively. 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/basic/path-util.h b/src/basic/path-util.h -index 56f01f41d8..f9b8627388 100644 +index 97175bee11..3839704901 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h -@@ -24,11 +24,11 @@ +@@ -25,11 +25,11 @@ # define PATH_SBIN_BIN_NULSTR(x) PATH_NORMAL_SBIN_BIN_NULSTR(x) #endif diff --git a/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch b/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch index 0f67abe795c..d6640c87454 100644 --- a/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch +++ b/pkgs/os-specific/linux/systemd/0016-inherit-systemd-environment-when-calling-generators.patch @@ -16,10 +16,10 @@ executables that are being called from managers. 1 file changed, 8 insertions(+) diff --git a/src/core/manager.c b/src/core/manager.c -index 342892490e..1117251fe0 100644 +index 771e8e7f16..acf3ead8d7 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -3771,9 +3771,17 @@ static int build_generator_environment(Manager *m, char ***ret) { +@@ -3899,9 +3899,17 @@ static int build_generator_environment(Manager *m, char ***ret) { * adjust generated units to that. Let's pass down some bits of information that are easy for us to * determine (but a bit harder for generator scripts to determine), as environment variables. */ @@ -35,5 +35,5 @@ index 342892490e..1117251fe0 100644 return -ENOMEM; +#endif - r = strv_env_assign(&nl, "SYSTEMD_SCOPE", MANAGER_IS_SYSTEM(m) ? "system" : "user"); + r = strv_env_assign(&nl, "SYSTEMD_SCOPE", runtime_scope_to_string(m->runtime_scope)); if (r < 0) diff --git a/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch b/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch index f509eb39ece..73b237a2960 100644 --- a/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch +++ b/pkgs/os-specific/linux/systemd/0017-core-don-t-taint-on-unmerged-usr.patch @@ -17,10 +17,10 @@ See also: https://github.com/systemd/systemd/issues/24191 1 file changed, 4 deletions(-) diff --git a/src/core/manager.c b/src/core/manager.c -index 1117251fe0..bf5600a6cf 100644 +index acf3ead8d7..bdbab16829 100644 --- a/src/core/manager.c +++ b/src/core/manager.c -@@ -4617,10 +4617,6 @@ char* manager_taint_string(const Manager *m) { +@@ -4754,10 +4754,6 @@ char* manager_taint_string(const Manager *m) { if (m->taint_usr) stage[n++] = "split-usr"; diff --git a/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch b/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch index 8d6eab5ed84..6de01a0ae80 100644 --- a/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch +++ b/pkgs/os-specific/linux/systemd/0018-tpm2_context_init-fix-driver-name-checking.patch @@ -27,10 +27,10 @@ filename_is_valid with path_is_valid. 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c -index 4345b95106..424a334df1 100644 +index ae8a8bc073..c284b244f8 100644 --- a/src/shared/tpm2-util.c +++ b/src/shared/tpm2-util.c -@@ -176,7 +176,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) { +@@ -582,7 +582,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) { fn = strjoina("libtss2-tcti-", driver, ".so.0"); /* Better safe than sorry, let's refuse strings that cannot possibly be valid driver early, before going to disk. */ diff --git a/pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch b/pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch deleted file mode 100644 index 84fc6528b98..00000000000 --- a/pkgs/os-specific/linux/systemd/0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch +++ /dev/null @@ -1,46 +0,0 @@ -From bc0f378a1149b59e88e9345e579d62fec7f50cdf Mon Sep 17 00:00:00 2001 -From: Arian van Putten <arian.vanputten@gmail.com> -Date: Wed, 31 May 2023 13:27:13 +0200 -Subject: [PATCH] bootctl: also print efi files not owned by systemd in status - -We should not skip over unknown entries in EFI/BOOT/ but -also print them out in status so people are aware that they are there. - -(cherry picked from commit a680d4fb87bad829989949e5ea4fc6db90453456) ---- - src/boot/bootctl-status.c | 11 +++++------ - 1 file changed, 5 insertions(+), 6 deletions(-) - -diff --git a/src/boot/bootctl-status.c b/src/boot/bootctl-status.c -index 2e2bf1f7e1..f1ac4a9c8a 100644 ---- a/src/boot/bootctl-status.c -+++ b/src/boot/bootctl-status.c -@@ -225,9 +225,8 @@ static int enumerate_binaries( - return log_error_errno(errno, "Failed to open file '%s' for reading: %m", filename); - - r = get_file_version(fd, &v); -- if (r == -ESRCH) /* Not the file we are looking for. */ -- continue; -- if (r < 0) -+ -+ if (r < 0 && r != -ESRCH) - return r; - - if (*previous) { /* Let's output the previous entry now, since now we know that there will be -@@ -242,10 +241,10 @@ static int enumerate_binaries( - /* Do not output this entry immediately, but store what should be printed in a state - * variable, because we only will know the tree glyph to print (branch or final edge) once we - * read one more entry */ -- if (r > 0) -- r = asprintf(previous, "/%s/%s (%s%s%s)", path, de->d_name, ansi_highlight(), v, ansi_normal()); -- else -+ if (r == -ESRCH) /* No systemd-owned file but still interesting to print */ - r = asprintf(previous, "/%s/%s", path, de->d_name); -+ else /* if (r >= 0) */ -+ r = asprintf(previous, "/%s/%s (%s%s%s)", path, de->d_name, ansi_highlight(), v, ansi_normal()); - if (r < 0) - return log_oom(); - --- -2.39.2 (Apple Git-143) - diff --git a/pkgs/os-specific/linux/systemd/0019-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch b/pkgs/os-specific/linux/systemd/0019-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch new file mode 100644 index 00000000000..dd9af6738c4 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0019-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch @@ -0,0 +1,45 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Maximilian Bosch <maximilian@mbosch.me> +Date: Fri, 1 Sep 2023 09:57:02 +0200 +Subject: [PATCH] systemctl-edit: suggest `systemdctl edit --runtime` on system + scope + +This is a NixOS-specific change. When trying to modify a unit with +`systemctl edit` on NixOS, it'll fail with "Read-only file system": + + $ systemctl edit libvirtd + Failed to open "/etc/systemd/system/libvirtd.service.d/.#override.conffa9825a0c9a249eb": Read-only file system + +This is because `/etc/systemd/system` is a symlink into the store. In +fact, I'd consider this a feature rather than a bug since this ensures I +don't introduce state imperatively. + +However, people wrongly assume that it's not possible to edit units +ad-hoc and re-deploy their system for quick&dirty debugging where this +would be absolutely fine (and doable with `--runtime` which adds a +transient and non-persistent unit override in `/run`). + +To make sure that people learn about it quicker, this patch +throws an error which suggests using `--runtime` when running +`systemctl edit` on the system scope. + +For the user scope this isn't needed because user-level unit overrides +are written into `$XDG_CONFIG_HOME/systemd/user`. +--- + src/systemctl/systemctl-edit.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/systemctl/systemctl-edit.c b/src/systemctl/systemctl-edit.c +index e3f25d52d5..81c9c6f6b7 100644 +--- a/src/systemctl/systemctl-edit.c ++++ b/src/systemctl/systemctl-edit.c +@@ -323,6 +323,9 @@ int verb_edit(int argc, char *argv[], void *userdata) { + sd_bus *bus; + int r; + ++ if (!arg_runtime && arg_runtime_scope == RUNTIME_SCOPE_SYSTEM) ++ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "The unit-directory '/etc/systemd/system' is read-only on NixOS, so it's not possible to edit system-units directly. Use 'systemctl edit --runtime' instead."); ++ + if (!on_tty()) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Cannot edit units if not on a tty."); + diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 338f0c7463c..0311d46d1fc 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -55,7 +55,6 @@ , e2fsprogs , elfutils , linuxHeaders ? stdenv.cc.libc.linuxHeaders -, gnu-efi , iptables , withSelinux ? false , libselinux @@ -89,9 +88,11 @@ , withAnalyze ? true , withApparmor ? true , withAudit ? true +, withBootloader ? withEfi && !stdenv.hostPlatform.isMusl # compiles systemd-boot, assumes EFI is available. , withCompression ? true # adds bzip2, lz4, xz and zstd , withCoredump ? true , withCryptsetup ? true +, withRepart ? true , withDocumentation ? true , withEfi ? stdenv.hostPlatform.isEfi , withFido2 ? true @@ -116,13 +117,15 @@ , withNss ? !stdenv.hostPlatform.isMusl , withOomd ? true , withPam ? true +, withPasswordQuality ? false , withPCRE2 ? true , withPolkit ? true , withPortabled ? !stdenv.hostPlatform.isMusl , withRemote ? !stdenv.hostPlatform.isMusl , withResolved ? true , withShellCompletions ? true -, withSysusers ? false # conflicts with the NixOS user management +, withSysusers ? true +, withSysupdate ? true , withTimedated ? true , withTimesyncd ? true , withTpm2Tss ? true @@ -131,6 +134,8 @@ , withUtmp ? !stdenv.hostPlatform.isMusl # tests assume too much system access for them to be feasible for us right now , withTests ? false + # build only libudev and libsystemd +, buildLibsOnly ? false # name argument , pname ? "systemd" @@ -146,17 +151,21 @@ assert withCoredump -> withCompression; assert withHomed -> withCryptsetup; assert withHomed -> withPam; assert withUkify -> withEfi; +assert withRepart -> withCryptsetup; +assert withBootloader -> withEfi; +# passwdqc is not packaged in nixpkgs yet, if you want to fix this, please submit a PR. +assert !withPasswordQuality; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "253.6"; + version = "254.3"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: # $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \ # jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime' - releaseTimestamp = "1676488940"; + releaseTimestamp = "1690536449"; in stdenv.mkDerivation (finalAttrs: { inherit pname version; @@ -167,7 +176,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - hash = "sha256-LZs6QuBe23W643bTuz+MD2pzHiapsBJBHoFXi/QjzG4="; + hash = "sha256-ObnsAiKwhwEb4ti611eS/wGpg3Sss/pUy/gANPAbXbs="; }; # On major changes, or when otherwise required, you *must* reformat the patches, @@ -194,12 +203,20 @@ stdenv.mkDerivation (finalAttrs: { ./0016-inherit-systemd-environment-when-calling-generators.patch ./0017-core-don-t-taint-on-unmerged-usr.patch ./0018-tpm2_context_init-fix-driver-name-checking.patch - ./0019-bootctl-also-print-efi-files-not-owned-by-systemd-in.patch + ./0019-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch + + # Fix for `RuntimeError: ELF .dynamic section is missing.` + # https://github.com/systemd/systemd/issues/29381 + # https://github.com/systemd/systemd/pull/29392 + (fetchpatch { + url = "https://github.com/systemd/systemd/commit/cecbb162a3134b43d2ca160e13198c73ff34c3ef.patch"; + hash = "sha256-hWpUosTDA18mYm5nIb9KnjwOlnzbEHgzha/WpyHoC54="; + }) ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { - url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-f34f6ab04b443608497b73668365819343d0c2fe.tar.gz"; - sha256 = "DFcLPvjQIxGEDADpP232ZRd7cOEKt6B48Ah29nIGTt4="; + url = "https://git.openembedded.org/openembedded-core/snapshot/openembedded-core-eb8a86fee9eeae787cc0a58ef2ed087fd48d93eb.tar.gz"; + sha256 = "tE2KpXLvOknIpEZFdOnNxvBmDvZrra3kvQp9tKxa51c="; }; musl-patches = oe-core + "/meta/recipes-core/systemd/systemd"; in @@ -207,7 +224,6 @@ stdenv.mkDerivation (finalAttrs: { (musl-patches + "/0001-Adjust-for-musl-headers.patch") (musl-patches + "/0005-pass-correct-parameters-to-getdents64.patch") (musl-patches + "/0006-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch") - (musl-patches + "/0007-Add-sys-stat.h-for-S_IFDIR.patch") (musl-patches + "/0009-missing_type.h-add-comparison_fn_t.patch") (musl-patches + "/0010-add-fallback-parse_printf_format-implementation.patch") (musl-patches + "/0011-src-basic-missing.h-check-for-missing-strndupa.patch") @@ -223,32 +239,21 @@ stdenv.mkDerivation (finalAttrs: { (musl-patches + "/0022-Handle-__cpu_mask-usage.patch") (musl-patches + "/0023-Handle-missing-gshadow.patch") (musl-patches + "/0024-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch") - (musl-patches + "/0026-src-boot-efi-efi-string.c-define-wchar_t-from-__WCHA.patch") + (musl-patches + "/0028-sd-event-Make-malloc_trim-conditional-on-glibc.patch") + (musl-patches + "/0029-shared-Do-not-use-malloc_info-on-musl.patch") ] ); postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" - substituteInPlace src/boot/efi/meson.build \ - --replace \ - "run_command(cc.cmd_array(), '-print-prog-name=objcopy', check: true).stdout().strip()" \ - "'${stdenv.cc.bintools.targetPrefix}objcopy'" '' + lib.optionalString withLibBPF '' substituteInPlace meson.build \ --replace "find_program('clang'" "find_program('${stdenv.cc.targetPrefix}clang'" - # BPF does not work with stack protector - substituteInPlace src/core/bpf/meson.build \ - --replace "clang_flags = [" "clang_flags = [ '-fno-stack-protector'," '' + lib.optionalString withUkify '' substituteInPlace src/ukify/ukify.py \ --replace \ "'readelf'" \ "'${targetPackages.stdenv.cc.bintools.targetPrefix}readelf'" - # The objcopy dependency is removed in v254 - substituteInPlace src/ukify/ukify.py \ - --replace \ - "'objcopy'" \ - "'${targetPackages.stdenv.cc.bintools.targetPrefix}objcopy'" '' + ( let # The following patches references to dynamic libraries to ensure that @@ -325,6 +330,9 @@ stdenv.mkDerivation (finalAttrs: { # Support for PKCS#11 in systemd-cryptsetup, systemd-cryptenroll and systemd-homed { name = "libp11-kit.so.0"; pkg = opt (withHomed || withCryptsetup) p11-kit; } + + # Password quality support + { name = "libpasswdqc.so.1"; pkg = opt withPasswordQuality null; } ]; patchDlOpen = dl: @@ -374,7 +382,7 @@ stdenv.mkDerivation (finalAttrs: { patchShebangs tools test src/!(rpm|kernel-install|ukify) src/kernel-install/test-kernel-install.sh ''; - outputs = [ "out" "man" "dev" ]; + outputs = [ "out" "dev" ] ++ (lib.optional (!buildLibsOnly) "man"); nativeBuildInputs = [ @@ -395,7 +403,7 @@ stdenv.mkDerivation (finalAttrs: { docbook_xml_dtd_42 docbook_xml_dtd_45 bash - (buildPackages.python3Packages.python.withPackages (ps: with ps; [ lxml jinja2 ])) + (buildPackages.python3Packages.python.withPackages (ps: with ps; [ lxml jinja2 ] ++ lib.optional withEfi ps.pyelftools)) ] ++ lib.optionals withLibBPF [ bpftools @@ -422,7 +430,6 @@ stdenv.mkDerivation (finalAttrs: { ++ lib.optionals withCompression [ bzip2 lz4 xz zstd ] ++ lib.optional withCoredump elfutils ++ lib.optional withCryptsetup (lib.getDev cryptsetup.dev) - ++ lib.optional withEfi gnu-efi ++ lib.optional withKexectools kexec-tools ++ lib.optional withKmod kmod ++ lib.optional withLibidn2 libidn2 @@ -439,7 +446,7 @@ stdenv.mkDerivation (finalAttrs: { ++ lib.optional withUkify (python3Packages.python.withPackages (ps: with ps; [ pefile ])) ; - #dontAddPrefix = true; + mesonBuildType = "release"; mesonFlags = [ "-Dversion-tag=${version}" @@ -485,7 +492,6 @@ stdenv.mkDerivation (finalAttrs: { "-Dportabled=${lib.boolToString withPortabled}" "-Dhwdb=${lib.boolToString withHwdb}" "-Dremote=${lib.boolToString withRemote}" - "-Dsysusers=false" "-Dtimedated=${lib.boolToString withTimedated}" "-Dtimesyncd=${lib.boolToString withTimesyncd}" "-Duserdb=${lib.boolToString withUserDb}" @@ -498,6 +504,8 @@ stdenv.mkDerivation (finalAttrs: { "-Dlibidn2=${lib.boolToString withLibidn2}" "-Dfirstboot=${lib.boolToString withFirstboot}" "-Dsysusers=${lib.boolToString withSysusers}" + "-Drepart=${lib.boolToString withRepart}" + "-Dsysupdate=${lib.boolToString withSysupdate}" "-Dquotacheck=false" "-Dldconfig=false" "-Dsmack=true" @@ -537,12 +545,9 @@ stdenv.mkDerivation (finalAttrs: { "-Dman=true" "-Defi=${lib.boolToString withEfi}" - "-Dgnu-efi=${lib.boolToString withEfi}" + "-Dbootloader=${lib.boolToString withBootloader}" "-Dukify=${lib.boolToString withUkify}" - ] ++ lib.optionals withEfi [ - "-Defi-libdir=${toString gnu-efi}/lib" - "-Defi-includedir=${toString gnu-efi}/include/efi" ] ++ lib.optionals (withShellCompletions == false) [ "-Dbashcompletiondir=no" "-Dzshcompletiondir=no" @@ -586,6 +591,7 @@ stdenv.mkDerivation (finalAttrs: { where = [ "man/systemd-analyze.xml" "man/systemd.service.xml" + "man/systemd-run.xml" "src/analyze/test-verify.c" "src/test/test-env-file.c" "src/test/test-fileio.c" @@ -595,7 +601,7 @@ stdenv.mkDerivation (finalAttrs: { { search = "/bin/cat"; replacement = "${coreutils}/bin/cat"; - where = [ "test/create-busybox-container" "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; + where = [ "test/test-execute/exec-noexecpaths-simple.service" "src/journal/cat.c" ]; } { search = "/usr/lib/systemd/systemd-fsck"; @@ -701,7 +707,9 @@ stdenv.mkDerivation (finalAttrs: { export DESTDIR=/ ''; - postInstall = '' + mesonInstallTags = lib.optionals buildLibsOnly [ "devel" "libudev" "libsystemd" ]; + + postInstall = lib.optionalString (!buildLibsOnly) '' mkdir -p $out/example/systemd mv $out/lib/{binfmt.d,sysctl.d,tmpfiles.d} $out/example mv $out/lib/systemd/{system,user} $out/example/systemd @@ -719,8 +727,10 @@ stdenv.mkDerivation (finalAttrs: { find $out -name "*kernel-install*" -exec rm {} \; '' + lib.optionalString (!withDocumentation) '' rm -rf $out/share/doc - '' + lib.optionalString withKmod '' + '' + lib.optionalString (withKmod && !buildLibsOnly) '' mv $out/lib/modules-load.d $out/example + '' + lib.optionalString withSysusers '' + mv $out/lib/sysusers.d $out/example ''; # Avoid *.EFI binary stripping. At least on aarch64-linux strip @@ -728,7 +738,7 @@ stdenv.mkDerivation (finalAttrs: { # https://github.com/NixOS/nixpkgs/issues/169693 # The hack is to move EFI file out of lib/ before doStrip # run and return it after doStrip run. - preFixup = lib.optionalString withEfi '' + preFixup = lib.optionalString withBootloader '' mv $out/lib/systemd/boot/efi $out/dont-strip-me ''; @@ -738,13 +748,13 @@ stdenv.mkDerivation (finalAttrs: { # This needs to be in LD_LIBRARY_PATH because rpath on a binary is not propagated to libraries using dlopen, in this case `libcryptsetup.so` wrapProgram $out/$f --prefix LD_LIBRARY_PATH : ${placeholder "out"}/lib/cryptsetup done - '' + lib.optionalString withEfi '' + '' + lib.optionalString withBootloader '' mv $out/dont-strip-me $out/lib/systemd/boot/efi '' + lib.optionalString withUkify '' # To cross compile a derivation that builds a UKI with ukify, we need to wrap # ukify with the correct binutils. When wrapping, no splicing happens so we # have to explicitly pull binutils from targetPackages. - wrapProgram $out/lib/systemd/ukify --set PATH ${lib.makeBinPath [ targetPackages.stdenv.cc.bintools ] } + wrapProgram $out/lib/systemd/ukify --prefix PATH : ${lib.makeBinPath [ targetPackages.stdenv.cc.bintools ] }:${placeholder "out"}/lib/systemd ''; disallowedReferences = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) @@ -777,6 +787,6 @@ stdenv.mkDerivation (finalAttrs: { # https://github.com/systemd/systemd/issues/20600#issuecomment-912338965 broken = stdenv.hostPlatform.isStatic; priority = 10; - maintainers = with maintainers; [ flokli kloenk mic92 ]; + maintainers = with maintainers; [ flokli kloenk ]; }; }) diff --git a/pkgs/os-specific/linux/tailor-gui/default.nix b/pkgs/os-specific/linux/tailor-gui/default.nix new file mode 100644 index 00000000000..ecbec75fd82 --- /dev/null +++ b/pkgs/os-specific/linux/tailor-gui/default.nix @@ -0,0 +1,60 @@ +{ stdenv +, lib +, rustPlatform +, cargo +, rustc +, pkg-config +, desktop-file-utils +, appstream-glib +, wrapGAppsHook4 +, meson +, ninja +, libadwaita +, gtk4 +, tuxedo-rs +}: +let + src = tuxedo-rs.src; + sourceRoot = "source/tailor_gui"; + pname = "tailor_gui"; + version = tuxedo-rs.version; +in +stdenv.mkDerivation { + + inherit src sourceRoot pname version; + + cargoDeps = rustPlatform.fetchCargoTarball { + inherit src sourceRoot; + name = "${pname}-${version}"; + hash = "sha256-mt4YQ0iB/Mlnm+o9sGgYVEdbxjF7qArxA5FIK4MAZ8M="; + }; + + nativeBuildInputs = [ + rustPlatform.cargoSetupHook + pkg-config + desktop-file-utils + appstream-glib + wrapGAppsHook4 + ]; + + buildInputs = [ + cargo + rustc + meson + ninja + libadwaita + gtk4 + ]; + + meta = with lib; { + description = "Rust GUI for interacting with hardware from TUXEDO Computers"; + longDescription = '' + An alternative to the TUXEDO Control Center (https://www.tuxedocomputers.com/en/TUXEDO-Control-Center.tuxedo), + written in Rust. + ''; + homepage = "https://github.com/AaronErhardt/tuxedo-rs"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ mrcjkb ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/targetcli/default.nix b/pkgs/os-specific/linux/targetcli/default.nix index 381a1500662..f6bb705258f 100644 --- a/pkgs/os-specific/linux/targetcli/default.nix +++ b/pkgs/os-specific/linux/targetcli/default.nix @@ -1,14 +1,14 @@ -{ lib, python3, fetchFromGitHub }: +{ lib, python3, fetchFromGitHub, nixosTests }: python3.pkgs.buildPythonApplication rec { pname = "targetcli"; - version = "2.1.56"; + version = "2.1.57"; src = fetchFromGitHub { owner = "open-iscsi"; repo = "${pname}-fb"; rev = "v${version}"; - hash = "sha256-sWLwjfuy9WPnrGK0BxUGnNrhtGDoQyRFMY1OSlyxqs4="; + hash = "sha256-7JRNHKku9zTeSafL327hkM/E5EWTKqwPudCfmngvWuo="; }; propagatedBuildInputs = with python3.pkgs; [ configshell rtslib ]; @@ -18,6 +18,10 @@ python3.pkgs.buildPythonApplication rec { install -D targetclid.8 -t $out/share/man/man8/ ''; + passthru.tests = { + inherit (nixosTests) iscsi-root; + }; + meta = with lib; { description = "A command shell for managing the Linux LIO kernel target"; homepage = "https://github.com/open-iscsi/targetcli-fb"; diff --git a/pkgs/os-specific/linux/tinyalsa/default.nix b/pkgs/os-specific/linux/tinyalsa/default.nix deleted file mode 100644 index cae778227c7..00000000000 --- a/pkgs/os-specific/linux/tinyalsa/default.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ lib -, stdenv -, fetchFromGitHub -, cmake -}: - -stdenv.mkDerivation rec { - pname = "tinyalsa"; - version = "unstable-2022-06-05"; - - src = fetchFromGitHub { - owner = "tinyalsa"; - repo = "tinyalsa"; - rev = "3d70d227e7dfd1be6f8f420a5aae164a2b4126e0"; - hash = "sha256-RHeF3VShy+LYFtJK+AEU7swIr5/rnpg2fdllnH9cFCk="; - }; - - nativeBuildInputs = [ - cmake - ]; - - cmakeFlags = [ - "-DTINYALSA_USES_PLUGINS=ON" - ]; - - env.NIX_CFLAGS_COMPILE = toString [ - "-Wno-error=sign-compare" - ]; - - meta = with lib; { - homepage = "https://github.com/tinyalsa/tinyalsa"; - description = "Tiny library to interface with ALSA in the Linux kernel"; - license = licenses.mit; - maintainers = with maintainers; [ AndersonTorres ]; - platforms = with platforms; linux; - }; -} diff --git a/pkgs/os-specific/linux/tomb/default.nix b/pkgs/os-specific/linux/tomb/default.nix index af04476aa1d..9c97377cfe0 100644 --- a/pkgs/os-specific/linux/tomb/default.nix +++ b/pkgs/os-specific/linux/tomb/default.nix @@ -1,19 +1,37 @@ -{ stdenv, lib, fetchFromGitHub, makeWrapper -, gettext, zsh, pinentry, cryptsetup, gnupg, util-linux, e2fsprogs, sudo +{ stdenv +, lib +, fetchFromGitHub +, substituteAll +, makeWrapper +, zsh +, coreutils +, cryptsetup +, e2fsprogs +, file +, gawk +, getent +, gettext +, gnugrep +, gnupg +, libargon2 +, lsof +, pinentry +, util-linux +, nix-update-script }: stdenv.mkDerivation rec { pname = "tomb"; - version = "2.9"; + version = "2.10"; src = fetchFromGitHub { - owner = "dyne"; - repo = "Tomb"; - rev = "v${version}"; - sha256 = "0d6vmfcf4kd0p2bcljmdnyc2fmbwvar81cc472zx86r7yc3ih102"; + owner = "dyne"; + repo = "Tomb"; + rev = "refs/tags/v${version}"; + hash = "sha256-lLxQJX0P6b6lbXEcrq45EsX9iKiayZ9XkhqgMfpN3/w="; }; - buildInputs = [ sudo zsh pinentry ]; + buildInputs = [ zsh pinentry ]; nativeBuildInputs = [ makeWrapper ]; @@ -23,22 +41,39 @@ stdenv.mkDerivation rec { --replace 'TOMBEXEC=$0' 'TOMBEXEC=tomb' ''; - doInstallCheck = true; - installCheckPhase = "$out/bin/tomb -h"; - installPhase = '' - install -Dm755 tomb $out/bin/tomb + install -Dm755 tomb $out/bin/tomb install -Dm644 doc/tomb.1 $out/share/man/man1/tomb.1 wrapProgram $out/bin/tomb \ - --prefix PATH : $out/bin:${lib.makeBinPath [ cryptsetup gettext gnupg pinentry util-linux e2fsprogs ]} + --prefix PATH : $out/bin:${lib.makeBinPath [ + coreutils + cryptsetup + e2fsprogs + file + gawk + getent + gettext + gnugrep + gnupg + libargon2 + lsof + pinentry + util-linux + ]} ''; + passthru = { + updateScript = nix-update-script { }; + }; + meta = with lib; { description = "File encryption on GNU/Linux"; - homepage = "https://www.dyne.org/software/tomb/"; - license = licenses.gpl3; - maintainers = with maintainers; [ peterhoeg ]; - platforms = platforms.linux; + homepage = "https://www.dyne.org/software/tomb/"; + changelog = "https://github.com/dyne/Tomb/blob/v${version}/ChangeLog.md"; + license = licenses.gpl3Only; + mainProgram = "tomb"; + maintainers = with maintainers; [ peterhoeg anthonyroussel ]; + platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/trinity/default.nix b/pkgs/os-specific/linux/trinity/default.nix index 09a2d8bf638..e0ab2b2802f 100644 --- a/pkgs/os-specific/linux/trinity/default.nix +++ b/pkgs/os-specific/linux/trinity/default.nix @@ -1,25 +1,16 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch }: +{ lib, stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { pname = "trinity"; - version = "1.9"; + version = "1.9-unstable-2023-07-10"; src = fetchFromGitHub { owner = "kernelslacker"; repo = "trinity"; - rev = "v${version}"; - sha256 = "0z1a7x727xacam74jccd223k303sllgwpq30lnq9b6xxy8b659bv"; + rev = "e71872454d26baf37ae1d12e9b04a73d64179555"; + hash = "sha256-Zy+4L1CuB2Ul5iF+AokDkAW1wheDzoCTNkvRZFGRNps="; }; - patches = [ - # Pull upstream fix for -fno-common toolchains - (fetchpatch { - name = "fno-common.patch"; - url = "https://github.com/kernelslacker/trinity/commit/e53e25cc8dd5bdb5f7d9b4247de9e9921eec81d8.patch"; - sha256 = "0dbhyc98x11cmac6rj692zymnfqfqcbawlrkg1lhgfagzjxxwshg"; - }) - ]; - postPatch = '' patchShebangs configure patchShebangs scripts @@ -27,12 +18,12 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - makeFlags = [ "DESTDIR=$(out)" ]; + installFlags = [ "DESTDIR=$(out)" ]; meta = with lib; { description = "A Linux System call fuzz tester"; - homepage = "https://codemonkey.org.uk/projects/trinity/"; - license = licenses.gpl2; + homepage = "https://github.com/kernelslacker/trinity"; + license = licenses.gpl2Only; maintainers = [ maintainers.dezgeg ]; platforms = platforms.linux; }; diff --git a/pkgs/os-specific/linux/tuxedo-rs/default.nix b/pkgs/os-specific/linux/tuxedo-rs/default.nix new file mode 100644 index 00000000000..04c1518aab8 --- /dev/null +++ b/pkgs/os-specific/linux/tuxedo-rs/default.nix @@ -0,0 +1,47 @@ +{ lib +, fetchFromGitHub +, rustPlatform +}: +let + + # NOTE: This src is shared with tailor-gui. + # When updating, the tailor-gui.cargoDeps hash needs to be updated. + src = fetchFromGitHub { + owner = "AaronErhardt"; + repo = "tuxedo-rs"; + rev = "74b863e6dcb1ec2e6c8fb02c16bb6f23b59e67f6"; + hash = "sha256-Yujki2vGzaT8Ze5Usk8FPg8bn86MvyyPTiWuWwEw7Xs="; + }; + +in +rustPlatform.buildRustPackage { + pname = "tuxedo-rs"; + version = "0.2.3"; + + inherit src; + + # Some of the tests are impure and rely on files in /etc/tailord + doCheck = false; + + cargoHash = "sha256-uYt442u/BIzw/lBu18LrsJf5D46oUOFzBJ5pUjCpK6w="; + + postInstall = '' + install -Dm444 tailord/com.tux.Tailor.conf -t $out/share/dbus-1/system.d + ''; + + meta = with lib; { + description = "Rust utilities for interacting with hardware from TUXEDO Computers"; + longDescription = '' + An alternative to the TUXEDO Control Center daemon. + + Contains the following binaries: + - tailord: Daemon handling fan, keyboard and general HW support for Tuxedo laptops + - tailor: CLI + ''; + homepage = "https://github.com/AaronErhardt/tuxedo-rs"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ mrcjkb ]; + platforms = platforms.linux; + }; +} + diff --git a/pkgs/os-specific/linux/uclibc-ng/default.nix b/pkgs/os-specific/linux/uclibc-ng/default.nix deleted file mode 100644 index 43c9bbfa8f3..00000000000 --- a/pkgs/os-specific/linux/uclibc-ng/default.nix +++ /dev/null @@ -1,141 +0,0 @@ -{ lib -, stdenv -, buildPackages -, fetchurl -, linuxHeaders -, libiconvReal -, extraConfig ? "" -}: - -let - isCross = (stdenv.buildPlatform != stdenv.hostPlatform); - configParser = '' - function parseconfig { - set -x - while read LINE; do - NAME=`echo "$LINE" | cut -d \ -f 1` - OPTION=`echo "$LINE" | cut -d \ -f 2` - - if test -z "$NAME"; then - continue - fi - - echo "parseconfig: removing $NAME" - sed -i /^$NAME=/d .config - - #if test "$OPTION" != n; then - echo "parseconfig: setting $NAME=$OPTION" - echo "$NAME=$OPTION" >> .config - #fi - done - set +x - } - ''; - - # UCLIBC_SUSV4_LEGACY defines 'tmpnam', needed for gcc libstdc++ builds. - nixConfig = '' - RUNTIME_PREFIX "/" - DEVEL_PREFIX "/" - UCLIBC_HAS_WCHAR y - UCLIBC_HAS_FTW y - UCLIBC_HAS_RPC y - DO_C99_MATH y - UCLIBC_HAS_PROGRAM_INVOCATION_NAME y - UCLIBC_HAS_RESOLVER_SUPPORT y - UCLIBC_SUSV4_LEGACY y - UCLIBC_HAS_THREADS_NATIVE y - KERNEL_HEADERS "${linuxHeaders}/include" - '' + lib.optionalString (stdenv.hostPlatform.gcc.float or "" == "soft") '' - UCLIBC_HAS_FPU n - '' + lib.optionalString (stdenv.isAarch32 && isCross) '' - CONFIG_ARM_EABI y - ARCH_WANTS_BIG_ENDIAN n - ARCH_BIG_ENDIAN n - ARCH_WANTS_LITTLE_ENDIAN y - ARCH_LITTLE_ENDIAN y - UCLIBC_HAS_FPU n - ''; -in -stdenv.mkDerivation rec { - pname = "uclibc-ng"; - version = "1.0.44"; - - src = fetchurl { - url = "https://downloads.uclibc-ng.org/releases/${version}/uClibc-ng-${version}.tar.xz"; - sha256 = "sha256-ffnZh5VYJzgvHCQA2lE0Vr7Ltvhovf03c3Jl8cvuyZQ="; - }; - - # 'ftw' needed to build acl, a coreutils dependency - configurePhase = '' - make defconfig - ${configParser} - cat << EOF | parseconfig - ${nixConfig} - ${extraConfig} - ${stdenv.hostPlatform.uclibc.extraConfig or ""} - EOF - ( set +o pipefail; yes "" | make oldconfig ) - ''; - - hardeningDisable = [ "stackprotector" ]; - - # Cross stripping hurts. - dontStrip = isCross; - - depsBuildBuild = [ buildPackages.stdenv.cc ]; - - makeFlags = [ - "ARCH=${stdenv.hostPlatform.linuxArch}" - "TARGET_ARCH=${stdenv.hostPlatform.linuxArch}" - "VERBOSE=1" - ] ++ lib.optionals (isCross) [ - "CROSS=${stdenv.cc.targetPrefix}" - ]; - - # `make libpthread/nptl/sysdeps/unix/sysv/linux/lowlevelrwlock.h`: - # error: bits/sysnum.h: No such file or directory - enableParallelBuilding = false; - - installPhase = '' - runHook preInstall - - mkdir -p $out - make $makeFlags PREFIX=$out VERBOSE=1 install - (cd $out/include && ln -s $(ls -d ${linuxHeaders}/include/* | grep -v "scsi$") .) - # libpthread.so may not exist, so I do || true - sed -i s@/lib/@$out/lib/@g $out/lib/libc.so $out/lib/libpthread.so || true - - runHook postInstall - ''; - - meta = with lib; { - homepage = "https://uclibc-ng.org"; - description = "Embedded C library"; - longDescription = '' - uClibc-ng is a small C library for developing embedded Linux systems. It - is much smaller than the GNU C Library, but nearly all applications - supported by glibc also work perfectly with uClibc-ng. - - Porting applications from glibc to uClibc-ng typically involves just - recompiling the source code. uClibc-ng supports shared libraries and - threading. It currently runs on standard Linux and MMU-less (also known as - uClinux) systems with support for Aarch64, Alpha, ARC, ARM, AVR32, - Blackfin, CRIS, C-Sky, C6X, FR-V, H8/300, HPPA, i386, IA64, KVX, LM32, - M68K/Coldfire, Metag, Microblaze, MIPS, MIPS64, NDS32, NIOS2, OpenRISC, - PowerPC, RISCV64, Sparc, Sparc64, SuperH, Tile, X86_64 and XTENSA - processors. Alpha, FR-V, HPPA, IA64, LM32, NIOS2, Tile and Sparc64 are - experimental and need more testing. - ''; - license = licenses.lgpl2Plus; - maintainers = with maintainers; [ rasendubi AndersonTorres ]; - platforms = platforms.linux; - badPlatforms = platforms.aarch64; - }; - - passthru = { - # Derivations may check for the existance of this attribute, to know what to - # link to. - libiconv = libiconvReal; - }; - -} diff --git a/pkgs/os-specific/linux/udisks/2-default.nix b/pkgs/os-specific/linux/udisks/2-default.nix index 07a9ceaa517..11b2ed28fb3 100644 --- a/pkgs/os-specific/linux/udisks/2-default.nix +++ b/pkgs/os-specific/linux/udisks/2-default.nix @@ -8,13 +8,13 @@ stdenv.mkDerivation rec { pname = "udisks"; - version = "2.10.0"; + version = "2.10.1"; src = fetchFromGitHub { owner = "storaged-project"; repo = "udisks"; rev = "${pname}-${version}"; - sha256 = "sha256-M0L2MjVKv7VmtML/JZx0I8vNj+m6KDWGezvcwFqoTNI="; + sha256 = "sha256-L8jr1+SJWsCizkPXC8VKDy2eVa7/FpqdB8SkBYq6vwc="; }; outputs = [ "out" "man" "dev" ] ++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "devdoc"; diff --git a/pkgs/os-specific/linux/uhk-agent/default.nix b/pkgs/os-specific/linux/uhk-agent/default.nix index 19ac7fcd42b..5ee485b09cf 100644 --- a/pkgs/os-specific/linux/uhk-agent/default.nix +++ b/pkgs/os-specific/linux/uhk-agent/default.nix @@ -1,39 +1,73 @@ -{ appimageTools, lib, fetchurl }: +{ lib +, stdenvNoCC +, fetchurl +, appimageTools +, electron +, makeWrapper +, asar +, autoPatchelfHook +, libusb1 +}: + let pname = "uhk-agent"; - version = "3.0.2"; + version = "3.2.1"; + src = fetchurl { url = "https://github.com/UltimateHackingKeyboard/agent/releases/download/v${version}/UHK.Agent-${version}-linux-x86_64.AppImage"; name = "${pname}-${version}.AppImage"; - sha256 = "sha256-RrZ2J6bmk8VXVmpUi9bjqQRJBYjGIczMaSEG9aQ4U4I="; + sha256 = "sha256-qAZ92/iN5E+1KGPs6u9Bb6vLfi0Keog/yOcLtnRD7yc="; }; appimageContents = appimageTools.extract { name = "${pname}-${version}"; inherit src; }; -in appimageTools.wrapType2 { +in +stdenvNoCC.mkDerivation { inherit pname version src; - extraPkgs = pkgs: with pkgs; [ polkit udev ]; + dontUnpack = true; + + nativeBuildInputs = [ + asar + makeWrapper + autoPatchelfHook + ]; + + buildInputs = [ + libusb1 + ]; + + installPhase = '' + runHook preInstall + + mkdir -p "$out"/{opt,share/applications} + + cp -r --no-preserve=mode "${appimageContents}/resources" "$out/opt/${pname}" + cp -r --no-preserve=mode "${appimageContents}/usr/share/icons" "$out/share/icons" + cp -r --no-preserve=mode "${appimageContents}/${pname}.desktop" "$out/share/applications/${pname}.desktop" + + substituteInPlace "$out/share/applications/${pname}.desktop" \ + --replace "Exec=AppRun" "Exec=${pname}" + + asar extract "$out/opt/${pname}/app.asar" "$out/opt/${pname}/app.asar.unpacked" + rm "$out/opt/${pname}/app.asar" - extraInstallCommands = '' - mv $out/bin/${pname}-${version} $out/bin/${pname} + makeWrapper "${electron}/bin/electron" "$out/bin/${pname}" \ + --add-flags "$out/opt/${pname}/app.asar.unpacked" \ + --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \ + --set-default ELECTRON_IS_DEV 0 \ + --inherit-argv0 - install -m 444 -D ${appimageContents}/${pname}.desktop -t $out/share/applications - install -m 644 -D ${appimageContents}/resources/rules/50-uhk60.rules $out/rules/50-uhk60.rules - substituteInPlace $out/share/applications/${pname}.desktop \ - --replace 'Exec=AppRun' 'Exec=${pname}' - cp -r ${appimageContents}/usr/share/icons $out/share + runHook postInstall ''; - # wrapType2 does not passthru pname+version - passthru.version = version; meta = with lib; { description = "Agent is the configuration application of the Ultimate Hacking Keyboard"; homepage = "https://github.com/UltimateHackingKeyboard/agent"; license = licenses.unfreeRedistributable; - maintainers = with maintainers; [ ngiger ]; + maintainers = with maintainers; [ ngiger nickcao ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/os-specific/linux/uhk-udev-rules/default.nix b/pkgs/os-specific/linux/uhk-udev-rules/default.nix index bcb7799731f..1b68c46b657 100644 --- a/pkgs/os-specific/linux/uhk-udev-rules/default.nix +++ b/pkgs/os-specific/linux/uhk-udev-rules/default.nix @@ -8,7 +8,7 @@ stdenv.mkDerivation { dontBuild = true; installPhase = '' runHook preInstall - install -D -m 644 ${uhk-agent.out}/rules/50-uhk60.rules $out/lib/udev/rules.d/50-uhk60.rules + install -D -m 644 ${uhk-agent.out}/opt/uhk-agent/rules/50-uhk60.rules $out/lib/udev/rules.d/50-uhk60.rules runHook postInstall ''; diff --git a/pkgs/os-specific/linux/upower/default.nix b/pkgs/os-specific/linux/upower/default.nix index a002e1af889..36d8a3b9c45 100644 --- a/pkgs/os-specific/linux/upower/default.nix +++ b/pkgs/os-specific/linux/upower/default.nix @@ -24,7 +24,7 @@ , libimobiledevice , withDocs ? withIntrospection , mesonEmulatorHook -, withIntrospection ? stdenv.hostPlatform.emulatorAvailable buildPackages +, withIntrospection ? lib.meta.availableOn stdenv.hostPlatform gobject-introspection && stdenv.hostPlatform.emulatorAvailable buildPackages , buildPackages , gobject-introspection }: diff --git a/pkgs/os-specific/linux/usbrelay/default.nix b/pkgs/os-specific/linux/usbrelay/default.nix index 385f4da1142..670de2028c4 100644 --- a/pkgs/os-specific/linux/usbrelay/default.nix +++ b/pkgs/os-specific/linux/usbrelay/default.nix @@ -1,13 +1,13 @@ { stdenv, lib, fetchFromGitHub, hidapi, installShellFiles }: stdenv.mkDerivation (finalAttrs: { pname = "usbrelay"; - version = "1.2"; + version = "1.2.1"; src = fetchFromGitHub { owner = "darrylb123"; repo = "usbrelay"; rev = finalAttrs.version; - sha256 = "sha256-oJyHzbXOBKxLmPFZMS2jLF80frkiKjPJ89UwkenjIzs="; + sha256 = "sha256-9jEiMmBEpqY4+nKh3H8N/JrLohp/7oPK3rPmRjp2gvc="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/usbutils/default.nix b/pkgs/os-specific/linux/usbutils/default.nix index 20936fa7d49..cfd94bf33c4 100644 --- a/pkgs/os-specific/linux/usbutils/default.nix +++ b/pkgs/os-specific/linux/usbutils/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "usbutils"; - version = "015"; + version = "017"; src = fetchurl { url = "mirror://kernel/linux/utils/usb/usbutils/usbutils-${version}.tar.xz"; - sha256 = "sha256-w7RRux9P+fY1bKxaaVaprI6F2BZRr1ainmiflPpv2m4="; + hash = "sha256-pqJf/c+RA+ONekRzKsoXBz9OYCuS5K5VYlIxqCcC4Fs="; }; patches = [ diff --git a/pkgs/os-specific/linux/util-linux/bcachefs-patch-set.patch b/pkgs/os-specific/linux/util-linux/bcachefs-patch-set.patch new file mode 100644 index 00000000000..068744d4f32 --- /dev/null +++ b/pkgs/os-specific/linux/util-linux/bcachefs-patch-set.patch @@ -0,0 +1,277 @@ +commit 68564ebb50f8afab5a9527c534417e247cca0b27 +Author: Filipe Manana <fdmanana@kernel.org> +Date: Thu Aug 17 10:20:13 2023 +0100 + + libmount: Fix regression when mounting with atime + + A regression was introduced in v2.39 that causes mounting with the atime + option to fail: + + $ mkfs.ext4 -F /dev/sdi + $ mount -o atime /dev/sdi /mnt/sdi + mount: /mnt/sdi: not mount point or bad option. + dmesg(1) may have more information after failed mount system call. + + The failure comes from the mount_setattr(2) call returning -EINVAL. This + is because we pass an invalid value for the attr_clr argument. From a + strace capture we have: + + mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=0, attr_clr=MOUNT_ATTR_NOATIME, propagation=0 /* MS_??? */, userns_fd=0}, 32) = -1 EINVAL (Invalid argument) + + We can't pass MOUNT_ATTR_NOATIME to mount_setattr(2) through the attr_clr + argument because all atime options are exclusive, so in order to set atime + one has to pass MOUNT_ATTR__ATIME to attr_clr and leave attr_set as + MOUNT_ATTR_RELATIME (which is defined as a value of 0). + + This can be read from the man page for mount_setattr(2) and also from the + kernel source: + + $ cat fs/namespace.c + static int build_mount_kattr(const struct mount_attr *attr, size_t usize, + struct mount_kattr *kattr, unsigned int flags) + { + (...) + /* + * Since the MOUNT_ATTR_<atime> values are an enum, not a bitmap, + * users wanting to transition to a different atime setting cannot + * simply specify the atime setting in @attr_set, but must also + * specify MOUNT_ATTR__ATIME in the @attr_clr field. + * So ensure that MOUNT_ATTR__ATIME can't be partially set in + * @attr_clr and that @attr_set can't have any atime bits set if + * MOUNT_ATTR__ATIME isn't set in @attr_clr. + */ + if (attr->attr_clr & MOUNT_ATTR__ATIME) { + if ((attr->attr_clr & MOUNT_ATTR__ATIME) != MOUNT_ATTR__ATIME) + return -EINVAL; + + /* + * Clear all previous time settings as they are mutually + * exclusive. + */ + kattr->attr_clr |= MNT_RELATIME | MNT_NOATIME; + switch (attr->attr_set & MOUNT_ATTR__ATIME) { + case MOUNT_ATTR_RELATIME: + kattr->attr_set |= MNT_RELATIME; + break; + case MOUNT_ATTR_NOATIME: + kattr->attr_set |= MNT_NOATIME; + break; + case MOUNT_ATTR_STRICTATIME: + break; + default: + return -EINVAL; + } + (...) + + So fix this by setting attr_clr MOUNT_ATTR__ATIME if we want to clear any + atime related option. + + Signed-off-by: Filipe Manana <fdmanana@kernel.org> + +diff --git a/libmount/src/optlist.c b/libmount/src/optlist.c +index 1e962ec6d..0702adae7 100644 +--- a/libmount/src/optlist.c ++++ b/libmount/src/optlist.c +@@ -875,7 +875,18 @@ int mnt_optlist_get_attrs(struct libmnt_optlist *ls, uint64_t *set, uint64_t *cl + + if (opt->ent->mask & MNT_INVERT) { + DBG(OPTLIST, ul_debugobj(ls, " clr: %s", opt->ent->name)); +- *clr |= x; ++ /* ++ * All atime settings are mutually exclusive so *clr must ++ * have MOUNT_ATTR__ATIME set. ++ * ++ * See the function fs/namespace.c:build_mount_kattr() ++ * in the linux kernel source. ++ */ ++ if (x == MOUNT_ATTR_RELATIME || x == MOUNT_ATTR_NOATIME || ++ x == MOUNT_ATTR_STRICTATIME) ++ *clr |= MOUNT_ATTR__ATIME; ++ else ++ *clr |= x; + } else { + DBG(OPTLIST, ul_debugobj(ls, " set: %s", opt->ent->name)); + *set |= x; +diff --git a/tests/expected/libmount/context-mount-flags b/tests/expected/libmount/context-mount-flags +index 960641863..eb71323dd 100644 +--- a/tests/expected/libmount/context-mount-flags ++++ b/tests/expected/libmount/context-mount-flags +@@ -3,3 +3,6 @@ ro,nosuid,noexec + successfully mounted + rw,nosuid,noexec + successfully umounted ++successfully mounted ++rw,relatime ++successfully umounted +diff --git a/tests/ts/libmount/context b/tests/ts/libmount/context +index f5b47185e..a5d2e81a3 100755 +--- a/tests/ts/libmount/context ++++ b/tests/ts/libmount/context +@@ -116,8 +116,15 @@ $TS_CMD_FINDMNT --kernel --mountpoint $MOUNTPOINT -o VFS-OPTIONS -n >> $TS_OUTPU + + ts_run $TESTPROG --umount $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG + is_mounted $DEVICE && echo "$DEVICE still mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG +-ts_finalize_subtest + ++# Test that the atime option works after the migration to use the new kernel mount APIs. ++ts_run $TESTPROG --mount -o atime $DEVICE $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG ++$TS_CMD_FINDMNT --kernel --mountpoint $MOUNTPOINT -o VFS-OPTIONS -n >> $TS_OUTPUT 2>> $TS_ERRLOG ++is_mounted $DEVICE || echo "$DEVICE not mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG ++ts_run $TESTPROG --umount $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG ++is_mounted $DEVICE && echo "$DEVICE still mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG ++ ++ts_finalize_subtest + + ts_init_subtest "mount-loopdev" + mkdir -p $MOUNTPOINT &> /dev/null + +commit 1ec71634aa4ef5ddca23d65c8a296f3614231e8a +Author: Colin Gillespie <colin@cgillespie.xyz> +Date: Wed Aug 9 18:28:07 2023 +1000 + + libblkid: (bcachefs) fix not detecting large superblocks + + Probing does not detect bcachefs filesystems with a superblock larger + than 4KiB. Bcachefs superblocks grow in size and can become much larger + than this. + + Increase the superblock maximum size limit to 1MiB. + + Validate the superblock isn't larger than the maximum size defined in + the superblocks layout section. + + (cherry picked from commit 48d573797797650d96456979797c0155d58f61cb) + +diff --git a/libblkid/src/superblocks/bcache.c b/libblkid/src/superblocks/bcache.c +index 40e702d75..236877042 100644 +--- a/libblkid/src/superblocks/bcache.c ++++ b/libblkid/src/superblocks/bcache.c +@@ -102,6 +102,15 @@ union bcachefs_sb_csum { + uint8_t raw[16]; + } __attribute__((packed)); + ++struct bcachefs_sb_layout { ++ uint8_t magic[16]; ++ uint8_t layout_type; ++ uint8_t sb_max_size_bits; ++ uint8_t nr_superblocks; ++ uint8_t pad[5]; ++ uint64_t sb_offset[61]; ++} __attribute__((packed)); ++ + struct bcachefs_super_block { + union bcachefs_sb_csum csum; + uint16_t version; +@@ -123,7 +132,7 @@ struct bcachefs_super_block { + uint64_t flags[8]; + uint64_t features[2]; + uint64_t compat[2]; +- uint8_t layout[512]; ++ struct bcachefs_sb_layout layout; + struct bcachefs_sb_field _start[]; + } __attribute__((packed)); + +@@ -143,7 +152,7 @@ struct bcachefs_super_block { + /* granularity of offset and length fields within superblock */ + #define BCACHEFS_SECTOR_SIZE 512 + /* maximum superblock size */ +-#define BCACHEFS_SB_MAX_SIZE 4096 ++#define BCACHEFS_SB_MAX_SIZE 0x100000 + /* fields offset within super block */ + #define BCACHEFS_SB_FIELDS_OFF offsetof(struct bcachefs_super_block, _start) + /* tag value for members field */ +@@ -302,6 +311,9 @@ static int probe_bcachefs(blkid_probe pr, const struct blkid_idmag *mag) + return BLKID_PROBE_NONE; + + sb_size = BCACHEFS_SB_FIELDS_OFF + BYTES(bcs); ++ if (sb_size > BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits) ++ return BLKID_PROBE_NONE; ++ + if (sb_size > BCACHEFS_SB_MAX_SIZE) + return BLKID_PROBE_NONE; + + +commit acbf17ae8f8ee0f941fe98ed12f115f2b349bba8 +Author: Karel Zak <kzak@redhat.com> +Date: Wed Aug 23 11:53:45 2023 +0200 + + libblkid: (bcachefs) fix compiler warning [-Werror=sign-compare] + + Addresses: https://github.com/util-linux/util-linux/pull/2427 + Signed-off-by: Karel Zak <kzak@redhat.com> + (cherry picked from commit 17873d38fc97913c0a31d4bd08cfbfe45c4de5be) + +diff --git a/libblkid/src/superblocks/bcache.c b/libblkid/src/superblocks/bcache.c +index 236877042..6ab3fe9d4 100644 +--- a/libblkid/src/superblocks/bcache.c ++++ b/libblkid/src/superblocks/bcache.c +@@ -311,7 +311,7 @@ static int probe_bcachefs(blkid_probe pr, const struct blkid_idmag *mag) + return BLKID_PROBE_NONE; + + sb_size = BCACHEFS_SB_FIELDS_OFF + BYTES(bcs); +- if (sb_size > BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits) ++ if (sb_size > ((uint64_t) BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits)) + return BLKID_PROBE_NONE; + + if (sb_size > BCACHEFS_SB_MAX_SIZE) + +commit 6b9fda87c4e5d0c6f945d7565197f157b9fa3d5f +Author: Thomas Weißschuh <thomas@t-8ch.de> +Date: Wed Aug 23 11:58:33 2023 +0200 + + libblkid: (bcachefs) fix size validation + + Avoid signed shift out-of-bounds. + + Also mark the constants explitly as unsigned instead of casting. + + Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de> + (cherry picked from commit befe455f59de8c7bc66b85ed52aae8cbc95325fa) + +diff --git a/libblkid/src/superblocks/bcache.c b/libblkid/src/superblocks/bcache.c +index 6ab3fe9d4..28ac4b52b 100644 +--- a/libblkid/src/superblocks/bcache.c ++++ b/libblkid/src/superblocks/bcache.c +@@ -142,17 +142,19 @@ struct bcachefs_super_block { + /* magic string len */ + #define BCACHE_SB_MAGIC_LEN (sizeof(BCACHE_SB_MAGIC) - 1) + /* super block offset */ +-#define BCACHE_SB_OFF 0x1000 ++#define BCACHE_SB_OFF 0x1000U + /* supper block offset in kB */ + #define BCACHE_SB_KBOFF (BCACHE_SB_OFF >> 10) + /* magic string offset within super block */ + #define BCACHE_SB_MAGIC_OFF offsetof(struct bcache_super_block, magic) + /* start of checksummed data within superblock */ +-#define BCACHE_SB_CSUMMED_START 8 ++#define BCACHE_SB_CSUMMED_START 8U + /* granularity of offset and length fields within superblock */ +-#define BCACHEFS_SECTOR_SIZE 512 ++#define BCACHEFS_SECTOR_SIZE 512U ++/* maximum superblock size shift */ ++#define BCACHEFS_SB_MAX_SIZE_SHIFT 0x10U + /* maximum superblock size */ +-#define BCACHEFS_SB_MAX_SIZE 0x100000 ++#define BCACHEFS_SB_MAX_SIZE (1U << BCACHEFS_SB_MAX_SIZE_SHIFT) + /* fields offset within super block */ + #define BCACHEFS_SB_FIELDS_OFF offsetof(struct bcachefs_super_block, _start) + /* tag value for members field */ +@@ -311,12 +313,16 @@ static int probe_bcachefs(blkid_probe pr, const struct blkid_idmag *mag) + return BLKID_PROBE_NONE; + + sb_size = BCACHEFS_SB_FIELDS_OFF + BYTES(bcs); +- if (sb_size > ((uint64_t) BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits)) +- return BLKID_PROBE_NONE; + + if (sb_size > BCACHEFS_SB_MAX_SIZE) + return BLKID_PROBE_NONE; + ++ if (bcs->layout.sb_max_size_bits > BCACHEFS_SB_MAX_SIZE_SHIFT) ++ return BLKID_PROBE_NONE; ++ ++ if (sb_size > (BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits)) ++ return BLKID_PROBE_NONE; ++ + sb = blkid_probe_get_sb_buffer(pr, mag, sb_size); + if (!sb) + return BLKID_PROBE_NONE; diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index 45c0d57cbff..d710fabb7ac 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -29,6 +29,7 @@ stdenv.mkDerivation rec { patches = [ ./rtcwake-search-PATH-for-shutdown.patch + ./bcachefs-patch-set.patch ]; # We separate some of the utilities into their own outputs. This diff --git a/pkgs/os-specific/linux/v4l2loopback/default.nix b/pkgs/os-specific/linux/v4l2loopback/default.nix index 2c1b4fbb4f4..e17fda67218 100644 --- a/pkgs/os-specific/linux/v4l2loopback/default.nix +++ b/pkgs/os-specific/linux/v4l2loopback/default.nix @@ -40,7 +40,7 @@ stdenv.mkDerivation rec { description = "A kernel module to create V4L2 loopback devices"; homepage = "https://github.com/umlaeute/v4l2loopback"; license = licenses.gpl2Only; - maintainers = with maintainers; [ fortuneteller2k ]; + maintainers = with maintainers; [ moni ]; platforms = platforms.linux; outputsToInstall = [ "out" ]; }; diff --git a/pkgs/os-specific/linux/vmware/default.nix b/pkgs/os-specific/linux/vmware/default.nix index aeb6afec24a..7c1994687ae 100644 --- a/pkgs/os-specific/linux/vmware/default.nix +++ b/pkgs/os-specific/linux/vmware/default.nix @@ -2,15 +2,15 @@ stdenv.mkDerivation rec { pname = "vmware-modules"; - version = "workstation-17.0.2-2023-08-12-${kernel.version}"; + version = "workstation-17.0.2-2023-09-29-${kernel.version}"; src = fetchFromGitHub { owner = "mkubecek"; repo = "vmware-host-modules"; # Developer no longer provides tags for kernel compatibility fixes - # Commit hash for branch workstation-17.0.2 as of 2023-08-12 - rev = "8b2d31498a8df9b1215f407c989b065953b73455"; - sha256 = "sha256-R0nY4O3ASQkOop+ddU4k72HiIJU/aJz0l3lkJN/kuHc="; + # Commit hash for branch workstation-17.0.2 as of 2023-09-29 + rev = "29de7e2bd45d32e6983106d6f15810c70ba3e654"; + hash = "sha256-l0QJbjySINM/7EyNhZl6UnUonwPoGnCnsQeC8YtI15c="; }; hardeningDisable = [ "pic" ]; diff --git a/pkgs/os-specific/linux/wireless-tools/default.nix b/pkgs/os-specific/linux/wireless-tools/default.nix index fbe5d95e2a6..e95506461a4 100644 --- a/pkgs/os-specific/linux/wireless-tools/default.nix +++ b/pkgs/os-specific/linux/wireless-tools/default.nix @@ -5,7 +5,7 @@ stdenv.mkDerivation rec { version = "30.pre9"; src = fetchurl { - url = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/wireless_tools.${version}.tar.gz"; + url = "https://hewlettpackard.github.io/wireless-tools/wireless_tools.${version}.tar.gz"; sha256 = "0qscyd44jmhs4k32ggp107hlym1pcyjzihiai48xs7xzib4wbndb"; }; @@ -18,6 +18,8 @@ stdenv.mkDerivation rec { ]; meta = { + description = "Wireless tools for Linux"; + homepage = "https://hewlettpackard.github.io/wireless-tools/Tools.html"; platforms = lib.platforms.linux; license = lib.licenses.gpl2; }; diff --git a/pkgs/os-specific/linux/xf86-input-wacom/default.nix b/pkgs/os-specific/linux/xf86-input-wacom/default.nix index 7b7687bc306..614831c057d 100644 --- a/pkgs/os-specific/linux/xf86-input-wacom/default.nix +++ b/pkgs/os-specific/linux/xf86-input-wacom/default.nix @@ -52,7 +52,7 @@ stdenv.mkDerivation rec { ]; meta = with lib; { - maintainers = with maintainers; [ goibhniu fortuneteller2k ]; + maintainers = with maintainers; [ goibhniu moni ]; description = "Wacom digitizer driver for X11"; homepage = "https://linuxwacom.sourceforge.net"; license = licenses.gpl2Only; diff --git a/pkgs/os-specific/linux/xsensors/default.nix b/pkgs/os-specific/linux/xsensors/default.nix index 02ce560d8a9..e3639fefffa 100644 --- a/pkgs/os-specific/linux/xsensors/default.nix +++ b/pkgs/os-specific/linux/xsensors/default.nix @@ -18,6 +18,6 @@ stdenv.mkDerivation rec { meta = with lib; { license = licenses.gpl2; platforms = platforms.linux; - maintainers = with maintainers; [ cstrahan ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/os-specific/linux/zfs/generic.nix b/pkgs/os-specific/linux/zfs/generic.nix index 41aa909532f..8adbb8cab8f 100644 --- a/pkgs/os-specific/linux/zfs/generic.nix +++ b/pkgs/os-specific/linux/zfs/generic.nix @@ -76,22 +76,14 @@ stdenv'.mkDerivation { substituteInPlace ./config/user-systemd.m4 --replace "/usr/lib/modules-load.d" "$out/etc/modules-load.d" substituteInPlace ./config/zfs-build.m4 --replace "\$sysconfdir/init.d" "$out/etc/init.d" \ --replace "/etc/default" "$out/etc/default" - # TODO: drop when upgrading to 2.2.0 - ${if isUnstable then '' - substituteInPlace ./contrib/initramfs/Makefile.am \ - --replace "/usr/share/initramfs-tools" "$out/usr/share/initramfs-tools" - substituteInPlace ./udev/vdev_id \ - --replace "PATH=/bin:/sbin:/usr/bin:/usr/sbin" \ - "PATH=${makeBinPath [ coreutils gawk gnused gnugrep systemd ]}" - '' else '' - substituteInPlace ./etc/zfs/Makefile.am --replace "\$(sysconfdir)/zfs" "$out/etc/zfs" - - find ./contrib/initramfs -name Makefile.am -exec sed -i -e 's|/usr/share/initramfs-tools|'$out'/share/initramfs-tools|g' {} \; - - substituteInPlace ./cmd/vdev_id/vdev_id \ - --replace "PATH=/bin:/sbin:/usr/bin:/usr/sbin" \ - "PATH=${makeBinPath [ coreutils gawk gnused gnugrep systemd ]}" - ''} + substituteInPlace ./contrib/initramfs/Makefile.am \ + --replace "/usr/share/initramfs-tools" "$out/usr/share/initramfs-tools" + substituteInPlace ./udev/vdev_id \ + --replace "PATH=/bin:/sbin:/usr/bin:/usr/sbin" \ + "PATH=${makeBinPath [ coreutils gawk gnused gnugrep systemd ]}" + substituteInPlace ./config/zfs-build.m4 \ + --replace "bashcompletiondir=/etc/bash_completion.d" \ + "bashcompletiondir=$out/share/bash-completion/completions" ''; nativeBuildInputs = [ autoreconfHook269 nukeReferences ] @@ -138,6 +130,14 @@ stdenv'.mkDerivation { "INSTALL_MOD_PATH=\${out}" ]; + preConfigure = '' + # The kernel module builds some tests during the configurePhase, this envvar controls their parallelism + export TEST_JOBS=$NIX_BUILD_CORES + if [ -z "$enableParallelBuilding" ]; then + export TEST_JOBS=1 + fi + ''; + # Enabling BTF causes zfs to be build with debug symbols. # Since zfs compress kernel modules on installation, our strip hooks skip stripping them. # Hence we strip modules prior to compression. @@ -202,15 +202,15 @@ stdenv'.mkDerivation { changelog = "https://github.com/openzfs/zfs/releases/tag/zfs-${version}"; license = lib.licenses.cddl; - # The case-block for TARGET_CPU has branches for only five CPU families, + # The case-block for TARGET_CPU has branches for only some CPU families, # which prevents ZFS from building on any other platform. Since the NixOS # `boot.zfs.enabled` property is `readOnly`, excluding platforms where ZFS # does not build is the only way to produce a NixOS installer on such # platforms. - # https://github.com/openzfs/zfs/blob/6a6bd493988c75331deab06e5352a9bed035a87d/config/always-arch.m4#L16 + # https://github.com/openzfs/zfs/blob/6723d1110f6daf93be93db74d5ea9f6b64c9bce5/config/always-arch.m4#L12 platforms = with lib.systems.inspect.patterns; - map (p: p // isLinux) [ isx86_32 isx86_64 isPower isAarch64 isSparc ]; + map (p: p // isLinux) ([ isx86_32 isx86_64 isPower isAarch64 isSparc ] ++ isArmv7); maintainers = with lib.maintainers; [ jcumming jonringer globin raitobezarius ]; mainProgram = "zfs"; diff --git a/pkgs/os-specific/linux/zfs/stable.nix b/pkgs/os-specific/linux/zfs/stable.nix index 14cda12e6f3..3e53ba902cb 100644 --- a/pkgs/os-specific/linux/zfs/stable.nix +++ b/pkgs/os-specific/linux/zfs/stable.nix @@ -14,19 +14,15 @@ callPackage ./generic.nix args { # check the release notes for compatible kernels kernelCompatible = if stdenv'.isx86_64 || removeLinuxDRM - then kernel.kernelOlder "6.4" + then kernel.kernelOlder "6.6" else kernel.kernelOlder "6.2"; - latestCompatibleLinuxPackages = linuxKernel.packages.linux_6_1; - extraPatches = [ - (fetchpatch { - name = "musl.patch"; - url = "https://github.com/openzfs/zfs/commit/1f19826c9ac85835cbde61a7439d9d1fefe43a4a.patch"; - sha256 = "XEaK227ubfOwlB2s851UvZ6xp/QOtYUWYsKTkEHzmo0="; - }) - ]; + + latestCompatibleLinuxPackages = if stdenv'.isx86_64 || removeLinuxDRM + then linuxKernel.packages.linux_6_5 + else linuxKernel.packages.linux_6_1; # this package should point to the latest release. - version = "2.1.12"; + version = "2.2.0"; - sha256 = "eYUR5d4gpTrlFu6j1uL83DWL9uPGgAUDRdSEb73V5i4="; + sha256 = "sha256-s1sdXSrLu6uSOmjprbUa4cFsE2Vj7JX5i75e4vRnlvg="; } diff --git a/pkgs/os-specific/linux/zfs/unstable.nix b/pkgs/os-specific/linux/zfs/unstable.nix index 592d94b0030..9c7e14c31bf 100644 --- a/pkgs/os-specific/linux/zfs/unstable.nix +++ b/pkgs/os-specific/linux/zfs/unstable.nix @@ -12,20 +12,21 @@ in callPackage ./generic.nix args { # check the release notes for compatible kernels kernelCompatible = if stdenv'.isx86_64 || removeLinuxDRM - then kernel.kernelOlder "6.5" + then kernel.kernelOlder "6.6" else kernel.kernelOlder "6.2"; latestCompatibleLinuxPackages = if stdenv'.isx86_64 || removeLinuxDRM - then linuxKernel.packages.linux_6_4 - else linuxKernel.packages.linux_6_1; + then linuxKernel.packages.linux_6_5 + else linuxKernel.packages.linux_6_1; # this package should point to a version / git revision compatible with the latest kernel release # IMPORTANT: Always use a tagged release candidate or commits from the # zfs-<version>-staging branch, because this is tested by the OpenZFS # maintainers. - version = "2.2.0-rc4"; + version = "2.2.1-unstable-2023-10-21"; + rev = "95785196f26e92d82cf4445654ba84e4a9671c57"; - sha256 = "sha256-zTG6iujlWB2H8j6i+t59zdyztoDFk373AjgHzC8x5mQ="; + sha256 = "sha256-s1sdXSrLu6uSOmjprbUa4cFsE2Vj7JX5i75e4vRnlvg="; isUnstable = true; } |