From 9daafdfcfbb404ba4238a885dc07e9752993e8c4 Mon Sep 17 00:00:00 2001
From: Aaron Siddhartha Mondal <aaron@tracemachina.com>
Date: Thu, 4 Jan 2024 22:52:58 +0100
Subject: [PATCH] nvidia-container-toolkit: 1.9.0 -> 1.15.0-rc.3

---
 .../0001-Add-dlopen-discoverer.patch          | 90 +++++++++++++++++++
 .../nvidia-container-toolkit/default.nix      | 45 ++++++++--
 2 files changed, 127 insertions(+), 8 deletions(-)
 create mode 100644 pkgs/applications/virtualization/nvidia-container-toolkit/0001-Add-dlopen-discoverer.patch

diff --git a/pkgs/applications/virtualization/nvidia-container-toolkit/0001-Add-dlopen-discoverer.patch b/pkgs/applications/virtualization/nvidia-container-toolkit/0001-Add-dlopen-discoverer.patch
new file mode 100644
index 000000000000..ddc7d34ac7c1
--- /dev/null
+++ b/pkgs/applications/virtualization/nvidia-container-toolkit/0001-Add-dlopen-discoverer.patch
@@ -0,0 +1,90 @@
+From e4449f06a8989ff22947309151855b388c311aed Mon Sep 17 00:00:00 2001
+From: Jared Baur <jaredbaur@fastmail.com>
+Date: Mon, 22 Jan 2024 20:42:48 -0800
+Subject: [PATCH] Add dlopen discoverer
+
+---
+ internal/lookup/dlopen.go  | 57 ++++++++++++++++++++++++++++++++++++++
+ internal/lookup/library.go |  3 ++
+ 2 files changed, 60 insertions(+)
+ create mode 100644 internal/lookup/dlopen.go
+
+diff --git a/internal/lookup/dlopen.go b/internal/lookup/dlopen.go
+new file mode 100644
+index 00000000..7cd84522
+--- /dev/null
++++ b/internal/lookup/dlopen.go
+@@ -0,0 +1,57 @@
++package lookup
++
++// #cgo LDFLAGS: -ldl
++// #define _GNU_SOURCE
++// #include <dlfcn.h>
++// #include <stdlib.h>
++import "C"
++
++import (
++	"fmt"
++	"path/filepath"
++	"unsafe"
++)
++
++// dlopenLocator can be used to locate libraries given a system's dynamic
++// linker.
++type dlopenLocator struct {
++	file
++}
++
++// NewDlopenLocator creats a locator that can be used for locating libraries
++// through the dlopen mechanism.
++func NewDlopenLocator(opts ...Option) Locator {
++	f := newFileLocator(opts...)
++	d := dlopenLocator{file: *f}
++	return &d
++}
++
++// Locate finds the specified pattern if the systems' dynamic linker can find
++// it via dlopen. Note that patterns with wildcard patterns will likely not be
++// found as it is uncommon for libraries to have wildcard patterns in their
++// file name.
++func (d dlopenLocator) Locate(pattern string) ([]string, error) {
++	libname := C.CString(pattern)
++	defer C.free(unsafe.Pointer(libname))
++
++	d.logger.Debugf("Calling dlopen for %s", pattern)
++
++	handle := C.dlopen(libname, C.RTLD_LAZY)
++	if handle == nil {
++		return nil, fmt.Errorf("dlopen %s failed", pattern)
++	}
++	defer C.dlclose(handle)
++
++	libParentPath := C.CString("")
++
++	d.logger.Debugf("Calling dlinfo on handle for %s", pattern)
++	ret := C.dlinfo(handle, C.RTLD_DI_ORIGIN, unsafe.Pointer(libParentPath))
++	if ret == -1 {
++		return nil, fmt.Errorf("dlinfo on handle for %s failed", pattern)
++	}
++
++	libAbsolutePath := filepath.Join(C.GoString(libParentPath), pattern)
++	d.logger.Debugf("Found library for %s at %s", pattern, libAbsolutePath)
++
++	return []string{libAbsolutePath}, nil
++}
+diff --git a/internal/lookup/library.go b/internal/lookup/library.go
+index 7f5cf7c8..916edde2 100644
+--- a/internal/lookup/library.go
++++ b/internal/lookup/library.go
+@@ -61,7 +61,10 @@ func NewLibraryLocator(opts ...Option) Locator {
+ 	// We construct a symlink locator for expected library locations.
+ 	symlinkLocator := NewSymlinkLocator(opts...)
+ 
++	dlopenLocator := NewDlopenLocator(opts...)
++
+ 	l := First(
++		dlopenLocator,
+ 		symlinkLocator,
+ 		newLdcacheLocator(opts...),
+ 	)
+--
diff --git a/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix b/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix
index 7d0ecfab53e7..f57285b504f2 100644
--- a/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix
+++ b/pkgs/applications/virtualization/nvidia-container-toolkit/default.nix
@@ -10,6 +10,7 @@
 , configTemplate
 , configTemplatePath ? null
 , libnvidia-container
+, cudaPackages
 }:
 
 assert configTemplate != null -> (lib.isAttrs configTemplate && configTemplatePath == null);
@@ -31,29 +32,56 @@ let
   '';
 
   configToml = if configTemplatePath != null then configTemplatePath else (formats.toml { }).generate "config.toml" configTemplate;
+
+  # From https://gitlab.com/nvidia/container-toolkit/container-toolkit/-/blob/03cbf9c6cd26c75afef8a2dd68e0306aace80401/Makefile#L54
+  cliVersionPackage = "github.com/NVIDIA/nvidia-container-toolkit/internal/info";
 in
 buildGoModule rec {
   pname = "container-toolkit/container-toolkit";
-  version = "1.9.0";
+  version = "1.15.0-rc.3";
 
   src = fetchFromGitLab {
     owner = "nvidia";
     repo = pname;
     rev = "v${version}";
-    hash = "sha256-b4mybNB5FqizFTraByHk5SCsNO66JaISj18nLgLN7IA=";
+    hash = "sha256-IH2OjaLbcKSGG44aggolAOuJkjk+GaXnnTbrXfZ0lVo=";
+
   };
 
   vendorHash = null;
 
+  patches = [
+    # This patch causes library lookups to first attempt loading via dlopen
+    # before falling back to the regular symlink location and ldcache location.
+    ./0001-Add-dlopen-discoverer.patch
+  ];
+
   postPatch = ''
-    # replace the default hookDefaultFilePath to the $out path
-    substituteInPlace cmd/nvidia-container-runtime/main.go \
-      --replace '/usr/bin/nvidia-container-runtime-hook' '${placeholder "out"}/bin/nvidia-container-runtime-hook'
+    # Replace the default hookDefaultFilePath to the $out path and override
+    # default ldconfig locations to the one in nixpkgs.
+
+    substituteInPlace internal/config/config.go \
+      --replace '/usr/bin/nvidia-container-runtime-hook' "$out/bin/nvidia-container-runtime-hook" \
+      --replace '/sbin/ldconfig' '${lib.getBin glibc}/sbin/ldconfig'
+
+    substituteInPlace internal/config/config_test.go \
+      --replace '/sbin/ldconfig' '${lib.getBin glibc}/sbin/ldconfig'
+
+    substituteInPlace tools/container/toolkit/toolkit.go \
+      --replace '/sbin/ldconfig' '${lib.getBin glibc}/sbin/ldconfig'
+
+    substituteInPlace cmd/nvidia-ctk/hook/update-ldcache/update-ldcache.go \
+      --replace '/sbin/ldconfig' '${lib.getBin glibc}/sbin/ldconfig'
   '';
 
-  ldflags = [ "-s" "-w" ];
+  # Try to keep this close to the ldflags in the original Makefile. See:
+  # https://gitlab.com/nvidia/container-toolkit/container-toolkit/-/blob/03cbf9c6cd26c75afef8a2dd68e0306aace80401/Makefile#L64
+  ldflags = [ "-extldflags=-Wl,-z,lazy" "-s" "-w" "-X" "${cliVersionPackage}.version=${version}" ];
 
-  nativeBuildInputs = [ makeWrapper ];
+  nativeBuildInputs = [
+    cudaPackages.autoAddOpenGLRunpathHook
+    makeWrapper
+  ];
 
   preConfigure = ''
     # Ensure the runc symlink isn't broken:
@@ -95,7 +123,8 @@ buildGoModule rec {
     substituteInPlace $out/etc/nvidia-container-runtime/config.toml \
       --subst-var-by glibcbin ${lib.getBin glibc}
 
-    ln -s $out/bin/nvidia-container-{toolkit,runtime-hook}
+    # See: https://gitlab.com/nvidia/container-toolkit/container-toolkit/-/blob/03cbf9c6cd26c75afef8a2dd68e0306aace80401/packaging/debian/nvidia-container-toolkit.postinst#L12
+    ln -s $out/bin/nvidia-container-runtime-hook $out/bin/nvidia-container-toolkit
 
     wrapProgram $out/bin/nvidia-container-toolkit \
       --add-flags "-config ${placeholder "out"}/etc/nvidia-container-runtime/config.toml"