mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-25 16:33:15 +00:00
* Reject inputs outside of the store in ld if NIX_ENFORCE_PURITY is
set. * Various bug fixes. svn path=/nixpkgs/trunk/; revision=824
This commit is contained in:
parent
d74192ee38
commit
b8b4f9ce4b
@ -2,15 +2,32 @@
|
||||
|
||||
. $stdenv/setup
|
||||
|
||||
if test -z "$isNative"; then
|
||||
cflagsCompile="-B$out/bin -B$glibc/lib -isystem $glibc/include"
|
||||
ldflags="-L$glibc/lib -L$gcc/lib " \
|
||||
"-dynamic-linker $glibc/lib/ld-linux.so.2" \
|
||||
"-rpath $glibc/lib -rpath $gcc/lib"
|
||||
else
|
||||
cflagsCompile="-B$out/bin"
|
||||
|
||||
# Force gcc to use ld-wrapper.sh when calling ld.
|
||||
cflagsCompile="-B$out/bin"
|
||||
|
||||
if test -n "$glibc"; then
|
||||
# The "-B$glibc/lib" flag is a quick hack to force gcc to link
|
||||
# against the crt1.o from our own glibc, rather than the one in
|
||||
# /usr/lib. The real solution is of course to prevent those paths
|
||||
# from being used by gcc in the first place.
|
||||
cflagsCompile="$cflagsCompile -B$glibc/lib -isystem $glibc/include"
|
||||
ldflags="$ldflags -L$glibc/lib -rpath $glibc/lib -dynamic-linker $glibc/lib/ld-linux.so.2"
|
||||
fi
|
||||
|
||||
if test -n "$gcc"; then
|
||||
ldflags="$ldflags -L$gcc/lib -rpath $gcc/lib"
|
||||
fi
|
||||
|
||||
if test -n "$isNative"; then
|
||||
gccPath="$nativePrefix/bin"
|
||||
ldPath="$nativePrefix/bin"
|
||||
else
|
||||
gccPath="$gcc/bin"
|
||||
ldPath="$binutils/bin"
|
||||
fi
|
||||
|
||||
|
||||
mkdir $out
|
||||
mkdir $out/bin
|
||||
|
||||
@ -25,39 +42,43 @@ mkGccWrapper () {
|
||||
fi
|
||||
|
||||
sed \
|
||||
-e "s^@cflagsCompile@^$cflagsCompile^g" \
|
||||
-e "s^@cflagsLink@^$cflagsLink^g" \
|
||||
-e "s^@ldflags@^$ldflags^g" \
|
||||
-e "s^@gcc@^$src^g" \
|
||||
-e "s^@out@^$out^g" \
|
||||
< $gccWrapper > $dst
|
||||
chmod +x $dst
|
||||
|
||||
}
|
||||
|
||||
mkGccWrapper $out/bin/gcc $gcc/bin/gcc
|
||||
mkGccWrapper $out/bin/gcc $gccPath/gcc
|
||||
ln -s gcc $out/bin/cc
|
||||
|
||||
mkGccWrapper $out/bin/g++ $gcc/bin/g++
|
||||
mkGccWrapper $out/bin/g++ $gccPath/g++
|
||||
ln -s g++ $out/bin/c++
|
||||
|
||||
mkGccWrapper $out/bin/g77 $gcc/bin/g77
|
||||
mkGccWrapper $out/bin/g77 $gccPath/g77
|
||||
ln -s g77 $out/bin/f77
|
||||
|
||||
|
||||
sed \
|
||||
-e "s^@ldflags@^$ldflags^g" \
|
||||
-e "s^@ld@^$gcc/bin/ld^g" \
|
||||
-e "s^@ld@^$ldPath/ld^g" \
|
||||
< $ldWrapper > $out/bin/ld
|
||||
chmod +x $out/bin/ld
|
||||
|
||||
|
||||
mkdir $out/nix-support
|
||||
test -z "$isNative" && echo $gcc > $out/nix-support/orig-gcc
|
||||
test -z "$isNative" && echo $glibc > $out/nix-support/orig-glibc
|
||||
test -z "$gcc" && echo $gcc > $out/nix-support/orig-gcc
|
||||
test -n "$glibc" && echo $glibc > $out/nix-support/orig-glibc
|
||||
|
||||
cat > $out/nix-support/add-flags <<EOF
|
||||
NIX_CFLAGS_COMPILE="$cflagsCompile \$NIX_CFLAGS_COMPILE"
|
||||
NIX_CFLAGS_LINK="$cflagsLink \$NIX_CFLAGS_LINK"
|
||||
NIX_LDFLAGS="$ldflags \$NIX_LDFLAGS"
|
||||
EOF
|
||||
|
||||
sed \
|
||||
-e "s^@isNative@^$isNative^g" \
|
||||
-e "s^@enforcePurity@^$enforcePurity^g" \
|
||||
-e "s^@gcc@^$gcc^g" \
|
||||
-e "s^@binutils@^$binutils^g" \
|
||||
-e "s^@glibc@^$glibc^g" \
|
||||
< $setupHook > $out/nix-support/setup-hook
|
||||
|
@ -5,9 +5,10 @@
|
||||
# derivation provides a wrapper that sets up the right environment
|
||||
# variables so that the compiler and the linker just "work".
|
||||
|
||||
{name, stdenv, isNative, gcc ? null, glibc ? null, binutils ? null}:
|
||||
{ name, stdenv, isNative, nativePrefix ? ""
|
||||
, gcc ? null, glibc ? null, binutils ? null}:
|
||||
|
||||
assert isNative -> gcc != "";
|
||||
assert isNative -> nativePrefix != "";
|
||||
assert !isNative -> gcc != null && glibc != null && binutils != null;
|
||||
|
||||
derivation {
|
||||
@ -16,8 +17,8 @@ derivation {
|
||||
setupHook = ./setup-hook.sh;
|
||||
gccWrapper = ./gcc-wrapper.sh;
|
||||
ldWrapper = ./ld-wrapper.sh;
|
||||
inherit name stdenv isNative gcc glibc binutils;
|
||||
enforcePurity = if isNative then false else gcc.noSysDirs;
|
||||
inherit name stdenv isNative nativePrefix gcc glibc binutils;
|
||||
enforcePurity = if isNative then false else gcc.enforcePurity;
|
||||
langC = if isNative then true else gcc.langC;
|
||||
langCC = if isNative then true else gcc.langCC;
|
||||
langF77 = if isNative then false else gcc.langF77;
|
||||
|
@ -5,16 +5,14 @@ if test -n "$NIX_GCC_WRAPPER_START_HOOK"; then
|
||||
fi
|
||||
|
||||
if test -z "$NIX_GLIBC_FLAGS_SET"; then
|
||||
NIX_CFLAGS_COMPILE="@cflagsCompile@ $NIX_CFLAGS_COMPILE"
|
||||
NIX_CFLAGS_LINK="@cflagsLink@ $NIX_CFLAGS_LINK"
|
||||
NIX_LDFLAGS="@ldflags@ $NIX_LDFLAGS"
|
||||
. @out@/nix-support/add-flags
|
||||
fi
|
||||
|
||||
|
||||
# Figure out if linker flags should be passed. GCC prints annoying
|
||||
# warnings when they are not needed.
|
||||
dontLink=0
|
||||
if test "$*" = "-v"; then
|
||||
if test "$*" = "-v" -o -z "$*"; then
|
||||
dontLink=1
|
||||
else
|
||||
for i in "$@"; do
|
||||
|
@ -4,6 +4,37 @@ if test -n "$NIX_LD_WRAPPER_START_HOOK"; then
|
||||
. "$NIX_LD_WRAPPER_START_HOOK"
|
||||
fi
|
||||
|
||||
# Optionally filter out paths not refering to the store.
|
||||
skip () {
|
||||
if test "$NIX_DEBUG" = "1"; then
|
||||
echo "skipping impure path $1" >&2
|
||||
fi
|
||||
}
|
||||
|
||||
params=("$@")
|
||||
if test "$NIX_ENFORCE_PURITY" = "1" -a -n "$NIX_STORE"; then
|
||||
rest=()
|
||||
n=0
|
||||
while test $n -lt ${#params[*]}; do
|
||||
p=${params[n]}
|
||||
p2=${params[$((n+1))]}
|
||||
if test "${p:0:3}" = "-L/" -a "${p:2:${#NIX_STORE}}" != "$NIX_STORE"; then
|
||||
skip $p
|
||||
elif test "$p" = "-L" -a "${p2:0:${#NIX_STORE}}" != "$NIX_STORE"; then
|
||||
n=$((n + 1)); skip $p2
|
||||
elif test "${p:0:1}" = "/" -a "${p:0:${#NIX_STORE}}" != "$NIX_STORE"; then
|
||||
# We cannot skip this; barf.
|
||||
echo "impure path \`$p' used in link"
|
||||
exit 1
|
||||
else
|
||||
rest=("${rest[@]}" "$p")
|
||||
fi
|
||||
n=$((n + 1))
|
||||
done
|
||||
params=("${rest[@]}")
|
||||
fi
|
||||
|
||||
|
||||
extra=()
|
||||
|
||||
if test -z "$NIX_LDFLAGS_SET"; then
|
||||
@ -12,7 +43,7 @@ fi
|
||||
|
||||
if test "$NIX_DEBUG" = "1"; then
|
||||
echo "original flags to @ld@:" >&2
|
||||
for i in "$@"; do
|
||||
for i in "${params[@]}"; do
|
||||
echo " $i" >&2
|
||||
done
|
||||
echo "extra flags to @ld@:" >&2
|
||||
@ -25,4 +56,4 @@ if test -n "$NIX_LD_WRAPPER_EXEC_HOOK"; then
|
||||
. "$NIX_LD_WRAPPER_EXEC_HOOK"
|
||||
fi
|
||||
|
||||
exec @ld@ "$@" ${extra[@]}
|
||||
exec @ld@ "${params[@]}" ${extra[@]}
|
||||
|
@ -11,8 +11,18 @@ addCVars () {
|
||||
envHooks=(${envHooks[@]} addCVars)
|
||||
|
||||
export NIX_IS_NATIVE=@isNative@
|
||||
if test -z "$NIX_IS_NATIVE"; then
|
||||
PATH=$PATH:@gcc@/bin:@glibc@/bin
|
||||
export NIX_ENFORCE_PURITY=@enforcePurity@
|
||||
|
||||
# Note: these come *after* $out in the PATH (see setup.sh).
|
||||
|
||||
if test -n "@gcc@"; then
|
||||
PATH=$PATH:@gcc@/bin
|
||||
fi
|
||||
|
||||
export NIX_ENFORCE_PURITY=@enforcePurity@
|
||||
if test -n "@binutils@"; then
|
||||
PATH=$PATH:@binutils@/bin
|
||||
fi
|
||||
|
||||
if test -n "@glibc@"; then
|
||||
PATH=$PATH:@glibc@/bin
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user