mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-27 01:13:05 +00:00
Merge master into staging-next
This commit is contained in:
commit
e5381cdece
@ -307,23 +307,19 @@ packageOverrides = pkgs: {
|
||||
</screen>
|
||||
</para>
|
||||
</section>
|
||||
|
||||
<section xml:id="sec-elm">
|
||||
<title>Elm</title>
|
||||
|
||||
<para>
|
||||
The Nix expressions for Elm reside in
|
||||
<filename>pkgs/development/compilers/elm</filename>. They are generated
|
||||
automatically by <command>update-elm.rb</command> script. One should specify
|
||||
versions of Elm packages inside the script, clear the
|
||||
<filename>packages</filename> directory and run the script from inside it.
|
||||
<literal>elm-reactor</literal> is special because it also has Elm package
|
||||
dependencies. The process is not automated very much for now -- you should
|
||||
get the <literal>elm-reactor</literal> source tree (e.g. with
|
||||
<command>nix-shell</command>) and run <command>elm2nix.rb</command> inside
|
||||
it. Place the resulting <filename>package.nix</filename> file into
|
||||
<filename>packages/elm-reactor-elm.nix</filename>.
|
||||
To update Elm compiler, see <filename>nixpkgs/pkgs/development/compilers/elm/README.md</filename>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To package Elm applications, <link xlink:href="https://github.com/hercules-ci/elm2nix#elm2nix">read about elm2nix</link>.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
<section xml:id="sec-shell-helpers">
|
||||
<title>Interactive shell helpers</title>
|
||||
|
||||
|
@ -29,11 +29,20 @@ with lib;
|
||||
security.apparmor.enable = mkDefault true;
|
||||
|
||||
boot.kernelParams = [
|
||||
# Slab/slub sanity checks, redzoning, and poisoning
|
||||
"slub_debug=FZP"
|
||||
|
||||
# Disable slab merging to make certain heap overflow attacks harder
|
||||
"slab_nomerge"
|
||||
|
||||
# Overwrite free'd memory
|
||||
"page_poison=1"
|
||||
|
||||
# Disable legacy virtual syscalls
|
||||
"vsyscall=none"
|
||||
|
||||
# Enable PTI even if CPU claims to be safe from meltdown
|
||||
"pti=on"
|
||||
];
|
||||
|
||||
boot.blacklistedKernelModules = [
|
||||
|
@ -9,7 +9,8 @@ in
|
||||
options.programs.xss-lock = {
|
||||
enable = mkEnableOption "xss-lock";
|
||||
lockerCommand = mkOption {
|
||||
example = "xlock";
|
||||
default = "${pkgs.i3lock}/bin/i3lock";
|
||||
example = literalExample ''''${pkgs.i3lock-fancy}/bin/i3lock-fancy'';
|
||||
type = types.string;
|
||||
description = "Locker to be used with xsslock";
|
||||
};
|
||||
|
@ -32,7 +32,6 @@ in {
|
||||
default = [];
|
||||
description = "Extra arguments to lircd.";
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
@ -43,14 +42,15 @@ in {
|
||||
# Note: LIRC executables raises a warning, if lirc_options.conf do not exists
|
||||
environment.etc."lirc/lirc_options.conf".text = cfg.options;
|
||||
|
||||
passthru.lirc.socket = "/run/lirc/lircd";
|
||||
|
||||
environment.systemPackages = [ pkgs.lirc ];
|
||||
|
||||
systemd.sockets.lircd = {
|
||||
description = "LIRC daemon socket";
|
||||
wantedBy = [ "sockets.target" ];
|
||||
socketConfig = {
|
||||
# default search path
|
||||
ListenStream = "/run/lirc/lircd";
|
||||
ListenStream = config.passthru.lirc.socket;
|
||||
SocketUser = "lirc";
|
||||
SocketMode = "0660";
|
||||
};
|
||||
|
@ -33,12 +33,14 @@ in {
|
||||
default = [];
|
||||
description = "Additional command line arguments to pass to VDR.";
|
||||
};
|
||||
|
||||
enableLirc = mkEnableOption "enable LIRC";
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = mkIf cfg.enable (mkMerge [{
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${cfg.videoDir} 0755 vdr vdr -"
|
||||
"Z ${cfg.videoDir} - vdr vdr -"
|
||||
@ -67,5 +69,13 @@ in {
|
||||
};
|
||||
|
||||
users.groups.vdr = {};
|
||||
};
|
||||
}
|
||||
|
||||
(mkIf cfg.enableLirc {
|
||||
services.lirc.enable = true;
|
||||
users.users.vdr.extraGroups = [ "lirc" ];
|
||||
services.vdr.extraArguments = [
|
||||
"--lirc=${config.passthru.lirc.socket}"
|
||||
];
|
||||
})]);
|
||||
}
|
||||
|
@ -9,7 +9,6 @@ with lib;
|
||||
machine = {
|
||||
imports = [ ./common/x11.nix ./common/user-account.nix ];
|
||||
programs.xss-lock.enable = true;
|
||||
programs.xss-lock.lockerCommand = "${pkgs.xlockmore}/bin/xlock";
|
||||
services.xserver.displayManager.auto.user = "alice";
|
||||
};
|
||||
|
||||
@ -20,6 +19,6 @@ with lib;
|
||||
|
||||
$machine->fail("pgrep xlock");
|
||||
$machine->succeed("su -l alice -c 'xset dpms force standby'");
|
||||
$machine->waitUntilSucceeds("pgrep xlock");
|
||||
$machine->waitUntilSucceeds("pgrep i3lock");
|
||||
'';
|
||||
})
|
||||
|
@ -5,13 +5,13 @@
|
||||
with stdenv.lib;
|
||||
stdenv.mkDerivation rec{
|
||||
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-" + version;
|
||||
version = "0.17.0";
|
||||
version = "0.17.1";
|
||||
|
||||
src = fetchurl {
|
||||
urls = [ "https://bitcoincore.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
|
||||
"https://bitcoin.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
|
||||
];
|
||||
sha256 = "0pkq28d2dj22qrxyyg9kh0whmhj7ghyabnhyqldbljv4a7l3kvwq";
|
||||
sha256 = "0am4pnaf2cisv172jqx6jdpzx770agm8777163lkjbw3ryslymiy";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig autoreconfHook ]
|
||||
|
@ -3,7 +3,7 @@
|
||||
with stdenv.lib;
|
||||
|
||||
let
|
||||
version = "1.34";
|
||||
version = "1.34.1";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.geany.org/${name}.tar.bz2";
|
||||
sha256 = "63b93d25d037eaffa77895ae6dd29c91bca570e4053eff5cc8490f87e6021f8e";
|
||||
sha256 = "e765efd89e759defe3fd797d8a2052afbb4b23522efbcc72e3a72b7f1093ec11";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig intltool libintl ];
|
||||
|
@ -1,12 +1,12 @@
|
||||
{ stdenv, curl, fetchFromGitHub, cjson, olm, luaffi }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "weechat-matrix-bridge-2018-05-29";
|
||||
name = "weechat-matrix-bridge-2018-11-19";
|
||||
src = fetchFromGitHub {
|
||||
owner = "torhve";
|
||||
repo = "weechat-matrix-protocol-script";
|
||||
rev = "ace3fefc0e35a627f8a528032df2e3111e41eb1b";
|
||||
sha256 = "1snf8vn5n9wzrnqnvdrcli4199s5p114jbjlgrj5c27i53173wqw";
|
||||
rev = "8d32e90d864a8f3f09ecc2857cd5dd6e39a8c3f7";
|
||||
sha256 = "0qqd6qmkrdc0r3rnl53c3yp93fbcz7d3mdw3vq5gmdqxyym4s9lj";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -1,24 +1,18 @@
|
||||
{ stdenv, fetchFromGitHub, fetchpatch, cmake, python, xxd }:
|
||||
{ stdenv, fetchFromGitHub, fetchpatch, cmake, python3, xxd, boost }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "cryptominisat-${version}";
|
||||
version = "5.0.1";
|
||||
version = "5.6.6";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "msoos";
|
||||
repo = "cryptominisat";
|
||||
rev = version;
|
||||
sha256 = "0cpw5d9vplxvv3aaplhnga55gz1hy29p7s4pkw1306knkbhlzvkb";
|
||||
sha256 = "1a1494gj4j73yij0hjbzsn2hglk9zy5c5wfwgig3j67cis28saf5";
|
||||
};
|
||||
|
||||
buildInputs = [ python xxd ];
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
||||
patches = [(fetchpatch rec {
|
||||
name = "fix-exported-library-name.patch";
|
||||
url = "https://github.com/msoos/cryptominisat/commit/7a47795cbe5ad5a899731102d297f234bcade077.patch";
|
||||
sha256 = "11hf3cfqs4cykn7rlgjglq29lzqfxvlm0f20qasi0kdrz01cr30f";
|
||||
})];
|
||||
buildInputs = [ python3 boost ];
|
||||
nativeBuildInputs = [ cmake xxd ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "An advanced SAT Solver";
|
||||
|
@ -91,6 +91,6 @@ in stdenv.mkDerivation rec {
|
||||
homepage = https://obsproject.com;
|
||||
maintainers = with maintainers; [ jb55 MP2E ];
|
||||
license = licenses.gpl2;
|
||||
platforms = with platforms; linux;
|
||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||
};
|
||||
}
|
||||
|
@ -21,11 +21,11 @@ assert (withQt5 -> qtbase != null && qtsvg != null && qtx11extras != null);
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "vlc-${version}";
|
||||
version = "3.0.4";
|
||||
version = "3.0.5";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://get.videolan.org/vlc/${version}/${name}.tar.xz";
|
||||
sha256 = "17jsq0zqpqyxw4ckvjba0hf6zk8ywc4wf8sy3z03hh3ij0vxpwq1";
|
||||
sha256 = "1nvj00khy08sing0mdnw6virmiq579mrk5rvpx9710nlxggqgh7m";
|
||||
};
|
||||
|
||||
# VLC uses a *ton* of libraries for various pieces of functionality, many of
|
||||
|
24
pkgs/development/compilers/elm/README.md
Normal file
24
pkgs/development/compilers/elm/README.md
Normal file
@ -0,0 +1,24 @@
|
||||
# To update Elm:
|
||||
|
||||
Modify revision in ./update.sh and run it
|
||||
|
||||
# Notes about the build process:
|
||||
|
||||
The elm binary embeds a piece of pre-compiled elm code, used by 'elm
|
||||
reactor'. This means that the build process for 'elm' effectively
|
||||
executes 'elm make'. that in turn expects to retrieve the elm
|
||||
dependencies of that code (elm/core, etc.) from
|
||||
package.elm-lang.org, as well as a cached bit of metadata
|
||||
(versions.dat).
|
||||
|
||||
The makeDotElm function lets us retrieve these dependencies in the
|
||||
standard nix way. we have to copy them in (rather than symlink) and
|
||||
make them writable because the elm compiler writes other .dat files
|
||||
alongside the source code. versions.dat was produced during an
|
||||
impure build of this same code; the build complains that it can't
|
||||
update this cache, but continues past that warning.
|
||||
|
||||
Finally, we set ELM_HOME to point to these pre-fetched artifacts so
|
||||
that the default of ~/.elm isn't used.
|
||||
|
||||
More: https://blog.hercules-ci.com/elm/2019/01/03/elm2nix-0.1/
|
@ -2,95 +2,40 @@
|
||||
, haskell, nodejs
|
||||
, fetchurl, fetchpatch, makeWrapper, git }:
|
||||
|
||||
# To update:
|
||||
|
||||
# 1) Modify ./update.sh and run it
|
||||
|
||||
# 2) to generate versions.dat:
|
||||
# 2.1) git clone https://github.com/elm/compiler.git
|
||||
# 2.2) cd compiler
|
||||
# 2.3) cabal2nix --shell . | sed 's/"default",/"ghc822",/' > shell.nix
|
||||
# 2.4) nix-shell
|
||||
# 2.5) mkdir .elm
|
||||
# 2.6) export ELM_HOME=$(pwd)/.elm
|
||||
# 2.7) cabal build
|
||||
# 2.8) cp .elm/0.19.0/package/versions.dat ...
|
||||
|
||||
# 3) generate a template for elm-elm.nix with:
|
||||
# (
|
||||
# echo "{";
|
||||
# jq '.dependencies | .direct, .indirect | to_entries | .[] | { (.key) : { version : .value, sha256: "" } } ' \
|
||||
# < ui/browser/elm.json \
|
||||
# | sed 's/:/ =/' \
|
||||
# | sed 's/^[{}]//' \
|
||||
# | sed -E 's/(["}]),?$/\1;/' \
|
||||
# | sed -E 's/"(version|sha256)"/\1/' \
|
||||
# | grep -v '^$';
|
||||
# echo "}"
|
||||
# )
|
||||
#
|
||||
# ... then fill in the sha256s
|
||||
|
||||
# Notes:
|
||||
|
||||
# the elm binary embeds a piece of pre-compiled elm code, used by 'elm
|
||||
# reactor'. this means that the build process for 'elm' effectively
|
||||
# executes 'elm make'. that in turn expects to retrieve the elm
|
||||
# dependencies of that code (elm/core, etc.) from
|
||||
# package.elm-lang.org, as well as a cached bit of metadata
|
||||
# (versions.dat).
|
||||
|
||||
# the makeDotElm function lets us retrieve these dependencies in the
|
||||
# standard nix way. we have to copy them in (rather than symlink) and
|
||||
# make them writable because the elm compiler writes other .dat files
|
||||
# alongside the source code. versions.dat was produced during an
|
||||
# impure build of this same code; the build complains that it can't
|
||||
# update this cache, but continues past that warning.
|
||||
|
||||
# finally, we set ELM_HOME to point to these pre-fetched artifacts so
|
||||
# that the default of ~/.elm isn't used.
|
||||
|
||||
let
|
||||
fetchElmDeps = import ./fetchElmDeps.nix { inherit stdenv lib fetchurl; };
|
||||
hsPkgs = haskell.packages.ghc822.override {
|
||||
hsPkgs = haskell.packages.ghc863.override {
|
||||
overrides = self: super: with haskell.lib;
|
||||
let elmPkgs = {
|
||||
elm = overrideCabal (self.callPackage ./packages/elm.nix { }) (drv: {
|
||||
# sadly with parallelism most of the time breaks compilation
|
||||
enableParallelBuilding = false;
|
||||
preConfigure = fetchElmDeps {
|
||||
elmPackages = (import ./packages/elm-elm.nix);
|
||||
preConfigure = self.fetchElmDeps {
|
||||
elmPackages = (import ./packages/elm-srcs.nix);
|
||||
versionsDat = ./versions.dat;
|
||||
};
|
||||
buildTools = drv.buildTools or [] ++ [ makeWrapper ];
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://github.com/elm/compiler/pull/1784/commits/78d2d8eab310552b1b877a3e90e1e57e7a09ddec.patch";
|
||||
sha256 = "0vdhk16xqm2hxw12s1b91a0bmi8w4wsxc086qlzglgnjxrl5b3w4";
|
||||
})
|
||||
];
|
||||
jailbreak = true;
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/elm \
|
||||
--prefix PATH ':' ${lib.makeBinPath [ nodejs ]}
|
||||
'';
|
||||
});
|
||||
|
||||
|
||||
|
||||
/*
|
||||
The elm-format expression is updated via a script in the https://github.com/avh4/elm-format repo:
|
||||
`pacakge/nix/build.sh`
|
||||
*/
|
||||
elm-format = self.callPackage ./packages/elm-format.nix {};
|
||||
elm-format = justStaticExecutables (doJailbreak (self.callPackage ./packages/elm-format.nix {}));
|
||||
|
||||
inherit fetchElmDeps;
|
||||
elmVersion = elmPkgs.elm.version;
|
||||
};
|
||||
in elmPkgs // {
|
||||
inherit elmPkgs;
|
||||
elmVersion = elmPkgs.elm.version;
|
||||
|
||||
# Needed for elm-format
|
||||
indents = self.callPackage ./packages/indents.nix {};
|
||||
tasty-quickcheck = self.callPackage ./packages/tasty-quickcheck.nix {};
|
||||
};
|
||||
};
|
||||
in hsPkgs.elmPkgs
|
||||
|
@ -1,26 +0,0 @@
|
||||
#!/usr/bin/env ruby
|
||||
|
||||
require 'json'
|
||||
|
||||
system("elm-package install -y")
|
||||
depsSrc = JSON.parse(File.read("elm-stuff/exact-dependencies.json"))
|
||||
deps = Hash[ depsSrc.map { |pkg, ver|
|
||||
url = "https://github.com/#{pkg}/archive/#{ver}.tar.gz"
|
||||
sha256 = `nix-prefetch-url #{url}`
|
||||
|
||||
[ pkg, { version: ver,
|
||||
sha256: sha256.strip
|
||||
}
|
||||
]
|
||||
} ]
|
||||
|
||||
File.open("package.nix", 'w') do |file|
|
||||
file.puts "{"
|
||||
for pkg, info in deps
|
||||
file.puts " \"#{pkg}\" = {"
|
||||
file.puts " version = \"#{info[:version]}\";"
|
||||
file.puts " sha256 = \"#{info[:sha256]}\";"
|
||||
file.puts " };"
|
||||
end
|
||||
file.puts "}"
|
||||
end
|
@ -1,50 +0,0 @@
|
||||
{
|
||||
"elm/browser" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "1apmvyax93nvmagwj00y16zx10kfv640cxpi64xgqbgy7d2wphy4";
|
||||
};
|
||||
"elm/core" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "10kr86h4v5h4p0586q406a5wbl8xvr1jyrf6097zp2wb8sv21ylw";
|
||||
};
|
||||
"elm/html" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "1n3gpzmpqqdsldys4ipgyl1zacn0kbpc3g4v3hdpiyfjlgh8bf3k";
|
||||
};
|
||||
"elm/http" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "1igmm89ialzrjib1j8xagkxalq1x2gj4l0hfxcd66mpwmvg7psl8";
|
||||
};
|
||||
"elm/json" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "1g0hafkqf2q633r7ir9wxpb1lnlzskhpsyi0h5bkzj0gl072zfnb";
|
||||
};
|
||||
"elm/project-metadata-utils" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "1d4rd4grrnbdvj9gf00h7dr6hbkjzawgkzpizfrkp1z1pyr3mvq9";
|
||||
};
|
||||
"elm/svg" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "08x0v8p9wm699jjmsnbq69pxv3jh60j4f6fg7y6hyr7xxj85y390";
|
||||
};
|
||||
"elm-explorations/markdown" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "0k3110ixa4wwf3vkkdplagwah9ypr965qxr1y147rnsc1xsxmr6y";
|
||||
};
|
||||
"elm/parser" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "0k4zlq30lrvawqvzwbvsl0hrmwf9s832mb41z7fdspm4549dj7wc";
|
||||
};
|
||||
"elm/time" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "0vch7i86vn0x8b850w1p69vplll1bnbkp8s383z7pinyg94cm2z1";
|
||||
};
|
||||
"elm/url" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "0av8x5syid40sgpl5vd7pry2rq0q4pga28b4yykn9gd9v12rs3l4";
|
||||
};
|
||||
"elm/virtual-dom" = {
|
||||
version = "1.0.0";
|
||||
sha256 = "0hm8g92h7z39km325dlnhk8n00nlyjkqp3r3jppr37k2k13md6aq";
|
||||
};
|
||||
}
|
62
pkgs/development/compilers/elm/packages/elm-srcs.nix
Normal file
62
pkgs/development/compilers/elm/packages/elm-srcs.nix
Normal file
@ -0,0 +1,62 @@
|
||||
{
|
||||
|
||||
"elm-explorations/markdown" = {
|
||||
sha256 = "0k3110ixa4wwf3vkkdplagwah9ypr965qxr1y147rnsc1xsxmr6y";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/json" = {
|
||||
sha256 = "1g0hafkqf2q633r7ir9wxpb1lnlzskhpsyi0h5bkzj0gl072zfnb";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/html" = {
|
||||
sha256 = "1n3gpzmpqqdsldys4ipgyl1zacn0kbpc3g4v3hdpiyfjlgh8bf3k";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/svg" = {
|
||||
sha256 = "08x0v8p9wm699jjmsnbq69pxv3jh60j4f6fg7y6hyr7xxj85y390";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/project-metadata-utils" = {
|
||||
sha256 = "1d4rd4grrnbdvj9gf00h7dr6hbkjzawgkzpizfrkp1z1pyr3mvq9";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/browser" = {
|
||||
sha256 = "1apmvyax93nvmagwj00y16zx10kfv640cxpi64xgqbgy7d2wphy4";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/core" = {
|
||||
sha256 = "10kr86h4v5h4p0586q406a5wbl8xvr1jyrf6097zp2wb8sv21ylw";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/http" = {
|
||||
sha256 = "1igmm89ialzrjib1j8xagkxalq1x2gj4l0hfxcd66mpwmvg7psl8";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/parser" = {
|
||||
sha256 = "0k4zlq30lrvawqvzwbvsl0hrmwf9s832mb41z7fdspm4549dj7wc";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/url" = {
|
||||
sha256 = "0av8x5syid40sgpl5vd7pry2rq0q4pga28b4yykn9gd9v12rs3l4";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/time" = {
|
||||
sha256 = "0vch7i86vn0x8b850w1p69vplll1bnbkp8s383z7pinyg94cm2z1";
|
||||
version = "1.0.0";
|
||||
};
|
||||
|
||||
"elm/virtual-dom" = {
|
||||
sha256 = "0hm8g92h7z39km325dlnhk8n00nlyjkqp3r3jppr37k2k13md6aq";
|
||||
version = "1.0.0";
|
||||
};
|
||||
}
|
@ -13,6 +13,7 @@ mkDerivation {
|
||||
url = "https://github.com/elm/compiler";
|
||||
sha256 = "13jks6c6i80z71mjjfg46ri570g5ini0k3xw3857v6z66zcl56x4";
|
||||
rev = "d5cbc41aac23da463236bbc250933d037da4055a";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
isLibrary = false;
|
||||
isExecutable = true;
|
||||
|
@ -1,14 +0,0 @@
|
||||
{ mkDerivation, base, pcre-light, QuickCheck, random, stdenv
|
||||
, tagged, tasty, tasty-hunit
|
||||
}:
|
||||
mkDerivation {
|
||||
pname = "tasty-quickcheck";
|
||||
version = "0.9.2";
|
||||
sha256 = "c5920adeab6e283d5e3ab45f3c80a1b011bedfbe4a3246a52606da2e1da95873";
|
||||
libraryHaskellDepends = [ base QuickCheck random tagged tasty ];
|
||||
testHaskellDepends = [ base pcre-light tasty tasty-hunit ];
|
||||
doCheck = false;
|
||||
homepage = "https://github.com/feuerbach/tasty";
|
||||
description = "QuickCheck support for the Tasty test framework";
|
||||
license = stdenv.lib.licenses.mit;
|
||||
}
|
@ -1 +1,8 @@
|
||||
cabal2nix https://github.com/elm/compiler --revision 32059a289d27e303fa1665e9ada0a52eb688f302 > packages/elm.nix
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -p cabal2nix elm2nix -i bash ../../..
|
||||
|
||||
cabal2nix https://github.com/elm/compiler --revision d5cbc41aac23da463236bbc250933d037da4055a > packages/elm.nix
|
||||
elm2nix snapshot > versions.dat
|
||||
pushd "$(nix-build -A elmPackages.elm.src --no-out-link ../../../..)/ui/browser"
|
||||
elm2nix convert > $OLDPWD/packages/elm-srcs.nix
|
||||
popd
|
||||
|
Binary file not shown.
@ -517,6 +517,10 @@ self: super: {
|
||||
# generic-deriving bound is too tight
|
||||
aeson = doJailbreak super.aeson;
|
||||
|
||||
# containers >=0.4 && <0.6 is too tight
|
||||
# https://github.com/RaphaelJ/friday/issues/34
|
||||
friday = doJailbreak super.friday;
|
||||
|
||||
# Won't compile with recent versions of QuickCheck.
|
||||
inilist = dontCheck super.inilist;
|
||||
MissingH = dontCheck super.MissingH;
|
||||
|
@ -55,6 +55,8 @@ self: super: {
|
||||
unicode-transforms = dontCheck super.unicode-transforms;
|
||||
RSA = dontCheck super.RSA; # https://github.com/GaloisInc/RSA/issues/14
|
||||
monad-par = dontCheck super.monad-par; # https://github.com/simonmar/monad-par/issues/66
|
||||
github = dontCheck super.github; # hspec upper bound exceeded; https://github.com/phadej/github/pull/341
|
||||
binary-orphans = dontCheck super.binary-orphans; # tasty upper bound exceeded; https://github.com/phadej/binary-orphans/commit/8ce857226595dd520236ff4c51fa1a45d8387b33
|
||||
|
||||
# https://github.com/jgm/skylighting/issues/55
|
||||
skylighting-core = dontCheck super.skylighting-core;
|
||||
|
@ -4,11 +4,11 @@
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "getdns";
|
||||
name = "${pname}-${version}";
|
||||
version = "1.4.2";
|
||||
version = "1.5.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://getdnsapi.net/releases/${pname}-1-4-2/${pname}-${version}.tar.gz";
|
||||
sha256 = "100fzjpvajvnv0kym8g5lkwyv8w8vhy7g2p0pb2gyz19zqnvi18n";
|
||||
url = "https://getdnsapi.net/releases/${pname}-1-5-0/${pname}-${version}.tar.gz";
|
||||
sha256 = "577182c3ace919ee70cee5629505581a10dc530bd53fe5c241603ea91c84fa84";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ libtool m4 autoreconfHook automake file ];
|
||||
|
28
pkgs/development/python-modules/easywatch/default.nix
Normal file
28
pkgs/development/python-modules/easywatch/default.nix
Normal file
@ -0,0 +1,28 @@
|
||||
{ lib
|
||||
, fetchPypi
|
||||
, buildPythonPackage
|
||||
, watchdog
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "easywatch";
|
||||
version = "0.0.5";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1b40cjigv7s9qj8hxxy6yhwv0320z7qywrigwgkasgh80q0xgphc";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ watchdog ];
|
||||
|
||||
# There are no tests
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Dead-simple way to watch a directory";
|
||||
homepage = https://github.com/Ceasar/easywatch;
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ fgaz ];
|
||||
};
|
||||
}
|
||||
|
@ -1,41 +0,0 @@
|
||||
{ stdenv
|
||||
, buildPythonPackage
|
||||
, fetchurl
|
||||
, gflags
|
||||
, iso8601
|
||||
, ipaddr
|
||||
, httplib2
|
||||
, google_apputils
|
||||
, google_api_python_client
|
||||
, isPy3k
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
name = "gcutil-1.16.1";
|
||||
disabled = isPy3k;
|
||||
|
||||
src = fetchurl {
|
||||
url = https://dl.google.com/dl/cloudsdk/release/artifacts/gcutil-1.16.1.tar.gz;
|
||||
sha256 = "00jaf7x1ji9y46fbkww2sg6r6almrqfsprydz3q2swr4jrnrsx9x";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ gflags iso8601 ipaddr httplib2 google_apputils google_api_python_client ];
|
||||
|
||||
prePatch = ''
|
||||
sed -i -e "s|google-apputils==0.4.0|google-apputils==0.4.1|g" setup.py
|
||||
substituteInPlace setup.py \
|
||||
--replace "httplib2==0.8" "httplib2" \
|
||||
--replace "iso8601==0.1.4" "iso8601" \
|
||||
--replace "ipaddr==2.1.10" "ipaddr" \
|
||||
--replace "google-api-python-client==1.2" "google-api-python-client" \
|
||||
--replace "python-gflags==2.0" "python-gflags"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Command-line tool for interacting with Google Compute Engine";
|
||||
homepage = "https://cloud.google.com/compute/docs/gcutil/";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ phreedom ];
|
||||
};
|
||||
|
||||
}
|
@ -1,13 +1,14 @@
|
||||
{ lib, buildPythonPackage, fetchPypi
|
||||
{ lib, buildPythonPackage, fetchPypi, isPy3k
|
||||
, httplib2, google_auth, google-auth-httplib2, six, uritemplate, oauth2client }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "google-api-python-client";
|
||||
version = "1.7.4";
|
||||
version = "1.7.7";
|
||||
#disabled = !isPy3k; # TODO: Python 2.7 was deprecated but weboob still depends on it.
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "5d5cb02c6f3112c68eed51b74891a49c0e35263380672d662f8bfe85b8114d7c";
|
||||
sha256 = "1nlsp8cll6v9w4649j98xw545bfnqa2xs7m9faa9mxc0kp8ff1li";
|
||||
};
|
||||
|
||||
# No tests included in archive
|
||||
|
@ -1,12 +1,20 @@
|
||||
{ stdenv, fetchPypi, buildPythonPackage, gssapi, pyasn1 }:
|
||||
{ stdenv, fetchPypi, fetchFromGitHub, buildPythonPackage, gssapi, pyasn1 }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
version = "2.5.2";
|
||||
pname = "ldap3";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "063dacy01mphc3n7z2qc2avykjavqm1gllkbvy7xzw5ihlqwhrrz";
|
||||
## This should work, but 2.5.2 has a weird tarball with empty source files
|
||||
## where upstream repository has non-empty ones
|
||||
# src = fetchPypi {
|
||||
# inherit pname version;
|
||||
# sha256 = "063dacy01mphc3n7z2qc2avykjavqm1gllkbvy7xzw5ihlqwhrrz";
|
||||
# };
|
||||
src = fetchFromGitHub {
|
||||
owner = "cannatag";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0p5l4bhy6j2nvvlxz5zvznbaqb72x791v9la2jr2wpwr60mzz9hw";
|
||||
};
|
||||
|
||||
buildInputs = [ gssapi ];
|
||||
|
@ -33,7 +33,7 @@ buildPythonPackage rec {
|
||||
default, encoding is done in an encoding neutral fashion (plain
|
||||
ASCII with \uXXXX escapes for unicode characters).
|
||||
'';
|
||||
homepage = http://code.google.com/p/simplejson/;
|
||||
license = lib.licenses.mit;
|
||||
homepage = https://github.com/simplejson/simplejson;
|
||||
license = with lib.licenses; [ mit afl21 ];
|
||||
};
|
||||
}
|
||||
|
30
pkgs/development/python-modules/staticjinja/default.nix
Normal file
30
pkgs/development/python-modules/staticjinja/default.nix
Normal file
@ -0,0 +1,30 @@
|
||||
{ lib
|
||||
, fetchPypi
|
||||
, buildPythonPackage
|
||||
, docopt
|
||||
, easywatch
|
||||
, jinja2
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "staticjinja";
|
||||
version = "0.3.4";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1mxv7yy35657mfxx9xhbzihh10m5lb29fmscfh9q455zd4ikr032";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ jinja2 docopt easywatch ];
|
||||
|
||||
# There are no tests on pypi
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "A library and cli tool that makes it easy to build static sites using Jinja2";
|
||||
homepage = https://staticjinja.readthedocs.io/en/latest/;
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ fgaz ];
|
||||
};
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ buildPythonPackage, fetchurl, stdenv, isPy27
|
||||
{ buildPythonPackage, fetchurl, fetchPypi, stdenv, isPy27
|
||||
, nose, pillow, prettytable, pyyaml, dateutil, gdata
|
||||
, requests, mechanize, feedparser, lxml, gnupg, pyqt5
|
||||
, libyaml, simplejson, cssselect, futures, pdfminer
|
||||
@ -6,7 +6,18 @@
|
||||
, unidecode
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
let
|
||||
# Support for Python 2.7 was dropped in 1.7.7
|
||||
google_api_python_client_python27 = google_api_python_client.overrideDerivation
|
||||
(oldAttrs: rec {
|
||||
pname = "google-api-python-client";
|
||||
version = "1.7.6";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "14w5sdrp0bk9n0r2lmpqmrbf2zclpfq6q7giyahnskkfzdkb165z";
|
||||
};
|
||||
});
|
||||
in buildPythonPackage rec {
|
||||
pname = "weboob";
|
||||
version = "1.3";
|
||||
disabled = ! isPy27;
|
||||
@ -35,8 +46,8 @@ buildPythonPackage rec {
|
||||
|
||||
propagatedBuildInputs = [ pillow prettytable pyyaml dateutil
|
||||
gdata requests mechanize feedparser lxml gnupg pyqt5 libyaml
|
||||
simplejson cssselect futures pdfminer termcolor google_api_python_client
|
||||
html2text unidecode ];
|
||||
simplejson cssselect futures pdfminer termcolor
|
||||
google_api_python_client_python27 html2text unidecode ];
|
||||
|
||||
checkPhase = ''
|
||||
nosetests
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
buildGoPackage rec {
|
||||
name = "gllvm-${version}";
|
||||
version = "1.2.2";
|
||||
version = "1.2.3";
|
||||
|
||||
goPackagePath = "github.com/SRI-CSL/gllvm";
|
||||
|
||||
@ -10,7 +10,7 @@ buildGoPackage rec {
|
||||
owner = "SRI-CSL";
|
||||
repo = "gllvm";
|
||||
rev = "v${version}";
|
||||
sha256 = "1k6081frnc6i6h3fa8d796cirhbf5kkshw7qyarz5wi3fcgijn4s";
|
||||
sha256 = "12kdgsma62nzksvw266qm3ivkbz62ma93dd25wy0p19789v4fi7s";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
42
pkgs/development/tools/minizinc/ide.nix
Normal file
42
pkgs/development/tools/minizinc/ide.nix
Normal file
@ -0,0 +1,42 @@
|
||||
{ stdenv, fetchFromGitHub, qtbase, qtwebengine, qtwebkit, qmake, makeWrapper, minizinc }:
|
||||
let
|
||||
version = "2.2.3";
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
name = "minizinc-ide-${version}";
|
||||
|
||||
nativeBuildInputs = [ qmake makeWrapper ];
|
||||
buildInputs = [ qtbase qtwebengine qtwebkit ];
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "MiniZinc";
|
||||
repo = "MiniZincIDE";
|
||||
rev = version;
|
||||
sha256 = "1hanq7c6li59awlwghgvpd8w93a7zb6iw7p4062nphnbd1dmg92f";
|
||||
};
|
||||
|
||||
sourceRoot = "source/MiniZincIDE";
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/MiniZincIDE --prefix PATH ":" ${stdenv.lib.makeBinPath [ minizinc ]}
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = https://www.minizinc.org/;
|
||||
description = "IDE for MiniZinc, a medium-level constraint modelling language";
|
||||
|
||||
longDescription = ''
|
||||
MiniZinc is a medium-level constraint modelling
|
||||
language. It is high-level enough to express most
|
||||
constraint problems easily, but low-level enough
|
||||
that it can be mapped onto existing solvers easily and consistently.
|
||||
It is a subset of the higher-level language Zinc.
|
||||
'';
|
||||
|
||||
license = licenses.mpl20;
|
||||
platforms = platforms.linux;
|
||||
maintainers = [ maintainers.dtzWill ];
|
||||
};
|
||||
}
|
@ -20,13 +20,14 @@
|
||||
, glibcLocales
|
||||
, nose
|
||||
, send2trash
|
||||
, CoreAudio
|
||||
# This little flag adds a huge number of dependencies, but we assume that
|
||||
# everyone wants Anki to draw plots with statistics by default.
|
||||
, plotsSupport ? true
|
||||
}:
|
||||
|
||||
buildPythonApplication rec {
|
||||
version = "2.1.7";
|
||||
version = "2.1.8";
|
||||
name = "anki-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
@ -36,12 +37,16 @@ buildPythonApplication rec {
|
||||
# "http://ankisrs.net/download/mirror/${name}.tgz"
|
||||
# "http://ankisrs.net/download/mirror/archive/${name}.tgz"
|
||||
];
|
||||
sha256 = "0cvlimfxb7kficlf20hg7a345pahvr093b7yqvssww15h4y4va9d";
|
||||
sha256 = "08wb9hwpmbq7636h7sinim33qygdwwlh3frqqh2gfgm49f46di2p";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ pyqt5 sqlalchemy
|
||||
beautifulsoup4 send2trash pyaudio requests decorator markdown ]
|
||||
++ lib.optional plotsSupport matplotlib;
|
||||
propagatedBuildInputs = [
|
||||
pyqt5 sqlalchemy beautifulsoup4 send2trash pyaudio requests decorator
|
||||
markdown
|
||||
]
|
||||
++ lib.optional plotsSupport matplotlib
|
||||
++ lib.optional stdenv.isDarwin [ CoreAudio ]
|
||||
;
|
||||
|
||||
checkInputs = [ pytest glibcLocales nose ];
|
||||
|
||||
|
@ -59,7 +59,7 @@ stdenv.mkDerivation ((lib.optionalAttrs (! isNull buildScript) {
|
||||
++ lib.optionals stdenv.isLinux (with pkgs.xorg; [
|
||||
libXi libXcursor libXrandr libXrender libXxf86vm libXcomposite libXext
|
||||
])
|
||||
++ [ pkgs.xorg.libX11 ]));
|
||||
++ [ pkgs.xorg.libX11 pkgs.perl ]));
|
||||
|
||||
# Wine locates a lot of libraries dynamically through dlopen(). Add
|
||||
# them to the RPATH so that the user doesn't have to set them in
|
||||
|
@ -2,22 +2,23 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "i2c-tools-${version}";
|
||||
version = "4.0";
|
||||
version = "4.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.kernel.org/pub/software/utils/i2c-tools/${name}.tar.xz";
|
||||
sha256 = "1mi8mykvl89y6liinc9jv1x8m2q093wrdc2hm86a47n524fcl06r";
|
||||
sha256 = "1m97hpwqfaqjl9xvr4pvz2vdrsdvxbcn0nnx8pamnyc3s7pikcjp";
|
||||
};
|
||||
|
||||
buildInputs = [ perl ];
|
||||
|
||||
patchPhase = ''
|
||||
postPatch = ''
|
||||
substituteInPlace eeprom/decode-edid --replace "/usr/sbin/parse-edid" "${read-edid}/bin/parse-edid"
|
||||
substituteInPlace stub/i2c-stub-from-dump --replace "/sbin/" ""
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
make install prefix=$out
|
||||
makeFlags = [ "PREFIX=${placeholder "out"}" ];
|
||||
|
||||
postInstall = ''
|
||||
rm -rf $out/include # Installs include/linux/i2c-dev.h that conflics with kernel headers
|
||||
'';
|
||||
|
||||
|
@ -28,9 +28,9 @@ ${optionalString (stdenv.hostPlatform.platform.kernelArch == "x86_64") ''
|
||||
# Reduce attack surface by disabling various emulations
|
||||
IA32_EMULATION n
|
||||
X86_X32 n
|
||||
${optionalString (versionOlder version "4.17") ''
|
||||
MODIFY_LDT_SYSCALL? n
|
||||
''}
|
||||
# Note: this config depends on EXPERT y and so will not take effect, hence
|
||||
# it is left "optional" for now.
|
||||
MODIFY_LDT_SYSCALL? n
|
||||
|
||||
VMAP_STACK y # Catch kernel stack overflows
|
||||
|
||||
@ -52,18 +52,23 @@ ${optionalString (versionOlder version "4.11") ''
|
||||
DEBUG_SET_MODULE_RONX y
|
||||
''}
|
||||
|
||||
# Mark LSM hooks read-only after init. Conflicts with SECURITY_SELINUX_DISABLE
|
||||
# (disabling SELinux at runtime); hence, SELinux can only be disabled at boot
|
||||
# via the selinux=0 boot parameter.
|
||||
# Mark LSM hooks read-only after init. SECURITY_WRITABLE_HOOKS n
|
||||
# conflicts with SECURITY_SELINUX_DISABLE y; disabling the latter
|
||||
# implicitly marks LSM hooks read-only after init.
|
||||
#
|
||||
# SELinux can only be disabled at boot via selinux=0
|
||||
#
|
||||
# We set SECURITY_WRITABLE_HOOKS n primarily for documentation purposes; the
|
||||
# config builder fails to detect that it has indeed been unset.
|
||||
${optionalString (versionAtLeast version "4.12") ''
|
||||
SECURITY_SELINUX_DISABLE n
|
||||
''}
|
||||
|
||||
${optionalString ((versionAtLeast version "4.12") && (versionOlder version "4.17")) ''
|
||||
SECURITY_WRITABLE_HOOKS n
|
||||
SECURITY_WRITABLE_HOOKS? n
|
||||
''}
|
||||
|
||||
DEBUG_WX y # boot-time warning on RWX mappings
|
||||
${optionalString (versionAtLeast version "4.11") ''
|
||||
STRICT_KERNEL_RWX y
|
||||
''}
|
||||
|
||||
# Stricter /dev/mem
|
||||
STRICT_DEVMEM? y
|
||||
@ -84,7 +89,7 @@ ${optionalString (versionAtLeast version "4.13") ''
|
||||
# Perform usercopy bounds checking.
|
||||
HARDENED_USERCOPY y
|
||||
${optionalString (versionAtLeast version "4.16") ''
|
||||
HARDENED_USERCOPY_FALLBACK n
|
||||
HARDENED_USERCOPY_FALLBACK n # for full whitelist enforcement
|
||||
''}
|
||||
|
||||
# Randomize allocator freelists.
|
||||
@ -94,6 +99,9 @@ ${optionalString (versionAtLeast version "4.14") ''
|
||||
SLAB_FREELIST_HARDENED y
|
||||
''}
|
||||
|
||||
# Allow enabling slub/slab free poisoning with slub_debug=P
|
||||
SLUB_DEBUG y
|
||||
|
||||
# Wipe higher-level memory allocations on free() with page_poison=1
|
||||
PAGE_POISONING y
|
||||
PAGE_POISONING_NO_SANITY y
|
||||
@ -117,6 +125,11 @@ ${optionalString (versionAtLeast version "4.20") ''
|
||||
GCC_PLUGIN_STACKLEAK y # A port of the PaX stackleak plugin
|
||||
''}
|
||||
|
||||
${optionalString (versionAtLeast version "4.13") ''
|
||||
GCC_PLUGIN_RANDSTRUCT y # A port of the PaX randstruct plugin
|
||||
GCC_PLUGIN_RANDSTRUCT_PERFORMANCE y
|
||||
''}
|
||||
|
||||
# Disable various dangerous settings
|
||||
ACPI_CUSTOM_METHOD n # Allows writing directly to physical memory
|
||||
PROC_KCORE n # Exposes kernel text image layout
|
||||
|
@ -1,11 +1,11 @@
|
||||
{ stdenv, fetchurl, gettext, bzip2 }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "sysstat-12.1.1";
|
||||
name = "sysstat-12.1.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://perso.orange.fr/sebastien.godard/${name}.tar.xz";
|
||||
sha256 = "0drrlv2fr64g5zf0a2bkla2rql4nmq4n192wvcr9r4zppg58d8k4";
|
||||
sha256 = "0xiv70x4n24fcycvlq95lqgb3jwjxfzq61bnyqai57x54hhn46yp";
|
||||
};
|
||||
|
||||
buildInputs = [ gettext ];
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ stdenv, fetchFromGitHub, python2Packages,
|
||||
asciidoc, libxml2, libxslt, docbook_xsl }:
|
||||
asciidoc, cacert, libxml2, libxslt, docbook_xsl }:
|
||||
|
||||
python2Packages.buildPythonApplication rec {
|
||||
version = "7.2.2";
|
||||
@ -15,6 +15,9 @@ python2Packages.buildPythonApplication rec {
|
||||
postPatch = ''
|
||||
# Skip xmllint to stop failures due to no network access
|
||||
sed -i docs/Makefile -e "s|a2x -v -d |a2x -L -v -d |"
|
||||
|
||||
# Provide CA certificates (Used when "sslcacertfile = OS-DEFAULT" is configured")
|
||||
sed -i offlineimap/utils/distro.py -e '/def get_os_sslcertfile():/a\ \ \ \ return "${cacert}/etc/ssl/certs/ca-bundle.crt"'
|
||||
'';
|
||||
|
||||
doCheck = false;
|
||||
|
@ -4,13 +4,13 @@
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "stubby";
|
||||
name = "${pname}-${version}";
|
||||
version = "0.2.3";
|
||||
version = "0.2.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "getdnsapi";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "1n02dj1hvh0aml54asxj42f0j9wfgiyavbh0gr0j9lm4f2xcd60w";
|
||||
sha256 = "1c0jqbxcrwc8kvpx7v0bmdladf20myyi2672r2r87m2q0jvsmgpr";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ libtool m4 libbsd libyaml autoreconfHook ];
|
||||
|
@ -3,79 +3,73 @@
|
||||
}:
|
||||
|
||||
let
|
||||
afl-qemu = callPackage ./qemu.nix {};
|
||||
afl-qemu = callPackage ./qemu.nix { inherit afl; };
|
||||
qemu-exe-name = if stdenv.hostPlatform.system == "x86_64-linux" then "qemu-x86_64"
|
||||
else if stdenv.hostPlatform.system == "i686-linux" then "qemu-i386"
|
||||
else throw "afl: no support for ${stdenv.hostPlatform.system}!";
|
||||
in
|
||||
afl = stdenv.mkDerivation rec {
|
||||
name = "afl-${version}";
|
||||
version = "2.52b";
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "afl-${version}";
|
||||
version = "2.52b";
|
||||
src = fetchurl {
|
||||
url = "http://lcamtuf.coredump.cx/afl/releases/${name}.tgz";
|
||||
sha256 = "0ig0ij4n1pwry5dw1hk4q88801jzzy2cric6y2gd6560j55lnqa3";
|
||||
};
|
||||
enableParallelBuilding = true;
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://lcamtuf.coredump.cx/afl/releases/${name}.tgz";
|
||||
sha256 = "0ig0ij4n1pwry5dw1hk4q88801jzzy2cric6y2gd6560j55lnqa3";
|
||||
};
|
||||
# Note: libcgroup isn't needed for building, just for the afl-cgroup
|
||||
# script.
|
||||
nativeBuildInputs = [ makeWrapper which ];
|
||||
buildInputs = [ llvm ];
|
||||
|
||||
# Note: libcgroup isn't needed for building, just for the afl-cgroup
|
||||
# script.
|
||||
buildInputs = [ makeWrapper llvm which ];
|
||||
|
||||
buildPhase = ''
|
||||
make PREFIX=$out
|
||||
cd llvm_mode
|
||||
make PREFIX=$out
|
||||
cd ..
|
||||
'';
|
||||
installPhase = ''
|
||||
# Do the normal installation
|
||||
make install PREFIX=$out
|
||||
|
||||
# Install the custom QEMU emulator for binary blob fuzzing.
|
||||
cp ${afl-qemu}/bin/${qemu-exe-name} $out/bin/afl-qemu-trace
|
||||
|
||||
# Install the cgroups wrapper for asan-based fuzzing.
|
||||
cp experimental/asan_cgroups/limit_memory.sh $out/bin/afl-cgroup
|
||||
chmod +x $out/bin/afl-cgroup
|
||||
substituteInPlace $out/bin/afl-cgroup \
|
||||
--replace "cgcreate" "${libcgroup}/bin/cgcreate" \
|
||||
--replace "cgexec" "${libcgroup}/bin/cgexec" \
|
||||
--replace "cgdelete" "${libcgroup}/bin/cgdelete"
|
||||
|
||||
# Patch shebangs before wrapping
|
||||
patchShebangs $out/bin
|
||||
|
||||
# Wrap afl-clang-fast(++) with a *different* AFL_PATH, because it
|
||||
# has totally different semantics in that case(?) - and also set a
|
||||
# proper AFL_CC and AFL_CXX so we don't pick up the wrong one out
|
||||
# of $PATH.
|
||||
for x in $out/bin/afl-clang-fast $out/bin/afl-clang-fast++; do
|
||||
wrapProgram $x \
|
||||
--prefix AFL_PATH : "$out/lib/afl" \
|
||||
--run 'export AFL_CC=''${AFL_CC:-${clang}/bin/clang} AFL_CXX=''${AFL_CXX:-${clang}/bin/clang++}'
|
||||
done
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
qemu = afl-qemu;
|
||||
};
|
||||
|
||||
meta = {
|
||||
description = "Powerful fuzzer via genetic algorithms and instrumentation";
|
||||
longDescription = ''
|
||||
American fuzzy lop is a fuzzer that employs a novel type of
|
||||
compile-time instrumentation and genetic algorithms to
|
||||
automatically discover clean, interesting test cases that
|
||||
trigger new internal states in the targeted binary. This
|
||||
substantially improves the functional coverage for the fuzzed
|
||||
code. The compact synthesized corpora produced by the tool are
|
||||
also useful for seeding other, more labor or resource-intensive
|
||||
testing regimes down the road.
|
||||
makeFlags = [ "PREFIX=$(out)" ];
|
||||
postBuild = ''
|
||||
make -C llvm_mode $makeFlags -j$NIX_BUILD_CORES
|
||||
'';
|
||||
homepage = "http://lcamtuf.coredump.cx/afl/";
|
||||
license = stdenv.lib.licenses.asl20;
|
||||
platforms = ["x86_64-linux" "i686-linux"];
|
||||
maintainers = [ stdenv.lib.maintainers.thoughtpolice ];
|
||||
postInstall = ''
|
||||
# Install the custom QEMU emulator for binary blob fuzzing.
|
||||
cp ${afl-qemu}/bin/${qemu-exe-name} $out/bin/afl-qemu-trace
|
||||
|
||||
# Install the cgroups wrapper for asan-based fuzzing.
|
||||
cp experimental/asan_cgroups/limit_memory.sh $out/bin/afl-cgroup
|
||||
chmod +x $out/bin/afl-cgroup
|
||||
substituteInPlace $out/bin/afl-cgroup \
|
||||
--replace "cgcreate" "${libcgroup}/bin/cgcreate" \
|
||||
--replace "cgexec" "${libcgroup}/bin/cgexec" \
|
||||
--replace "cgdelete" "${libcgroup}/bin/cgdelete"
|
||||
|
||||
# Patch shebangs before wrapping
|
||||
patchShebangs $out/bin
|
||||
|
||||
# Wrap afl-clang-fast(++) with a *different* AFL_PATH, because it
|
||||
# has totally different semantics in that case(?) - and also set a
|
||||
# proper AFL_CC and AFL_CXX so we don't pick up the wrong one out
|
||||
# of $PATH.
|
||||
for x in $out/bin/afl-clang-fast $out/bin/afl-clang-fast++; do
|
||||
wrapProgram $x \
|
||||
--prefix AFL_PATH : "$out/lib/afl" \
|
||||
--run 'export AFL_CC=''${AFL_CC:-${clang}/bin/clang} AFL_CXX=''${AFL_CXX:-${clang}/bin/clang++}'
|
||||
done
|
||||
'';
|
||||
|
||||
passthru.qemu = afl-qemu;
|
||||
|
||||
meta = {
|
||||
description = "Powerful fuzzer via genetic algorithms and instrumentation";
|
||||
longDescription = ''
|
||||
American fuzzy lop is a fuzzer that employs a novel type of
|
||||
compile-time instrumentation and genetic algorithms to
|
||||
automatically discover clean, interesting test cases that
|
||||
trigger new internal states in the targeted binary. This
|
||||
substantially improves the functional coverage for the fuzzed
|
||||
code. The compact synthesized corpora produced by the tool are
|
||||
also useful for seeding other, more labor or resource-intensive
|
||||
testing regimes down the road.
|
||||
'';
|
||||
homepage = "http://lcamtuf.coredump.cx/afl/";
|
||||
license = stdenv.lib.licenses.asl20;
|
||||
platforms = ["x86_64-linux" "i686-linux"];
|
||||
maintainers = [ stdenv.lib.maintainers.thoughtpolice ];
|
||||
};
|
||||
};
|
||||
}
|
||||
in afl
|
||||
|
@ -1,335 +0,0 @@
|
||||
/*
|
||||
american fuzzy lop - vaguely configurable bits
|
||||
----------------------------------------------
|
||||
|
||||
Written and maintained by Michal Zalewski <lcamtuf@google.com>
|
||||
|
||||
Copyright 2013, 2014, 2015 Google Inc. All rights reserved.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at:
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
*/
|
||||
|
||||
#ifndef _HAVE_CONFIG_H
|
||||
#define _HAVE_CONFIG_H
|
||||
|
||||
#include "afl-types.h"
|
||||
|
||||
/******************************************************
|
||||
* *
|
||||
* Settings that may be of interest to power users: *
|
||||
* *
|
||||
******************************************************/
|
||||
|
||||
/* Comment out to disable terminal colors: */
|
||||
|
||||
#define USE_COLOR
|
||||
|
||||
/* Comment out to disable fancy ANSI boxes and use poor man's 7-bit UI: */
|
||||
|
||||
#define FANCY_BOXES
|
||||
|
||||
/* Default timeout for fuzzed code (milliseconds): */
|
||||
|
||||
#define EXEC_TIMEOUT 1000
|
||||
|
||||
/* Timeout rounding factor when auto-scaling (milliseconds): */
|
||||
|
||||
#define EXEC_TM_ROUND 20
|
||||
|
||||
/* Default memory limit for child process (MB): */
|
||||
|
||||
#ifndef __x86_64__
|
||||
# define MEM_LIMIT 25
|
||||
#else
|
||||
# define MEM_LIMIT 50
|
||||
#endif /* ^!__x86_64__ */
|
||||
|
||||
/* Default memory limit when running in QEMU mode (MB): */
|
||||
|
||||
#define MEM_LIMIT_QEMU 200
|
||||
|
||||
/* Number of calibration cycles per every new test case (and for test
|
||||
cases that show variable behavior): */
|
||||
|
||||
#define CAL_CYCLES 10
|
||||
#define CAL_CYCLES_LONG 40
|
||||
|
||||
/* The same, but when AFL_NO_VAR_CHECK is set in the environment: */
|
||||
|
||||
#define CAL_CYCLES_NO_VAR 4
|
||||
|
||||
/* Number of subsequent hangs before abandoning an input file: */
|
||||
|
||||
#define HANG_LIMIT 250
|
||||
|
||||
/* Maximum number of unique hangs or crashes to record: */
|
||||
|
||||
#define KEEP_UNIQUE_HANG 500
|
||||
#define KEEP_UNIQUE_CRASH 5000
|
||||
|
||||
/* Baseline number of random tweaks during a single 'havoc' stage: */
|
||||
|
||||
#define HAVOC_CYCLES 5000
|
||||
|
||||
/* Maximum multiplier for the above (should be a power of two, beware
|
||||
of 32-bit int overflows): */
|
||||
|
||||
#define HAVOC_MAX_MULT 16
|
||||
|
||||
/* Absolute minimum number of havoc cycles (after all adjustments): */
|
||||
|
||||
#define HAVOC_MIN 10
|
||||
|
||||
/* Maximum stacking for havoc-stage tweaks. The actual value is calculated
|
||||
like this:
|
||||
|
||||
n = random between 1 and HAVOC_STACK_POW2
|
||||
stacking = 2^n
|
||||
|
||||
In other words, the default (n = 7) produces 2, 4, 8, 16, 32, 64, or
|
||||
128 stacked tweaks: */
|
||||
|
||||
#define HAVOC_STACK_POW2 7
|
||||
|
||||
/* Caps on block sizes for cloning and deletion operations. Each of these
|
||||
ranges has a 33% probability of getting picked, except for the first
|
||||
two cycles where smaller blocks are favored: */
|
||||
|
||||
#define HAVOC_BLK_SMALL 32
|
||||
#define HAVOC_BLK_MEDIUM 128
|
||||
#define HAVOC_BLK_LARGE 1500
|
||||
|
||||
/* Probabilities of skipping non-favored entries in the queue, expressed as
|
||||
percentages: */
|
||||
|
||||
#define SKIP_TO_NEW_PROB 99 /* ...when there are new, pending favorites */
|
||||
#define SKIP_NFAV_OLD_PROB 95 /* ...no new favs, cur entry already fuzzed */
|
||||
#define SKIP_NFAV_NEW_PROB 75 /* ...no new favs, cur entry not fuzzed yet */
|
||||
|
||||
/* Splicing cycle count: */
|
||||
|
||||
#define SPLICE_CYCLES 20
|
||||
|
||||
/* Nominal per-splice havoc cycle length: */
|
||||
|
||||
#define SPLICE_HAVOC 500
|
||||
|
||||
/* Maximum offset for integer addition / subtraction stages: */
|
||||
|
||||
#define ARITH_MAX 35
|
||||
|
||||
/* Limits for the test case trimmer. The absolute minimum chunk size; and
|
||||
the starting and ending divisors for chopping up the input file: */
|
||||
|
||||
#define TRIM_MIN_BYTES 4
|
||||
#define TRIM_START_STEPS 16
|
||||
#define TRIM_END_STEPS 1024
|
||||
|
||||
/* Maximum size of input file, in bytes (keep under 100MB): */
|
||||
|
||||
#define MAX_FILE (1 * 1024 * 1024)
|
||||
|
||||
/* The same, for the test case minimizer: */
|
||||
|
||||
#define TMIN_MAX_FILE (10 * 1024 * 1024)
|
||||
|
||||
/* Block normalization steps for afl-tmin: */
|
||||
|
||||
#define TMIN_SET_MIN_SIZE 4
|
||||
#define TMIN_SET_STEPS 128
|
||||
|
||||
/* Maximum dictionary token size (-x), in bytes: */
|
||||
|
||||
#define MAX_DICT_FILE 128
|
||||
|
||||
/* Length limits for auto-detected dictionary tokens: */
|
||||
|
||||
#define MIN_AUTO_EXTRA 3
|
||||
#define MAX_AUTO_EXTRA 32
|
||||
|
||||
/* Maximum number of user-specified dictionary tokens to use in deterministic
|
||||
steps; past this point, the "extras/user" step will be still carried out,
|
||||
but with proportionally lower odds: */
|
||||
|
||||
#define MAX_DET_EXTRAS 200
|
||||
|
||||
/* Maximum number of auto-extracted dictionary tokens to actually use in fuzzing
|
||||
(first value), and to keep in memory as candidates. The latter should be much
|
||||
higher than the former. */
|
||||
|
||||
#define USE_AUTO_EXTRAS 50
|
||||
#define MAX_AUTO_EXTRAS (USE_AUTO_EXTRAS * 10)
|
||||
|
||||
/* Scaling factor for the effector map used to skip some of the more
|
||||
expensive deterministic steps. The actual divisor is set to
|
||||
2^EFF_MAP_SCALE2 bytes: */
|
||||
|
||||
#define EFF_MAP_SCALE2 3
|
||||
|
||||
/* Minimum input file length at which the effector logic kicks in: */
|
||||
|
||||
#define EFF_MIN_LEN 128
|
||||
|
||||
/* Maximum effector density past which everything is just fuzzed
|
||||
unconditionally (%): */
|
||||
|
||||
#define EFF_MAX_PERC 90
|
||||
|
||||
/* UI refresh frequency (Hz): */
|
||||
|
||||
#define UI_TARGET_HZ 5
|
||||
|
||||
/* Fuzzer stats file and plot update intervals (sec): */
|
||||
|
||||
#define STATS_UPDATE_SEC 60
|
||||
#define PLOT_UPDATE_SEC 5
|
||||
|
||||
/* Smoothing divisor for CPU load and exec speed stats (1 - no smoothing). */
|
||||
|
||||
#define AVG_SMOOTHING 16
|
||||
|
||||
/* Sync interval (every n havoc cycles): */
|
||||
|
||||
#define SYNC_INTERVAL 5
|
||||
|
||||
/* Output directory reuse grace period (minutes): */
|
||||
|
||||
#define OUTPUT_GRACE 25
|
||||
|
||||
/* Uncomment to use simple file names (id_NNNNNN): */
|
||||
|
||||
// #define SIMPLE_FILES
|
||||
|
||||
/* List of interesting values to use in fuzzing. */
|
||||
|
||||
#define INTERESTING_8 \
|
||||
-128, /* Overflow signed 8-bit when decremented */ \
|
||||
-1, /* */ \
|
||||
0, /* */ \
|
||||
1, /* */ \
|
||||
16, /* One-off with common buffer size */ \
|
||||
32, /* One-off with common buffer size */ \
|
||||
64, /* One-off with common buffer size */ \
|
||||
100, /* One-off with common buffer size */ \
|
||||
127 /* Overflow signed 8-bit when incremented */
|
||||
|
||||
#define INTERESTING_16 \
|
||||
-32768, /* Overflow signed 16-bit when decremented */ \
|
||||
-129, /* Overflow signed 8-bit */ \
|
||||
128, /* Overflow signed 8-bit */ \
|
||||
255, /* Overflow unsig 8-bit when incremented */ \
|
||||
256, /* Overflow unsig 8-bit */ \
|
||||
512, /* One-off with common buffer size */ \
|
||||
1000, /* One-off with common buffer size */ \
|
||||
1024, /* One-off with common buffer size */ \
|
||||
4096, /* One-off with common buffer size */ \
|
||||
32767 /* Overflow signed 16-bit when incremented */
|
||||
|
||||
#define INTERESTING_32 \
|
||||
-2147483648LL, /* Overflow signed 32-bit when decremented */ \
|
||||
-100663046, /* Large negative number (endian-agnostic) */ \
|
||||
-32769, /* Overflow signed 16-bit */ \
|
||||
32768, /* Overflow signed 16-bit */ \
|
||||
65535, /* Overflow unsig 16-bit when incremented */ \
|
||||
65536, /* Overflow unsig 16 bit */ \
|
||||
100663045, /* Large positive number (endian-agnostic) */ \
|
||||
2147483647 /* Overflow signed 32-bit when incremented */
|
||||
|
||||
/***********************************************************
|
||||
* *
|
||||
* Really exotic stuff you probably don't want to touch: *
|
||||
* *
|
||||
***********************************************************/
|
||||
|
||||
/* Call count interval between reseeding the libc PRNG from /dev/urandom: */
|
||||
|
||||
#define RESEED_RNG 10000
|
||||
|
||||
/* Maximum line length passed from GCC to 'as' and used for parsing
|
||||
configuration files: */
|
||||
|
||||
#define MAX_LINE 8192
|
||||
|
||||
/* Environment variable used to pass SHM ID to the called program. */
|
||||
|
||||
#define SHM_ENV_VAR "__AFL_SHM_ID"
|
||||
|
||||
/* Other less interesting, internal-only variables. */
|
||||
|
||||
#define CLANG_ENV_VAR "__AFL_CLANG_MODE"
|
||||
#define AS_LOOP_ENV_VAR "__AFL_AS_LOOPCHECK"
|
||||
|
||||
/* Distinctive bitmap signature used to indicate failed execution: */
|
||||
|
||||
#define EXEC_FAIL_SIG 0xfee1dead
|
||||
|
||||
/* Distinctive exit code used to indicate MSAN trip condition: */
|
||||
|
||||
#define MSAN_ERROR 86
|
||||
|
||||
/* Designated file descriptors for forkserver commands (the application will
|
||||
use FORKSRV_FD and FORKSRV_FD + 1): */
|
||||
|
||||
#define FORKSRV_FD 198
|
||||
|
||||
/* Fork server init timeout multiplier: we'll wait the user-selected
|
||||
timeout plus this much for the fork server to spin up. */
|
||||
|
||||
#define FORK_WAIT_MULT 10
|
||||
|
||||
/* Calibration timeout adjustments, to be a bit more generous when resuming
|
||||
fuzzing sessions or trying to calibrate already-added internal finds.
|
||||
The first value is a percentage, the other is in milliseconds: */
|
||||
|
||||
#define CAL_TMOUT_PERC 125
|
||||
#define CAL_TMOUT_ADD 50
|
||||
|
||||
/* Number of chances to calibrate a case before giving up: */
|
||||
|
||||
#define CAL_CHANCES 3
|
||||
|
||||
/* Map size for the traced binary (2^MAP_SIZE_POW2). Must be greater than
|
||||
2; you probably want to keep it under 18 or so for performance reasons
|
||||
(adjusting AFL_INST_RATIO when compiling is probably a better way to solve
|
||||
problems with complex programs). You need to recompile the target binary
|
||||
after changing this - otherwise, SEGVs may ensue. */
|
||||
|
||||
#define MAP_SIZE_POW2 16
|
||||
#define MAP_SIZE (1 << MAP_SIZE_POW2)
|
||||
|
||||
/* Maximum allocator request size (keep well under INT_MAX): */
|
||||
|
||||
#define MAX_ALLOC 0x40000000
|
||||
|
||||
/* A made-up hashing seed: */
|
||||
|
||||
#define HASH_CONST 0xa5b35705
|
||||
|
||||
/* Constants for afl-gotcpu to control busy loop timing: */
|
||||
|
||||
#define CTEST_TARGET_MS 5000
|
||||
#define CTEST_BUSY_CYCLES (10 * 1000 * 1000)
|
||||
|
||||
/* Uncomment this to use inferior block-coverage-based instrumentation. Note
|
||||
that you need to recompile the target binary for this to have any effect: */
|
||||
|
||||
// #define COVERAGE_ONLY
|
||||
|
||||
/* Uncomment this to ignore hit counts and output just one bit per tuple.
|
||||
As with the previous setting, you will need to recompile the target
|
||||
binary: */
|
||||
|
||||
// #define SKIP_COUNTS
|
||||
|
||||
/* Uncomment this to use instrumentation data to record newly discovered paths,
|
||||
but do not use them as seeds for fuzzing. This is useful for conveniently
|
||||
measuring coverage that could be attained by a "dumb" fuzzing algorithm: */
|
||||
|
||||
// #define IGNORE_FINDS
|
||||
|
||||
#endif /* ! _HAVE_CONFIG_H */
|
@ -1,296 +0,0 @@
|
||||
/*
|
||||
american fuzzy lop - high-performance binary-only instrumentation
|
||||
-----------------------------------------------------------------
|
||||
|
||||
Written by Andrew Griffiths <agriffiths@google.com> and
|
||||
Michal Zalewski <lcamtuf@google.com>
|
||||
|
||||
Idea & design very much by Andrew Griffiths.
|
||||
|
||||
Copyright 2015 Google Inc. All rights reserved.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at:
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
This code is a shim patched into the separately-distributed source
|
||||
code of QEMU 2.2.0. It leverages the built-in QEMU tracing functionality
|
||||
to implement AFL-style instrumentation and to take care of the remaining
|
||||
parts of the AFL fork server logic.
|
||||
|
||||
The resulting QEMU binary is essentially a standalone instrumentation
|
||||
tool; for an example of how to leverage it for other purposes, you can
|
||||
have a look at afl-showmap.c.
|
||||
|
||||
*/
|
||||
|
||||
#include <sys/shm.h>
|
||||
#include "afl-config.h"
|
||||
|
||||
/***************************
|
||||
* VARIOUS AUXILIARY STUFF *
|
||||
***************************/
|
||||
|
||||
/* A snippet patched into tb_find_slow to inform the parent process that
|
||||
we have hit a new block that hasn't been translated yet, and to tell
|
||||
it to translate within its own context, too (this avoids translation
|
||||
overhead in the next forked-off copy). */
|
||||
|
||||
#define AFL_QEMU_CPU_SNIPPET1 do { \
|
||||
afl_request_tsl(pc, cs_base, flags); \
|
||||
} while (0)
|
||||
|
||||
/* This snippet kicks in when the instruction pointer is positioned at
|
||||
_start and does the usual forkserver stuff, not very different from
|
||||
regular instrumentation injected via afl-as.h. */
|
||||
|
||||
#define AFL_QEMU_CPU_SNIPPET2 do { \
|
||||
if(tb->pc == afl_entry_point) { \
|
||||
afl_setup(); \
|
||||
afl_forkserver(env); \
|
||||
} \
|
||||
afl_maybe_log(tb->pc); \
|
||||
} while (0)
|
||||
|
||||
/* We use one additional file descriptor to relay "needs translation"
|
||||
messages between the child and the fork server. */
|
||||
|
||||
#define TSL_FD (FORKSRV_FD - 1)
|
||||
|
||||
/* This is equivalent to afl-as.h: */
|
||||
|
||||
static unsigned char *afl_area_ptr;
|
||||
|
||||
/* Exported variables populated by the code patched into elfload.c: */
|
||||
|
||||
abi_ulong afl_entry_point, /* ELF entry point (_start) */
|
||||
afl_start_code, /* .text start pointer */
|
||||
afl_end_code; /* .text end pointer */
|
||||
|
||||
/* Set in the child process in forkserver mode: */
|
||||
|
||||
static unsigned char afl_fork_child;
|
||||
unsigned int afl_forksrv_pid;
|
||||
|
||||
/* Instrumentation ratio: */
|
||||
|
||||
static unsigned int afl_inst_rms = MAP_SIZE;
|
||||
|
||||
/* Function declarations. */
|
||||
|
||||
static void afl_setup(void);
|
||||
static void afl_forkserver(CPUArchState*);
|
||||
static inline void afl_maybe_log(abi_ulong);
|
||||
|
||||
static void afl_wait_tsl(CPUArchState*, int);
|
||||
static void afl_request_tsl(target_ulong, target_ulong, uint64_t);
|
||||
|
||||
static TranslationBlock *tb_find_slow(CPUArchState*, target_ulong,
|
||||
target_ulong, uint64_t);
|
||||
|
||||
|
||||
/* Data structure passed around by the translate handlers: */
|
||||
|
||||
struct afl_tsl {
|
||||
target_ulong pc;
|
||||
target_ulong cs_base;
|
||||
uint64_t flags;
|
||||
};
|
||||
|
||||
|
||||
/*************************
|
||||
* ACTUAL IMPLEMENTATION *
|
||||
*************************/
|
||||
|
||||
|
||||
/* Set up SHM region and initialize other stuff. */
|
||||
|
||||
static void afl_setup(void) {
|
||||
|
||||
char *id_str = getenv(SHM_ENV_VAR),
|
||||
*inst_r = getenv("AFL_INST_RATIO");
|
||||
|
||||
int shm_id;
|
||||
|
||||
if (inst_r) {
|
||||
|
||||
unsigned int r;
|
||||
|
||||
r = atoi(inst_r);
|
||||
|
||||
if (r > 100) r = 100;
|
||||
if (!r) r = 1;
|
||||
|
||||
afl_inst_rms = MAP_SIZE * r / 100;
|
||||
|
||||
}
|
||||
|
||||
if (id_str) {
|
||||
|
||||
shm_id = atoi(id_str);
|
||||
afl_area_ptr = shmat(shm_id, NULL, 0);
|
||||
|
||||
if (afl_area_ptr == (void*)-1) exit(1);
|
||||
|
||||
/* With AFL_INST_RATIO set to a low value, we want to touch the bitmap
|
||||
so that the parent doesn't give up on us. */
|
||||
|
||||
if (inst_r) afl_area_ptr[0] = 1;
|
||||
|
||||
|
||||
}
|
||||
|
||||
if (getenv("AFL_INST_LIBS")) {
|
||||
|
||||
afl_start_code = 0;
|
||||
afl_end_code = (abi_ulong)-1;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* Fork server logic, invoked once we hit _start. */
|
||||
|
||||
static void afl_forkserver(CPUArchState *env) {
|
||||
|
||||
static unsigned char tmp[4];
|
||||
|
||||
if (!afl_area_ptr) return;
|
||||
|
||||
/* Tell the parent that we're alive. If the parent doesn't want
|
||||
to talk, assume that we're not running in forkserver mode. */
|
||||
|
||||
if (write(FORKSRV_FD + 1, tmp, 4) != 4) return;
|
||||
|
||||
afl_forksrv_pid = getpid();
|
||||
|
||||
/* All right, let's await orders... */
|
||||
|
||||
while (1) {
|
||||
|
||||
pid_t child_pid;
|
||||
int status, t_fd[2];
|
||||
|
||||
/* Whoops, parent dead? */
|
||||
|
||||
if (read(FORKSRV_FD, tmp, 4) != 4) exit(2);
|
||||
|
||||
/* Establish a channel with child to grab translation commands. We'll
|
||||
read from t_fd[0], child will write to TSL_FD. */
|
||||
|
||||
if (pipe(t_fd) || dup2(t_fd[1], TSL_FD) < 0) exit(3);
|
||||
close(t_fd[1]);
|
||||
|
||||
child_pid = fork();
|
||||
if (child_pid < 0) exit(4);
|
||||
|
||||
if (!child_pid) {
|
||||
|
||||
/* Child process. Close descriptors and run free. */
|
||||
|
||||
afl_fork_child = 1;
|
||||
close(FORKSRV_FD);
|
||||
close(FORKSRV_FD + 1);
|
||||
close(t_fd[0]);
|
||||
return;
|
||||
|
||||
}
|
||||
|
||||
/* Parent. */
|
||||
|
||||
close(TSL_FD);
|
||||
|
||||
if (write(FORKSRV_FD + 1, &child_pid, 4) != 4) exit(5);
|
||||
|
||||
/* Collect translation requests until child dies and closes the pipe. */
|
||||
|
||||
afl_wait_tsl(env, t_fd[0]);
|
||||
|
||||
/* Get and relay exit status to parent. */
|
||||
|
||||
if (waitpid(child_pid, &status, WUNTRACED) < 0) exit(6);
|
||||
if (write(FORKSRV_FD + 1, &status, 4) != 4) exit(7);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* The equivalent of the tuple logging routine from afl-as.h. */
|
||||
|
||||
static inline void afl_maybe_log(abi_ulong cur_loc) {
|
||||
|
||||
static abi_ulong prev_loc;
|
||||
|
||||
/* Optimize for cur_loc > afl_end_code, which is the most likely case on
|
||||
Linux systems. */
|
||||
|
||||
if (cur_loc > afl_end_code || cur_loc < afl_start_code || !afl_area_ptr)
|
||||
return;
|
||||
|
||||
/* Looks like QEMU always maps to fixed locations, so we can skip this:
|
||||
cur_loc -= afl_start_code; */
|
||||
|
||||
/* Instruction addresses may be aligned. Let's mangle the value to get
|
||||
something quasi-uniform. */
|
||||
|
||||
cur_loc = (cur_loc >> 4) ^ (cur_loc << 8);
|
||||
cur_loc &= MAP_SIZE - 1;
|
||||
|
||||
/* Implement probabilistic instrumentation by looking at scrambled block
|
||||
address. This keeps the instrumented locations stable across runs. */
|
||||
|
||||
if (cur_loc >= afl_inst_rms) return;
|
||||
|
||||
afl_area_ptr[cur_loc ^ prev_loc]++;
|
||||
prev_loc = cur_loc >> 1;
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* This code is invoked whenever QEMU decides that it doesn't have a
|
||||
translation of a particular block and needs to compute it. When this happens,
|
||||
we tell the parent to mirror the operation, so that the next fork() has a
|
||||
cached copy. */
|
||||
|
||||
static void afl_request_tsl(target_ulong pc, target_ulong cb, uint64_t flags) {
|
||||
|
||||
struct afl_tsl t;
|
||||
|
||||
if (!afl_fork_child) return;
|
||||
|
||||
t.pc = pc;
|
||||
t.cs_base = cb;
|
||||
t.flags = flags;
|
||||
|
||||
if (write(TSL_FD, &t, sizeof(struct afl_tsl)) != sizeof(struct afl_tsl))
|
||||
return;
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* This is the other side of the same channel. Since timeouts are handled by
|
||||
afl-fuzz simply killing the child, we can just wait until the pipe breaks. */
|
||||
|
||||
static void afl_wait_tsl(CPUArchState *env, int fd) {
|
||||
|
||||
struct afl_tsl t;
|
||||
|
||||
while (1) {
|
||||
|
||||
/* Broken pipe means it's time to return to the fork server routine. */
|
||||
|
||||
if (read(fd, &t, sizeof(struct afl_tsl)) != sizeof(struct afl_tsl))
|
||||
break;
|
||||
|
||||
tb_find_slow(env, t.pc, t.cs_base, t.flags);
|
||||
|
||||
}
|
||||
|
||||
close(fd);
|
||||
|
||||
}
|
||||
|
@ -1,79 +0,0 @@
|
||||
/*
|
||||
american fuzzy lop - type definitions and minor macros
|
||||
------------------------------------------------------
|
||||
|
||||
Written and maintained by Michal Zalewski <lcamtuf@google.com>
|
||||
|
||||
Copyright 2013, 2014, 2015 Google Inc. All rights reserved.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at:
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
*/
|
||||
|
||||
#ifndef _HAVE_TYPES_H
|
||||
#define _HAVE_TYPES_H
|
||||
|
||||
#include <stdint.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
typedef uint8_t u8;
|
||||
typedef uint16_t u16;
|
||||
typedef uint32_t u32;
|
||||
|
||||
/*
|
||||
|
||||
Ugh. There is an unintended compiler / glibc #include glitch caused by
|
||||
combining the u64 type an %llu in format strings, necessitating a workaround.
|
||||
|
||||
In essence, the compiler is always looking for 'unsigned long long' for %llu.
|
||||
On 32-bit systems, the u64 type (aliased to uint64_t) is expanded to
|
||||
'unsigned long long' in <bits/types.h>, so everything checks out.
|
||||
|
||||
But on 64-bit systems, it is #ifdef'ed in the same file as 'unsigned long'.
|
||||
Now, it only happens in circumstances where the type happens to have the
|
||||
expected bit width, *but* the compiler does not know that... and complains
|
||||
about 'unsigned long' being unsafe to pass to %llu.
|
||||
|
||||
*/
|
||||
|
||||
#ifdef __x86_64__
|
||||
typedef unsigned long long u64;
|
||||
#else
|
||||
typedef uint64_t u64;
|
||||
#endif /* ^sizeof(...) */
|
||||
|
||||
typedef int8_t s8;
|
||||
typedef int16_t s16;
|
||||
typedef int32_t s32;
|
||||
typedef int64_t s64;
|
||||
|
||||
#ifndef MIN
|
||||
# define MIN(_a,_b) ((_a) > (_b) ? (_b) : (_a))
|
||||
# define MAX(_a,_b) ((_a) > (_b) ? (_a) : (_b))
|
||||
#endif /* !MIN */
|
||||
|
||||
#define SWAP16(_x) ({ \
|
||||
u16 _ret = (_x); \
|
||||
(u16)((_ret << 8) | (_ret >> 8)); \
|
||||
})
|
||||
|
||||
#define SWAP32(_x) ({ \
|
||||
u32 _ret = (_x); \
|
||||
(u32)((_ret << 24) | (_ret >> 24) | \
|
||||
((_ret << 8) & 0x00FF0000) | \
|
||||
((_ret >> 8) & 0x0000FF00)); \
|
||||
})
|
||||
|
||||
#define R(x) (random() % (x))
|
||||
|
||||
#define STRINGIFY_INTERNAL(x) #x
|
||||
#define STRINGIFY(x) STRINGIFY_INTERNAL(x)
|
||||
|
||||
#define MEM_BARRIER() \
|
||||
asm volatile("" ::: "memory")
|
||||
|
||||
#endif /* ! _HAVE_TYPES_H */
|
@ -1,33 +0,0 @@
|
||||
--- qemu-2.3.0/cpu-exec.c.orig 2014-12-09 14:45:40.000000000 +0000
|
||||
+++ qemu-2.3.0/cpu-exec.c 2015-02-20 22:07:02.966000000 +0000
|
||||
@@ -28,6 +28,8 @@
|
||||
#include "exec/memory-internal.h"
|
||||
#include "qemu/rcu.h"
|
||||
|
||||
+#include "afl-qemu-cpu-inl.h"
|
||||
+
|
||||
/* -icount align implementation. */
|
||||
|
||||
typedef struct SyncClocks {
|
||||
@@ -296,8 +298,11 @@
|
||||
}
|
||||
not_found:
|
||||
/* if no translated code available, then translate it now */
|
||||
+
|
||||
tb = tb_gen_code(cpu, pc, cs_base, flags, 0);
|
||||
|
||||
+ AFL_QEMU_CPU_SNIPPET1;
|
||||
+
|
||||
found:
|
||||
/* Move the last found TB to the head of the list */
|
||||
if (likely(*ptb1)) {
|
||||
@@ -492,6 +497,9 @@
|
||||
next_tb = 0;
|
||||
tcg_ctx.tb_ctx.tb_invalidated_flag = 0;
|
||||
}
|
||||
+
|
||||
+ AFL_QEMU_CPU_SNIPPET2;
|
||||
+
|
||||
if (qemu_loglevel_mask(CPU_LOG_EXEC)) {
|
||||
qemu_log("Trace %p [" TARGET_FMT_lx "] %s\n",
|
||||
tb->tc_ptr, tb->pc, lookup_symbol(tb->pc));
|
@ -1,32 +0,0 @@
|
||||
--- qemu-2.3.0/linux-user/elfload.c.orig 2014-12-09 14:45:42.000000000 +0000
|
||||
+++ qemu-2.3.0/linux-user/elfload.c 2015-01-28 02:51:23.719000000 +0000
|
||||
@@ -28,6 +28,8 @@
|
||||
|
||||
#define ELF_OSABI ELFOSABI_SYSV
|
||||
|
||||
+extern abi_ulong afl_entry_point, afl_start_code, afl_end_code;
|
||||
+
|
||||
/* from personality.h */
|
||||
|
||||
/*
|
||||
@@ -1889,6 +1891,8 @@
|
||||
info->brk = 0;
|
||||
info->elf_flags = ehdr->e_flags;
|
||||
|
||||
+ if (!afl_entry_point) afl_entry_point = info->entry;
|
||||
+
|
||||
for (i = 0; i < ehdr->e_phnum; i++) {
|
||||
struct elf_phdr *eppnt = phdr + i;
|
||||
if (eppnt->p_type == PT_LOAD) {
|
||||
@@ -1922,9 +1926,11 @@
|
||||
if (elf_prot & PROT_EXEC) {
|
||||
if (vaddr < info->start_code) {
|
||||
info->start_code = vaddr;
|
||||
+ if (!afl_start_code) afl_start_code = vaddr;
|
||||
}
|
||||
if (vaddr_ef > info->end_code) {
|
||||
info->end_code = vaddr_ef;
|
||||
+ if (!afl_end_code) afl_end_code = vaddr_ef;
|
||||
}
|
||||
}
|
||||
if (elf_prot & PROT_WRITE) {
|
@ -2,13 +2,12 @@ diff --git a/Makefile b/Makefile
|
||||
index d6b9dc1..ce7c493 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -384,8 +384,7 @@ install-confdir:
|
||||
install-sysconfig: install-datadir install-confdir
|
||||
$(INSTALL_DATA) $(SRC_PATH)/sysconfigs/target/target-x86_64.conf "$(DESTDIR)$(qemu_confdir)"
|
||||
@@ -601,7 +601,7 @@ install-localstatedir:
|
||||
endif
|
||||
|
||||
-install: all $(if $(BUILD_DOCS),install-doc) install-sysconfig \
|
||||
-install-datadir install-localstatedir
|
||||
|
||||
-install: all $(if $(BUILD_DOCS),install-doc) install-datadir install-localstatedir
|
||||
+install: all $(if $(BUILD_DOCS),install-doc) install-datadir
|
||||
ifneq ($(TOOLS),)
|
||||
$(call install-prog,$(TOOLS),$(DESTDIR)$(bindir))
|
||||
$(call install-prog,$(subst qemu-ga,qemu-ga$(EXESUF),$(TOOLS)),$(DESTDIR)$(bindir))
|
||||
endif
|
||||
|
@ -0,0 +1,28 @@
|
||||
A modified version of qemu commit 75e5b70e6b5dcc4f2219992d7cffa462aa406af0
|
||||
diff --git a/configure b/configure
|
||||
index 9c8aa5a..99ccc17 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -3855,7 +3855,7 @@ fi
|
||||
# check if memfd is supported
|
||||
memfd=no
|
||||
cat > $TMPC << EOF
|
||||
-#include <sys/memfd.h>
|
||||
+#include <sys/mman.h>
|
||||
|
||||
int main(void)
|
||||
{
|
||||
diff --git a/util/memfd.c b/util/memfd.c
|
||||
index 4571d1a..412e94a 100644
|
||||
--- a/util/memfd.c
|
||||
+++ b/util/memfd.c
|
||||
@@ -31,9 +31,7 @@
|
||||
|
||||
#include "qemu/memfd.h"
|
||||
|
||||
-#ifdef CONFIG_MEMFD
|
||||
-#include <sys/memfd.h>
|
||||
-#elif defined CONFIG_LINUX
|
||||
+#if defined CONFIG_LINUX && !defined CONFIG_MEMFD
|
||||
#include <sys/syscall.h>
|
||||
#include <asm/unistd.h>
|
@ -1,121 +0,0 @@
|
||||
diff --git a/user-exec.c b/user-exec.c
|
||||
index 8f57e8a..957f9f7 100644
|
||||
--- a/user-exec.c
|
||||
+++ b/user-exec.c
|
||||
@@ -57,7 +57,7 @@ static void exception_action(CPUState *cpu)
|
||||
void cpu_resume_from_signal(CPUState *cpu, void *puc)
|
||||
{
|
||||
#ifdef __linux__
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
#elif defined(__OpenBSD__)
|
||||
struct sigcontext *uc = puc;
|
||||
#endif
|
||||
@@ -171,7 +171,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
#elif defined(__OpenBSD__)
|
||||
struct sigcontext *uc = puc;
|
||||
#else
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
#endif
|
||||
unsigned long pc;
|
||||
int trapno;
|
||||
@@ -226,7 +226,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
#elif defined(__OpenBSD__)
|
||||
struct sigcontext *uc = puc;
|
||||
#else
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
#endif
|
||||
|
||||
pc = PC_sig(uc);
|
||||
@@ -288,7 +288,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
|
||||
#ifdef __APPLE__
|
||||
#include <sys/ucontext.h>
|
||||
-typedef struct ucontext SIGCONTEXT;
|
||||
+typedef ucontext_t SIGCONTEXT;
|
||||
/* All Registers access - only for local access */
|
||||
#define REG_sig(reg_name, context) \
|
||||
((context)->uc_mcontext->ss.reg_name)
|
||||
@@ -331,7 +331,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
|
||||
ucontext_t *uc = puc;
|
||||
#else
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
#endif
|
||||
unsigned long pc;
|
||||
int is_write;
|
||||
@@ -358,7 +358,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
void *puc)
|
||||
{
|
||||
siginfo_t *info = pinfo;
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
uint32_t *pc = uc->uc_mcontext.sc_pc;
|
||||
uint32_t insn = *pc;
|
||||
int is_write = 0;
|
||||
@@ -456,7 +456,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
#if defined(__NetBSD__)
|
||||
ucontext_t *uc = puc;
|
||||
#else
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
#endif
|
||||
unsigned long pc;
|
||||
int is_write;
|
||||
@@ -483,7 +483,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
int cpu_signal_handler(int host_signum, void *pinfo, void *puc)
|
||||
{
|
||||
siginfo_t *info = pinfo;
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
uintptr_t pc = uc->uc_mcontext.pc;
|
||||
uint32_t insn = *(uint32_t *)pc;
|
||||
bool is_write;
|
||||
@@ -512,7 +512,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
void *puc)
|
||||
{
|
||||
siginfo_t *info = pinfo;
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
unsigned long pc;
|
||||
int is_write;
|
||||
|
||||
@@ -534,7 +534,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
int cpu_signal_handler(int host_signum, void *pinfo, void *puc)
|
||||
{
|
||||
siginfo_t *info = pinfo;
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
unsigned long ip;
|
||||
int is_write = 0;
|
||||
|
||||
@@ -565,7 +565,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
void *puc)
|
||||
{
|
||||
siginfo_t *info = pinfo;
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
unsigned long pc;
|
||||
uint16_t *pinsn;
|
||||
int is_write = 0;
|
||||
@@ -618,7 +618,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
void *puc)
|
||||
{
|
||||
siginfo_t *info = pinfo;
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
greg_t pc = uc->uc_mcontext.pc;
|
||||
int is_write;
|
||||
|
||||
@@ -634,7 +634,7 @@ int cpu_signal_handler(int host_signum, void *pinfo,
|
||||
void *puc)
|
||||
{
|
||||
siginfo_t *info = pinfo;
|
||||
- struct ucontext *uc = puc;
|
||||
+ ucontext_t *uc = puc;
|
||||
unsigned long pc = uc->uc_mcontext.sc_iaoq[0];
|
||||
uint32_t insn = *(uint32_t *)pc;
|
||||
int is_write = 0;
|
@ -1,25 +0,0 @@
|
||||
--- qemu-2.3.0/linux-user/syscall.c.orig 2014-12-09 14:45:43.000000000 +0000
|
||||
+++ qemu-2.3.0/linux-user/syscall.c 2015-03-27 06:33:00.736000000 +0000
|
||||
@@ -227,7 +227,21 @@
|
||||
_syscall3(int,sys_rt_sigqueueinfo,int,pid,int,sig,siginfo_t *,uinfo)
|
||||
_syscall3(int,sys_syslog,int,type,char*,bufp,int,len)
|
||||
#if defined(TARGET_NR_tgkill) && defined(__NR_tgkill)
|
||||
-_syscall3(int,sys_tgkill,int,tgid,int,pid,int,sig)
|
||||
+
|
||||
+extern unsigned int afl_forksrv_pid;
|
||||
+
|
||||
+static int sys_tgkill(int tgid, int pid, int sig) {
|
||||
+
|
||||
+ /* Workaround for -lpthread to make abort() work properly, without
|
||||
+ killing the forkserver due to a prematurely cached PID. */
|
||||
+
|
||||
+ if (afl_forksrv_pid && afl_forksrv_pid == pid && sig == SIGABRT)
|
||||
+ pid = tgid = getpid();
|
||||
+
|
||||
+ return syscall(__NR_sys_tgkill, pid, tgid, sig);
|
||||
+
|
||||
+}
|
||||
+
|
||||
#endif
|
||||
#if defined(TARGET_NR_tkill) && defined(__NR_tkill)
|
||||
_syscall2(int,sys_tkill,int,tid,int,sig)
|
@ -1,18 +0,0 @@
|
||||
--- qemu-2.3.0/translate-all.c.orig 2014-12-09 14:45:46.000000000 +0000
|
||||
+++ qemu-2.3.0/translate-all.c 2015-01-28 22:37:42.383000000 +0000
|
||||
@@ -393,8 +393,13 @@
|
||||
/* We can't use g_malloc because it may recurse into a locked mutex. */
|
||||
# define ALLOC(P, SIZE) \
|
||||
do { \
|
||||
- P = mmap(NULL, SIZE, PROT_READ | PROT_WRITE, \
|
||||
- MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); \
|
||||
+ void* _tmp = mmap(NULL, SIZE, PROT_READ | PROT_WRITE, \
|
||||
+ MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); \
|
||||
+ if (_tmp == (void*)-1) { \
|
||||
+ qemu_log(">>> Out of memory for stack, bailing out. <<<\n"); \
|
||||
+ exit(1); \
|
||||
+ } \
|
||||
+ (P) = _tmp; \
|
||||
} while (0)
|
||||
#else
|
||||
# define ALLOC(P, SIZE) \
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, python2, zlib, pkgconfig, glib, ncurses, perl
|
||||
{ stdenv, fetchurl, afl, python2, zlib, pkgconfig, glib, ncurses, perl
|
||||
, attr, libcap, vde2, texinfo, libuuid, flex, bison, lzo, snappy
|
||||
, libaio, libcap_ng, gnutls, pixman, autoconf
|
||||
, writeText
|
||||
@ -7,59 +7,65 @@
|
||||
with stdenv.lib;
|
||||
|
||||
let
|
||||
n = "qemu-2.3.0";
|
||||
|
||||
aflHeaderFile = writeText "afl-qemu-cpu-inl.h"
|
||||
(builtins.readFile ./qemu-patches/afl-qemu-cpu-inl.h);
|
||||
aflConfigFile = writeText "afl-config.h"
|
||||
(builtins.readFile ./qemu-patches/afl-config.h);
|
||||
aflTypesFile = writeText "afl-types.h"
|
||||
(builtins.readFile ./qemu-patches/afl-types.h);
|
||||
|
||||
qemuName = "qemu-2.10.0";
|
||||
aflName = afl.name;
|
||||
cpuTarget = if stdenv.hostPlatform.system == "x86_64-linux" then "x86_64-linux-user"
|
||||
else if stdenv.hostPlatform.system == "i686-linux" then "i386-linux-user"
|
||||
else throw "afl: no support for ${stdenv.hostPlatform.system}!";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
name = "afl-${n}";
|
||||
name = "afl-${qemuName}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://wiki.qemu.org/download/${n}.tar.bz2";
|
||||
sha256 = "120m53c3p28qxmfzllicjzr8syjv6v4d9rsyrgkp7gnmcgvvgfmn";
|
||||
};
|
||||
srcs = [
|
||||
(fetchurl {
|
||||
url = "http://wiki.qemu.org/download/${qemuName}.tar.bz2";
|
||||
sha256 = "0j3dfxzrzdp1w21k21fjvmakzc6lcha1rsclaicwqvbf63hkk7vy";
|
||||
})
|
||||
afl.src
|
||||
];
|
||||
|
||||
buildInputs =
|
||||
[ python2 zlib pkgconfig glib pixman ncurses perl attr libcap
|
||||
vde2 texinfo libuuid flex bison lzo snappy autoconf
|
||||
libcap_ng gnutls
|
||||
]
|
||||
++ optionals (hasSuffix "linux" stdenv.hostPlatform.system) [ libaio ];
|
||||
sourceRoot = qemuName;
|
||||
|
||||
postUnpack = ''
|
||||
cp ${aflName}/types.h $sourceRoot/afl-types.h
|
||||
substitute ${aflName}/config.h $sourceRoot/afl-config.h \
|
||||
--replace "types.h" "afl-types.h"
|
||||
substitute ${aflName}/qemu_mode/patches/afl-qemu-cpu-inl.h $sourceRoot/afl-qemu-cpu-inl.h \
|
||||
--replace "../../config.h" "afl-config.h"
|
||||
substituteInPlace ${aflName}/qemu_mode/patches/cpu-exec.diff \
|
||||
--replace "../patches/afl-qemu-cpu-inl.h" "afl-qemu-cpu-inl.h"
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
python2 perl pkgconfig flex bison autoconf texinfo
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
zlib glib pixman ncurses attr libcap
|
||||
vde2 libuuid lzo snappy libcap_ng gnutls
|
||||
] ++ optionals (stdenv.isLinux) [ libaio ];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
patches =
|
||||
[ ./qemu-patches/elfload.patch
|
||||
./qemu-patches/cpu-exec.patch
|
||||
./qemu-patches/no-etc-install.patch
|
||||
./qemu-patches/translate-all.patch
|
||||
./qemu-patches/syscall.patch
|
||||
./qemu-patches/qemu-2.3.0-glibc-2.26.patch
|
||||
];
|
||||
|
||||
preConfigure = ''
|
||||
cp ${aflTypesFile} afl-types.h
|
||||
cp ${aflConfigFile} afl-config.h
|
||||
cp ${aflHeaderFile} afl-qemu-cpu-inl.h
|
||||
'';
|
||||
patches = [
|
||||
# patches extracted from afl source
|
||||
"../${aflName}/qemu_mode/patches/cpu-exec.diff"
|
||||
"../${aflName}/qemu_mode/patches/elfload.diff"
|
||||
"../${aflName}/qemu_mode/patches/syscall.diff"
|
||||
# nix-specific patches to make installation more well-behaved
|
||||
./qemu-patches/no-etc-install.patch
|
||||
./qemu-patches/qemu-2.10.0-glibc-2.27.patch
|
||||
];
|
||||
|
||||
configureFlags =
|
||||
[ "--disable-system"
|
||||
"--enable-linux-user"
|
||||
"--enable-guest-base"
|
||||
"--disable-gtk"
|
||||
"--disable-sdl"
|
||||
"--disable-vnc"
|
||||
"--target-list=${cpuTarget}"
|
||||
"--enable-pie"
|
||||
"--enable-kvm"
|
||||
"--sysconfdir=/etc"
|
||||
"--localstatedir=/var"
|
||||
];
|
||||
|
@ -1,23 +1,17 @@
|
||||
{ stdenv, fetchFromGitHub, bash }:
|
||||
{ stdenv, fetchFromGitHub, libcap, acl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "bfs-${version}";
|
||||
version = "1.2.4";
|
||||
version = "1.3.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
repo = "bfs";
|
||||
owner = "tavianator";
|
||||
rev = version;
|
||||
sha256 = "0nxx2njjp04ik6msfmf07hprw0j88wg04m0q1sf17mhkliw2d78s";
|
||||
sha256 = "0gv9hrcsz7miv40v6wmkmb1a58ji5d1dlgwq6gwczd8rzlmhddmc";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
# Patch tests (both shebangs and usage in scripts)
|
||||
for f in $(find -type f -name '*.sh'); do
|
||||
substituteInPlace $f --replace "/bin/bash" "${bash}/bin/bash"
|
||||
done
|
||||
'';
|
||||
doCheck = true;
|
||||
buildInputs = stdenv.lib.optionals stdenv.isLinux [ libcap acl ];
|
||||
|
||||
makeFlags = [ "PREFIX=$(out)" ];
|
||||
buildFlags = [ "release" ]; # "release" enables compiler optimizations
|
||||
@ -30,7 +24,7 @@ stdenv.mkDerivation rec {
|
||||
'';
|
||||
homepage = https://github.com/tavianator/bfs;
|
||||
license = licenses.bsd0;
|
||||
platforms = platforms.linux;
|
||||
platforms = platforms.unix;
|
||||
maintainers = with maintainers; [ yesbox ];
|
||||
};
|
||||
}
|
||||
|
@ -8837,6 +8837,7 @@ in
|
||||
minify = callPackage ../development/web/minify { };
|
||||
|
||||
minizinc = callPackage ../development/tools/minizinc { };
|
||||
minizincide = qt5.callPackage ../development/tools/minizinc/ide.nix { };
|
||||
|
||||
mk = callPackage ../development/tools/build-managers/mk { };
|
||||
|
||||
@ -13475,7 +13476,7 @@ in
|
||||
clamsmtp = callPackage ../servers/mail/clamsmtp { };
|
||||
|
||||
clickhouse = callPackage ../servers/clickhouse {
|
||||
inherit (llvmPackages_6) clang-unwrapped lld llvm;
|
||||
inherit (llvmPackages_latest) clang-unwrapped lld llvm;
|
||||
};
|
||||
|
||||
couchdb = callPackage ../servers/http/couchdb {
|
||||
@ -20402,7 +20403,9 @@ in
|
||||
|
||||
angband = callPackage ../games/angband { };
|
||||
|
||||
anki = python3Packages.callPackage ../games/anki { };
|
||||
anki = python3Packages.callPackage ../games/anki {
|
||||
inherit (darwin.apple_sdk.frameworks) CoreAudio;
|
||||
};
|
||||
|
||||
armagetronad = callPackage ../games/armagetronad { };
|
||||
|
||||
|
@ -1732,7 +1732,11 @@ in {
|
||||
|
||||
gateone = callPackage ../development/python-modules/gateone { };
|
||||
|
||||
gcutil = callPackage ../development/python-modules/gcutil { };
|
||||
# TODO: Remove after 19.03 is branched off:
|
||||
gcutil = throw ''
|
||||
pythonPackages.gcutil is deprecated and can be replaced with "gcloud
|
||||
compute" from the package google-cloud-sdk.
|
||||
'';
|
||||
|
||||
GeoIP = callPackage ../development/python-modules/GeoIP { };
|
||||
|
||||
@ -2295,6 +2299,8 @@ in {
|
||||
|
||||
dtopt = callPackage ../development/python-modules/dtopt { };
|
||||
|
||||
easywatch = callPackage ../development/python-modules/easywatch { };
|
||||
|
||||
ecdsa = callPackage ../development/python-modules/ecdsa { };
|
||||
|
||||
effect = callPackage ../development/python-modules/effect {};
|
||||
@ -4000,6 +4006,8 @@ in {
|
||||
|
||||
sqlalchemy_migrate = callPackage ../development/python-modules/sqlalchemy-migrate { };
|
||||
|
||||
staticjinja = callPackage ../development/python-modules/staticjinja { };
|
||||
|
||||
statsmodels = callPackage ../development/python-modules/statsmodels { };
|
||||
|
||||
structlog = callPackage ../development/python-modules/structlog { };
|
||||
|
Loading…
Reference in New Issue
Block a user