From c7c1388e82b88378b46a9d37e7ad2e1adf23961b Mon Sep 17 00:00:00 2001
From: Jonathan Ringer <jonringer117@gmail.com>
Date: Thu, 23 Nov 2023 10:15:38 -0800
Subject: [PATCH 1/3] addDriverRunpath: init

---
 .../add-driver-runpath/default.nix            | 14 +++++++++
 .../add-driver-runpath/setup-hook.sh          | 29 +++++++++++++++++++
 pkgs/top-level/all-packages.nix               |  4 +++
 3 files changed, 47 insertions(+)
 create mode 100644 pkgs/build-support/add-driver-runpath/default.nix
 create mode 100644 pkgs/build-support/add-driver-runpath/setup-hook.sh

diff --git a/pkgs/build-support/add-driver-runpath/default.nix b/pkgs/build-support/add-driver-runpath/default.nix
new file mode 100644
index 000000000000..08547a4453c5
--- /dev/null
+++ b/pkgs/build-support/add-driver-runpath/default.nix
@@ -0,0 +1,14 @@
+{ lib, stdenv }:
+
+stdenv.mkDerivation {
+  name = "add-driver-runpath";
+
+  # Named "opengl-driver" for legacy reasons, but it is the path to
+  # hardware drivers installed by NixOS
+  driverLink = "/run/opengl-driver" + lib.optionalString stdenv.isi686 "-32";
+
+  buildCommand = ''
+    mkdir -p $out/nix-support
+    substituteAll ${./setup-hook.sh} $out/nix-support/setup-hook
+  '';
+}
diff --git a/pkgs/build-support/add-driver-runpath/setup-hook.sh b/pkgs/build-support/add-driver-runpath/setup-hook.sh
new file mode 100644
index 000000000000..86a41a7e2519
--- /dev/null
+++ b/pkgs/build-support/add-driver-runpath/setup-hook.sh
@@ -0,0 +1,29 @@
+# Set RUNPATH so that driver libraries in /run/opengl-driver(-32)/lib can be found.
+# This is needed to not rely on LD_LIBRARY_PATH which does not work with setuid
+# executables. Fixes https://github.com/NixOS/nixpkgs/issues/22760. It must be run
+# in postFixup because RUNPATH stripping in fixup would undo it. Note that patchelf
+# actually sets RUNPATH not RPATH, which applies only to dependencies of the binary
+# it set on (including for dlopen), so the RUNPATH must indeed be set on these
+# libraries and would not work if set only on executables.
+addDriverRunpath() {
+    local forceRpath=
+
+    while [ $# -gt 0 ]; do
+        case "$1" in
+            --) shift; break;;
+            --force-rpath) shift; forceRpath=1;;
+            --*)
+                echo "addDriverRunpath: ERROR: Invalid command line" \
+                     "argument: $1" >&2
+                return 1;;
+            *) break;;
+        esac
+    done
+
+    for file in "$@"; do
+        if ! isELF "$file"; then continue; fi
+        local origRpath="$(patchelf --print-rpath "$file")"
+        patchelf --set-rpath "@driverLink@/lib:$origRpath" ${forceRpath:+--force-rpath} "$file"
+    done
+}
+
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index b55bb7b37463..f3d4c26ec2ec 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -226,6 +226,10 @@ with pkgs;
 
   chkservice = callPackage ../tools/admin/chkservice { };
 
+  # addDriverRunpath is the preferred package name, as this enables
+  # many more scenarios than just opengl now.
+  addDriverRunpath = callPackage ../build-support/add-driver-runpath { };
+
   addOpenGLRunpath = callPackage ../build-support/add-opengl-runpath { };
 
   quickemu = callPackage ../development/quickemu { };

From 05f1bc9654f16ec18bfd1518fe441b7a161341e6 Mon Sep 17 00:00:00 2001
From: Jonathan Ringer <jonringer117@gmail.com>
Date: Thu, 23 Nov 2023 10:36:57 -0800
Subject: [PATCH 2/3] nixos/manual: add entry for addDriverRunpath

---
 nixos/doc/manual/release-notes/rl-2405.section.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md
index bfd4bcee63d3..15696e802c12 100644
--- a/nixos/doc/manual/release-notes/rl-2405.section.md
+++ b/nixos/doc/manual/release-notes/rl-2405.section.md
@@ -34,6 +34,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
 
+- `addDriverRunpath` has been added to facilitate the deprecation of the old `addOpenGLRunpath` setuphook. This change is motivated by the evolution of the setuphook to include all hardware acceleration.
+
 - Cinnamon has been updated to 6.0. Please beware that the [Wayland session](https://blog.linuxmint.com/?p=4591) is still experimental in this release.
 
 - Programs written in [Nim](https://nim-lang.org/) are built with libraries selected by lockfiles.
@@ -50,3 +52,4 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
   - New instances of Gitea using MySQL now ignore the `[database].CHARSET` config option and always use the `utf8mb4` charset, existing instances should migrate via the `gitea doctor convert` CLI command.
 
 - The `hardware.pulseaudio` module now sets permission of pulse user home directory to 755 when running in "systemWide" mode. It fixes [issue 114399](https://github.com/NixOS/nixpkgs/issues/114399).
+

From 20f5e3a1374531bec4fa77ab9f54d87ba798f191 Mon Sep 17 00:00:00 2001
From: Jonathan Ringer <jonringer117@gmail.com>
Date: Thu, 23 Nov 2023 10:38:52 -0800
Subject: [PATCH 3/3] addOpenGLRunpath: Add comment for deprecation schedule

---
 pkgs/top-level/all-packages.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index f3d4c26ec2ec..c7818b16f69c 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -230,6 +230,8 @@ with pkgs;
   # many more scenarios than just opengl now.
   addDriverRunpath = callPackage ../build-support/add-driver-runpath { };
 
+  # addOpenGLRunpath should be added to aliases.nix after the 24.05 branch-off.
+  # Post 24.11 branch-off, this should throw an error in aliases.nix.
   addOpenGLRunpath = callPackage ../build-support/add-opengl-runpath { };
 
   quickemu = callPackage ../development/quickemu { };