Vladimír Čunát
31530c185e
Merge a subset of staging (security)
...
In particular, this contains Firefox-related and libgcrypt updates.
Other larger rebuilds would apparently need lots of time to catch up
on Hydra, due to nontrivial rebuilds in other branches than staging.
2018-06-15 08:48:02 +02:00
Matthew Bauer
ad55409266
cc-wrapper: fix eval error on mac
...
When doing cross to linux, we will not have a GCC compiler (yet). We
can hopefully skip the cxx stdlib stuff for now.
2018-06-14 19:29:30 -04:00
Ben Wolsieffer
645f03b949
cc-wrapper, bintools-wrapper: use getHostRoleEnvHook instead of getTargetRoleEnvHook
...
Fixes include and link paths when cross compiling.
2018-06-03 10:54:32 -04:00
Benjamin Saunders
b0d0b1adfe
clang_6: fix sanitizers under libstdc++
2018-05-24 15:04:30 -07:00
John Ericson
205fc55ea2
Merge remote-tracking branch 'upstream/staging' into compiler-rt
2018-05-24 02:58:00 -04:00
Benjamin Saunders
46eeef1898
tests.cc-wrapper: verify building with sanitizers
2018-05-24 02:57:44 -04:00
John Ericson
5e17335bd7
Merge remote-tracking branch 'upstream/staging' into strictDeps
2018-05-14 23:33:03 -04:00
John Ericson
330ca731e8
treewide: Get rid of all uses of crossConfig
...
The hack of using `crossConfig` to enforce stricter handling of
dependencies is replaced with a dedicated `strictDeps` for that purpose.
(Experience has shown that my punning was a terrible idea that made more
difficult and embarrising to teach teach.)
Now that is is clear, a few packages now use `strictDeps`, to fix
various bugs:
- bintools-wrapper and cc-wrapper
2018-05-14 23:30:37 -04:00
John Ericson
4f7cdd35d5
Merge pull request #40139 from obsidiansystems/modular-setup-hooks
...
treewide: Modular setup hooks
2018-05-07 15:32:10 -04:00
John Ericson
8b0fce8cb1
{bintools,cc}-wrapper: Factor out role accumulation logic
2018-05-07 15:10:45 -04:00
John Ericson
2110c0bd30
treewide: Use pkgs/build-support/roles.bash to remove copy pasta
...
Also fix some setup hooks that unnecessarily used environment hooks,
which revolted in the same variable being modified too many times.
2018-05-07 15:10:37 -04:00
Jan Malakhovski
82dd4501f4
bintools-wrapper, cc-wrapper: don't add targetPrefix
the second time
...
... binutils and gcc add it already anyway.
Without this it's easy to get cross-toolchain paths longer than 256
chars and nix-daemon will then fail to commit them to /nix/store on XFS.
2018-04-26 15:06:52 +00:00
Piotr Bogdan
4707dc6454
{cc,bintools}-wrapper: fix removal of unsupported hardening flags
2018-04-14 15:16:34 +01:00
John Ericson
0884027ef5
Revert "Revert "Merge pull request #28029 from cstrahan/hardening-fix""
...
This reverts commit 6c064e6b1f
, reapplying
PR #28029 which was supposed to have gone to staging all along.
2018-04-11 14:00:13 -04:00
Matthew Bauer
6c064e6b1f
Revert "Merge pull request #28029 from cstrahan/hardening-fix"
...
This reverts commit 0dbc006760
, reversing
changes made to cb7f774265
.
Should go into staging.
2018-04-10 19:07:27 -05:00
John Ericson
0dbc006760
Merge pull request #28029 from cstrahan/hardening-fix
...
hardening: fix #18995
2018-04-10 19:48:02 -04:00
John Ericson
ac4d74b6d9
hardening: Reindent
2018-04-10 16:33:47 -04:00
John Ericson
21818ae592
hardening: Tiny reindent
2018-04-10 16:33:47 -04:00
John Ericson
2364c22ec9
hardening: line order, spacing, and pointless quoting for consistency
2018-04-10 16:33:47 -04:00
John Ericson
4c76d87871
hardenning: Rejigger ifs and explicit declare and unset -v
2018-04-10 16:33:47 -04:00
Charles Strahan
386e77dae9
hardening: simplify reporting of disabled flags
2018-04-10 15:27:13 -04:00
Charles Strahan
273ce83f29
hardening: make requested fixes
2018-04-10 13:04:46 -04:00
Shea Levy
c69d8bf5e6
treewide: Remove gnat support.
...
See discussion in 6ac7b19c97
.
2018-03-08 13:56:36 -05:00
Charles Strahan
806edaa0a2
hardening: ld wrapper changes, setup-hook, etc
2018-03-06 19:21:10 -05:00
Charles Strahan
634c748050
hardening: initial cross support
2018-03-06 18:03:13 -05:00
Charles Strahan
fc46895e86
hardening: allow user supplied flags to override
...
Put hardening flags before user supplied flags.
2018-03-06 00:30:09 -05:00
Charles Strahan
cc7ce57f86
hardening: clarify the whitelist logic
...
Per @Ericson2314's suggestion [1], make it more clear that the active
hardenings are decided via whitelist; the blacklist is merely for the
debug messages.
1: 36d5ce41d4 (r133279731)
2018-03-06 00:30:09 -05:00
Charles Strahan
9920923cde
hardening: fix careless bugs
...
I got a substitution backwards (used '+' instead of '-').
Also, this now works under `set -u` (had to fix a couple unbound
variable references).
2018-03-06 00:30:08 -05:00
Charles Strahan
0937df463f
hardening: fix bug/typo
2018-03-06 00:30:08 -05:00
Charles Strahan
9fe17b2153
hardening: fix #18995
2018-03-06 00:30:00 -05:00
John Ericson
4a29081a94
Merge pull request #35071 from oxij/stdenv/infopages
...
stdenv, bash: fixing info pages and stuff
2018-02-26 18:06:11 -05:00
Jan Malakhovski
f1074211ce
cc-wrapper: allow building without documentation, propagate info pages
2018-02-26 22:42:33 +00:00
Vladimír Čunát
f5ce8f86df
Revert "Merge staging at '8d490ca9934d0' into master"
...
This reverts commit fc23242220
, reversing
changes made to 754816b84b
.
We don't have many binaries yet. Comment on the original merge commit.
2018-02-26 22:53:18 +01:00
Nikolay Amiantov
9a9c2e6579
cc-wrapper: fix bool handling for empty and zero values
...
Before the code would fail silently for zero values and with some output for
empties. We now currently handle both via defaulting value to zero and making
`let` return success error code when there's no syntax error.
2018-02-21 23:54:31 +03:00
Vladimír Čunát
1fcd92ce92
Merge branch 'master' into staging
...
A few thousand rebuilds from master, again.
Hydra: ?compare=1422362
2017-12-31 09:53:49 +01:00
John Ericson
469fd89832
stdenv-setup: Ease the transition with native builds
...
- All deps go on the PATH
- CC and Bintools wrappers with their host != depender's host still get their
setup hooks run.
- Environment hooks get applied to all packages
This isn't so elegent, but eases the transition on a very significant
PR.
2017-12-30 22:04:23 -05:00
John Ericson
3a50395ef2
{bintools,cc}-wrapper: extraPackages should be depsTargetTargetPropagated
...
They are libraries used by programs built with these tools, not used by the
tools themselves.
2017-12-30 22:04:21 -05:00
John Ericson
a036473a0a
{bintools,cc}-wrapper: Fix setup hook to respect the role of the cc-compiler
...
We now have the information to properly determine the role the
cc-wrapper dependency has, by taking advantage of `offset`. No longer
use the soon-to-be-deprecated crossConfig environment variable, the
temp hack used before this change.
2017-12-30 22:04:21 -05:00
Dmitry Kalinkin
6d9769663d
cc-wrapper: allow compilers to specify unsupported hardening modes
...
Fixes: 0fd7ef61b2
('clang_34: Disable hardening bits (#28543 )')
2017-12-30 12:23:25 -05:00
Orivej Desh
7c58e8dfc2
Merge branch 'master' into staging
...
* master: (125 commits)
scummvm: fix eval
tinycc: 0.9.27pre-20171016 -> 0.9.27
Update terraform provider versions
vscode: 1.18.1 -> 1.19.0
linux: 4.14.6 -> 4.14.7
scummvm: 1.9.0 -> 2.0.0
cmst: 2017.03.18 -> 2017.09.19
albert: 0.14.7 -> 0.14.14
obs-studio: fix vlc plugin
ffmpeg, ffmpeg-full: 3.4 -> 3.4.1
uchiwa: 0.26.3 -> 1.1.0
linux-testing: 4.15-rc3 -> 4.15-rc4
steam: override nss, nspr, fixes #32781
ponyc: 0.20.0 -> 0.21.0
pythonPackages.pwntools: disable tests
gnome3.gnome-tweak-tool: 3.26.3 → 3.26.4
vim-rhubarb: init at 2017-06-28
atom: depend on libsecret
nvidia-settings: Make sure binary can find libXv.so
backblaze-b2: 0.6.2 -> 1.1.0
...
2017-12-18 15:56:03 +00:00
Dylan Simon
0c62b7cd74
cc-wrapper: don't set cxx_stdlib when nativeTools is true
...
There are no gcc paths on nativeTools, and cc isn't set.
2017-12-17 04:23:54 +00:00
John Ericson
7ef4448c97
Merge commit '9d8f9b2e531bf95a700a949d879927fb6996ffc9' into binutils-wrapper
2017-12-13 16:08:36 -05:00
John Ericson
2bba929062
bintools-wrapper: Import separately from cc-wrapper
2017-12-13 16:08:18 -05:00
John Ericson
8e557ed2c5
bintools-wrapper: Init
...
Factor a bintools (i.e. binutils / cctools) wrapper out of cc-wrapper. While
only LD is wrapped, the setup hook defines environment variables on behalf of
other utilites.
2017-12-13 16:08:18 -05:00
John Ericson
4f869bccc1
cc-wrapper: Don't treat "-" alone as a flag
...
It means stdin, and is morally equivalent to passing a file. e.g.
$ echo 'int main(void) { return 0; }' | gcc -x c -
will compile and link a binary.
2017-12-13 16:08:17 -05:00
John Ericson
bdd6c037c0
cc-wrapper: Use separate mangler for "bool" variables
...
This avoids any `NIX_FOOBAR=1 1` not triggering conditions.
2017-12-13 16:08:17 -05:00
John Ericson
fc7ed86915
cc-wrapper: Pull variable mangler into utils.sh
...
In preparation for splitting out bintools-wrapper
2017-12-13 16:08:13 -05:00
John Ericson
45d4b27d02
cc-wrapper: GNAT wrapper stop caring about -m32
...
It need not concern itself with 32-bit dynamic linking; ld-wrapper handles that now.
2017-12-11 19:12:28 -05:00
Will Dietz
115bf9d2cf
cc-wrapper: don't add broken cflags to clang
...
On non-GNU (gcc) compilers, there is no "/lib/gcc/..."
so when this is eventually expanded this is empty
resulting in an incomplete "-idirafter " that
eats the next argument:
-idirafter -B/nix/store/wamjwwdvkmhbf4f2902nhw8jxxzv0hy3-clang-wrapper-4.0.1/bin/
2017-11-30 18:43:43 -06:00
John Ericson
43e1137397
cc-wrapper: Define new- and old-style cross env vars
...
For example, `BUILD_CC` and `CC_FOR_BUILD`
2017-11-28 15:57:05 -05:00
John Ericson
f4cb1e2ffc
cc-wrapper: Export env vars for objdump and readelf in setup-hook
...
Also fix alphabetical order
2017-11-28 15:56:21 -05:00
John Ericson
994cb76850
cc-wrapper: Don't leave CMD defined after setup hook
...
Rename to `cmd` too, as uppercase typically means the variable is
exported.
2017-11-28 15:56:17 -05:00
John Ericson
43e00f7d18
cc-wrapper: Fix stray binPrefix -> targetPrefix
...
I thought my sed in e755a8a27d
was
exhaustive, but it was not.
2017-11-27 03:30:15 -05:00
John Ericson
e755a8a27d
treewide: Use targetPrefix
instead of prefix
for platform name prefixes
...
Certain tools, e.g. compilers, are customarily prefixed with the name of
their target platform so that multiple builds can be used at once
without clobbering each other on the PATH. I was using identifiers named
`prefix` for this purpose, but that conflicts with the standard use of
`prefix` to mean the directory where something is installed. To avoid
conflict and confusion, I renamed those to `targetPrefix`.
2017-11-27 03:15:50 -05:00
John Ericson
0101856765
Merge pull request #30549 from obsidiansystems/bintools
...
treewide: Introduce stdenv.cc.bintools
2017-11-08 14:20:48 -05:00
Vladimír Čunát
c8c6a1edb5
Merge #31209 : cc-wrapper: Fix if dynamicLinker not found
2017-11-06 13:07:43 +01:00
Bojan Nikolic
3a63fc1258
Remove trailing line
2017-11-05 23:00:24 +00:00
Bojan Nikolic
2ed054885b
Remove the unnecessary second conditional
2017-11-05 22:57:44 +00:00
John Ericson
70d91badf5
treewide: Depend on stdenv.cc.bintools instead of binutils directly
...
One should do this when needed executables at build time. It is more
honest and cross-friendly than refering to binutils directly.
2017-11-05 17:10:53 -05:00
Nikolay Amiantov
5f3b84e979
cc-wrapper: disable POSIX compatibility
2017-11-05 12:19:37 +02:00
Bojan Nikolic
3e9daece1d
nixos/cc-wrapper: Fix bug if dynamicLinker not found
...
If a dynamic linker for target is not found the generated script fails
due to unbound variable error (due to "set -u"). Correct by specifying
default value with dynamicLinker:- and not generating ldflagsBefore if
no linker is found.
This problem was found when cross compiling to mingw32 targets
2017-11-03 21:36:43 +00:00
Dan Peebles
b426c85ce2
Get rid of most @rpath nonsense on Darwin
...
This requires some small changes in the stdenv, then working around the
weird choice LLVM made to hardcode @rpath in its install name, and then
lets us remove a ton of annoying workaround hacks in many of our Go
packages. With any luck this will mean less hackery going forward.
2017-10-08 16:13:46 -04:00
John Ericson
fdbda216b1
cc-wrapper: Clean up dynamic linking with x86 multilib
...
It's better layering to do everything in ld-wrapper. Also, use numeric
comparisons for `relocatable`.
2017-09-28 20:05:26 -04:00
John Ericson
d349f9a340
cc-wrapper: Use stdenvNoCC to build
...
cc-wrapper may wrap a cc-compiler, but it doesn't need one to build
itself. (c.f. expand-response-params is a separate derivation.) This
helps avoid cycles on the cross stuff, in addition to removing a
useless dependency edge.
I could have been super careful with overrides in the stdenv to avoid
the mass rebuild, but I don't think it's worth it.
2017-09-26 14:08:21 -04:00
John Ericson
0d3d2a01d2
cc-wrapper: Add set -x
tracing for NIX_DEBUG >= 7
2017-09-26 11:24:19 -04:00
John Ericson
127a5f3357
treewide: Use (( "${NIX_DEBUG:-0}" >= 1) ))
consistently
2017-09-26 11:24:19 -04:00
John Ericson
6c74ee68b9
cc-wrapper, cc-wrapper-old: Simplify shell logic
...
1. `crossDrv` is now the default so we don't need to worry about that in
build != host builds.
2. shell is the build time shell, so `wrapCCCross` doesn't need to
worry, as build == host.
3. `shell.shellPath` will always be appended where useful.
4. Complicated `shell == ""` logic served no purpose.
2017-09-19 16:45:24 -04:00
John Ericson
13fc982e65
cc-wrapper: Use same dynamic loader on all Darwin, not just x86_64
...
In practice, this is correct because iOS is on ARM and puts the loader
there.
2017-09-18 19:25:58 -04:00
John Ericson
a44bbc72e6
cc-wrapper: Remove obsolete assertion
...
This was just causing evaluation problems on cross.
2017-09-18 19:22:57 -04:00
Eelco Dolstra
ec8d41f08c
Revert "Merge pull request #28557 from obsidiansystems/binutils-wrapper"
...
This reverts commit 0a944b345e
, reversing
changes made to 61733ed6cc
.
I dislike these massive stdenv changes with unclear motivation,
especially when they involve gratuitous mass renames like NIX_CC ->
NIX_BINUTILS. The previous such rename (NIX_GCC -> NIX_CC) caused
months of pain, so let's not do that again.
2017-09-07 12:51:21 +02:00
John Ericson
dbf6d20d64
binutils-wrapper: Import separately from cc-wrapper
2017-09-01 11:44:56 -04:00
John Ericson
40e9b2a7e6
binutils-wrapper: Init
...
Factor a binutils wrapper out of cc-wrapper. While only LD is wrapped,
the setup hook defines environment variables on behalf of other
utilites.
2017-09-01 11:44:55 -04:00
John Ericson
fbb7d335db
cc-wrapper: Use separate mangler for "bool" variables
...
This avoids any `NIX_FOOBAR=1 1` not triggering conditions.
2017-09-01 11:44:54 -04:00
John Ericson
1f5807d760
cc-wrapper: Pull variable mangler into utils.sh
...
In preparation for splitting out binutils-wrapper
2017-09-01 11:44:54 -04:00
John Ericson
94c0267fc1
cc-wrapper: Clean up dynamic linking with x86 multilib
...
It's better layering to do everything in ld-wrapper.
2017-09-01 11:44:54 -04:00
John Ericson
3d3a6e0fac
cc-wrapper: Remove support for NIX_LDFLAGS_HARDEN
...
It has long been deprecated
2017-08-31 13:54:32 -04:00
John Ericson
46fd4bcb14
cc-wrapper: Remove {START,EXEC}_HOOK
...
These are no longer used by anything
2017-08-31 13:54:07 -04:00
John Ericson
97a48835b7
mkDerivation, cc-wrapper: Check hardening flag validity in Nix
...
This becomes necessary if more wrappers besides cc-wrapper start
supporting hardening flags. Also good to make the warning into an
error.
Also ensure interface is being used right: Not as a string, not just in
bash.
2017-08-30 17:53:42 +02:00
John Ericson
822a8d0148
cc-wrapper: Remove redundant hardening
...
GCC just passes `-z ...` flags to ld unaltered, and they are already
passed to LD anyways. On the other hand, `-pie` affects gcc behavior
too.
2017-08-30 17:53:42 +02:00
Daiderd Jordan
92652b4d79
darwin-CF: use @rpath for library id and add an rpath entry for CF based on NIX_COREFOUNDATION_RPATH
2017-08-28 23:24:58 +02:00
John Ericson
df7c305c4c
cc-wrapper: Leverage the setup script instead of buildCommand
2017-08-25 15:10:05 -04:00
John Ericson
dc47e763c1
cc-wrapper: Use set -u
for better maintainability
2017-08-25 15:10:05 -04:00
John Ericson
a470be5a16
expand-response-params: Build more normally
2017-08-25 15:10:02 -04:00
John Ericson
287fce6402
expand-response-params: Pull out of cc-wrapper
...
No hashes were changed
2017-08-25 11:21:09 -04:00
Daniel Peebles
4f7f48fb1a
Merge pull request #28521 from obsidiansystems/cc-wrapper-dead-code
...
cc-wrapper: Remove dead code
2017-08-24 16:05:51 -04:00
Tuomas Tynkkynen
0c0fad6141
treewide: Consistently call ARM 'arm'
...
No need for silly differences.
2017-08-24 01:17:01 +03:00
John Ericson
08f3a60e7b
cc-wrapper: Remove dead code
...
ccPath is only defined below, so this condition would never be true.
Worse, that's not quite true: what if somebody happend to have `/clang`
and no sandboxing. Boy, wouldn't that be annoying to debug!
2017-08-23 17:09:47 -04:00
John Ericson
0135e61b4c
Merge remote-tracking branch 'upstream/master' into staging
...
That way the tarball job succeeds
2017-08-21 18:42:57 -04:00
John Ericson
c035711072
cc-wrapper: Remove unused params
...
Ensured hashes unchanged and eval succeeds in tarball job
2017-08-21 18:40:41 -04:00
Bojan Nikolic
ad8d5649a2
set +u workaround for empty arrays
...
libDirs can be empty, which in combination with "set -u" of
9f1e009975
will cause a variable unbound
error on old bash versions
2017-08-21 12:27:26 +01:00
Daiderd Jordan
5d3527c148
cc-wrapper: don't export CPP
...
CPP defaults to $(CC) -E and setting it explicitly seems to cause
issues in a number of packages like gcc and gdb.
https://www.gnu.org/software/make/manual/html_node/Implicit-Variables.html
2017-08-16 21:38:32 +02:00
John Ericson
3c9cf282bb
cc-wrapper: Improve set -u
compliance
2017-08-14 14:44:32 -04:00
Vladimír Čunát
6899c7fdb9
Merge branch 'master' into gcc-6
2017-08-12 10:09:41 +02:00
Daiderd Jordan
bf8c125170
cc-wrapper: fix LD_DYLD_PATH on darwin
...
Having multiple compilers in the build environment would result in an
invalid LD_DYLD_PATH like /usr/lib/dyld/usr/lib/dyld.
Since the path is hardcoded in XNU it can't be anything but
/usr/lib/dyld anyway.
2017-08-10 00:22:58 +02:00
Orivej Desh
771f28bac8
cc-wrapper: Fix support for qtbase-setup-hook
...
Revert https://github.com/NixOS/nixpkgs/pull/27657#issuecomment-318161946
due to https://github.com/NixOS/nixpkgs/pull/28021#issuecomment-321045542
2017-08-09 18:17:46 +02:00
Orivej Desh
a6e7dffd1f
cc-wrapper: Fix standalone ld
2017-08-08 11:03:51 +02:00
Orivej Desh
c8e9dcc8a4
cc-wrapper: Fix standalone gcc
...
This ensures that all salted variables are defined even if the wrapped program
is invoked outside nix-build environment.
2017-08-08 11:03:51 +02:00
Orivej Desh
c8f7f18e69
cc-wrapper: Fix adding directories to rpath
...
This fixes a bug introduced in #27831 : `for path in "$dir"/lib*.so` assumed that
all libs match `lib*.so`, but 07674788d6
started
adding libs that match `*.so` and `*.so.*`.
2017-08-08 11:03:51 +02:00
Robin Gloster
3e981b9e33
Revert "cc-wrapper: fix set -u errors"
...
This reverts commit 67a41eafe9
.
see #28021 for discussion
2017-08-08 10:20:00 +02:00
Robin Gloster
67a41eafe9
cc-wrapper: fix set -u errors
...
cc @Ericson2314
2017-08-08 10:15:34 +02:00