The options GCC_PLUGIN_RANDSTRUCT{,_PERFORMANCE} have been renamed to
`RANDSTRUCT_*` in 595b893e2087de306d0781795fb8ec47873596a6 since CLang
is about to support this as well and thus the options had to be
generalized.
Also, the file that is used to generate the seed has changed, only the
reference to the file in the patch was changed on adding Linux 5.19[1]
[1] b4d0cb4497
Since 7a9b6ac39a ("kernel: Enable cross compiling"), commonMakeFlags
has only been used once. Since these flags aren't "common" between
anything any more, they should just be inlined to make the expression
easier to read.
With this change it's ensured that `builtins.unsafeGetAttrPos` actually
points to `<nixpkgs/pkgs/os-specific/linux/kernel/linux-x.y.nix>` when
retrieving the position of `src` or `version` of
`linuxPackages.kernel`.
This is relevant to make sure that ofborg pinging maintainers on kernel updates
actually works[1]. While the underlying issue should be fixed in ofborg
or Nix itself, this is IMHO a pragmatic change to ensure that all kernel
maintainers are automatically notified on updates.
[1] https://github.com/NixOS/nixpkgs/pull/143113#issuecomment-953319957
Now there are a few more folks who should get pinged on kernel changes:
$ nix-instantiate -E 'with import ./. {}; (map (x: x.github) linux.meta.maintainers)' --eval --strict
[ "TredwellGit" "mweinelt" "ma27" "nequissimus" "alyssais" "thoughtpolice" ]
Refs #140281
linux: build DTBs in buildPhase, install with everything else
This improves build speed, especially on machines with lots of cores
such as the aarch64 community box and hydra builders.
BTF is a new, lightweight debug information format tailored specifically
for the needs of eBPF, allowing eBPF programs to be portable across
various kernel versions, configurations and distributions. This is used
by bpftrace and lots of new eBPF-based tooling to avoid a dependency
on LLVM on the host.
BTF debug information is enabled on all major distributions: Fedora 31+,
RHEL 8.2+, Ubuntu 20.10, Debian 11 and ArchLinux all have enabled it.
Enabling BTF debug information requires adding two new dependencies to
the kernel build: Python3 and pahole. Those will be used to generate the
BTF debugging information.
This is just for practicity, as it allows users of buildLinux to pass
along extra flags they need in the kernel's make invocation. This makes,
for example, supporting LLVM _much_ easier, and could enable us in the
future to provide clang-built kernels.
There are many scripts in `scripts/` which may be called by the build,
depending on how the user chooses to configure the kernel. For example,
`scripts/jobserver-exec` is called whenever the kernel is being built
with LLVM tooling, and without this patch that build will fail due to
the broken shebang.
This patch makes us fix _all_ scripts, as well as add a dependency on
python3Minimal, since a lot of the aforementioned scripts are written in
Python3 instead of shell.
In order to have our linux builds be reproducible we patch the
`Makefile` to use `--build-id=none` as opposed to the default
`--build-id=sha1`. The way we've been doing this, however, caused the
flag to be mangled, and being set to `--build-id=none=sha1`. While bfd
seems to parse this normally, lld will loudly complain that the flag
does not exist:
```
linux> LD .tmp_vmlinux.kallsyms1
linux> ld.lld: error: unknown --build-id style: none=sha1
```
With this change the flag is now correctly set to `--build-id=none`.
Xen is now enabled unconditionally on kernels that support it, so the
xen_dom0 feature doesn't do anything. The isXen attribute will now
produce a deprecation warning and unconditionally return true.
Passing in a custom value for isXen is no longer supported.
The `platform` field is pointless nesting: it's just stuff that happens
to be defined together, and that should be an implementation detail.
This instead makes `linux-kernel` and `gcc` top level fields in platform
configs. They join `rustc` there [all are optional], which was put there
and not in `platform` in anticipation of a change like this.
`linux-kernel.arch` in particular also becomes `linuxArch`, to match the
other `*Arch`es.
The next step after is this to combine the *specific* machines from
`lib.systems.platforms` with `lib.systems.examples`, keeping just the
"multiplatform" ones for defaulting.
Don't include an NT_GNU_BUILD_ID (that is randomly generated
at build time).
This improves the kernel reproducibility: when also disabling
the MOUDLE_SIG and SECURITY_LOCKDOWN_LSM options the build
is bit-by-bit reproducible.
utillinux depends on systemd because:
* uuidd supports socket activation
* lslogins can show recent journal entries
* fstrim comes with a service file (and we use this in NixOS)
* logger can write journal entries
(See https://www.openembedded.org/pipermail/openembedded-core/2015-February/102069.html)
systemd doesn't depend on utillinux but on utillinuxMinimal which is a
version of utillinux without these features to avoid cyclic
dependencies.
With this change, the linux kernel (of which i don't fully understand
why it would depend on util-linux in the first place, but this was added in
https://github.com/NixOS/nixpkgs/pull/32137/files without too much
explanation) depends on the minimal version of util-linux too.
This makes it that every time we change build flags in systemd
the linux kernel doesn't have to wastefully rebuild.
Go beyond the obvious setup hooks now, with a bit of sed, with a skipped case:
- cc-wrapper's `dontlink`, because it already is handled.
Also, in nix files escaping was manually added.
EMP
In 5.2 kernel a new mechanism was introduced which embeds the kernel
headers in the kernel image and exposes them in procfs for simplified
use by userland tools.
It was introduced in
43d8ce9d65
and later modified a bit in
f7b101d330
The archive containing the header files had nondeterminism through the
header files metadata - specifically `mtime`, but I also decided to
normalize some other aspects just in case.
In our default setup we currently compile this as a module, so to expose
the headers to test the functionality `kheaders` needs to be loaded.
See https://lkml.org/lkml/2019/10/4/1036 and
https://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild.git/commit/?h=fixes&id=2cc99c9cdc8fde5e92e34f9655829449cebd3e00
I commented out the documentation part of the patch to make it cleanly apply to
5.2 and 5.3, see remark in the patch itself.
