Merge branch 'riscv-limitations'
This commit is contained in:
commit
cd7047c461
|
@ -86,4 +86,6 @@ rec {
|
|||
then { system = elem; }
|
||||
else { parsed = elem; };
|
||||
in lib.matchAttrs pattern platform;
|
||||
|
||||
enableIfAvailable = p: if p.meta.available or true then [ p ] else [];
|
||||
}
|
||||
|
|
|
@ -39,12 +39,8 @@ rec {
|
|||
isAndroid = [ { abi = abis.android; } { abi = abis.androideabi; } ];
|
||||
isMusl = with abis; map (a: { abi = a; }) [ musl musleabi musleabihf ];
|
||||
|
||||
isKexecable = map (family: { kernel = kernels.linux; cpu.family = family; })
|
||||
[ "x86" "arm" "aarch64" "mips" ];
|
||||
isEfi = map (family: { cpu.family = family; })
|
||||
[ "x86" "arm" "aarch64" ];
|
||||
isSeccomputable = map (family: { kernel = kernels.linux; cpu.family = family; })
|
||||
[ "x86" "arm" "aarch64" "mips" ];
|
||||
};
|
||||
|
||||
matchAnyAttrs = patterns:
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
config = lib.mkIf (pkgs.kexectools != null) {
|
||||
config = lib.mkIf (pkgs.kexectools.meta.available) {
|
||||
environment.systemPackages = [ pkgs.kexectools ];
|
||||
|
||||
systemd.services."prepare-kexec" =
|
||||
|
|
|
@ -25,6 +25,7 @@ stdenv.mkDerivation rec {
|
|||
homepage = "https://github.com/seccomp/libseccomp";
|
||||
license = licenses.lgpl21;
|
||||
platforms = platforms.linux;
|
||||
badPlatforms = platforms.riscv;
|
||||
maintainers = with maintainers; [ thoughtpolice wkennington ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -22,5 +22,6 @@ stdenv.mkDerivation rec {
|
|||
homepage = http://horms.net/projects/kexec/kexec-tools;
|
||||
description = "Tools related to the kexec Linux feature";
|
||||
platforms = platforms.linux;
|
||||
badPlatforms = platforms.riscv;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -41,7 +41,10 @@ in stdenv.mkDerivation rec {
|
|||
buildInputs =
|
||||
[ linuxHeaders libcap kmod xz pam acl
|
||||
/* cryptsetup */ libuuid glib libgcrypt libgpgerror libidn2
|
||||
libmicrohttpd kexectools libseccomp libffi audit lz4 bzip2 libapparmor
|
||||
libmicrohttpd ] ++
|
||||
stdenv.lib.meta.enableIfAvailable kexectools ++
|
||||
stdenv.lib.meta.enableIfAvailable libseccomp ++
|
||||
[ libffi audit lz4 bzip2 libapparmor
|
||||
iptables gnu-efi
|
||||
# This is actually native, but we already pull it from buildPackages
|
||||
pythonLxmlEnv
|
||||
|
|
|
@ -165,6 +165,7 @@ let
|
|||
isFcitxEngine = bool;
|
||||
isIbusEngine = bool;
|
||||
isGutenprint = bool;
|
||||
badPlatforms = platforms;
|
||||
};
|
||||
|
||||
checkMetaAttr = k: v:
|
||||
|
@ -174,7 +175,8 @@ let
|
|||
checkMeta = meta: if shouldCheckMeta then lib.remove null (lib.mapAttrsToList checkMetaAttr meta) else [];
|
||||
|
||||
checkPlatform = attrs:
|
||||
lib.any (lib.meta.platformMatch hostPlatform) attrs.meta.platforms;
|
||||
(!(attrs ? meta.platforms) || lib.any (lib.meta.platformMatch hostPlatform) attrs.meta.platforms) &&
|
||||
(!(attrs ? meta.badPlatforms && lib.any (lib.meta.platformMatch hostPlatform) attrs.meta.badPlatforms));
|
||||
|
||||
# Check if a derivation is valid, that is whether it passes checks for
|
||||
# e.g brokenness or license.
|
||||
|
@ -189,7 +191,7 @@ let
|
|||
{ valid = false; reason = "blacklisted"; errormsg = "has a blacklisted license (‘${showLicense attrs.meta.license}’)"; }
|
||||
else if !allowBroken && attrs.meta.broken or false then
|
||||
{ valid = false; reason = "broken"; errormsg = "is marked as broken"; }
|
||||
else if !allowUnsupportedSystem && !allowBroken && attrs.meta.platforms or null != null && !(checkPlatform attrs) then
|
||||
else if !allowUnsupportedSystem && !allowBroken && !(checkPlatform attrs) then
|
||||
{ valid = false; reason = "broken"; errormsg = "is not supported on ‘${hostPlatform.config}’"; }
|
||||
else if !(hasAllowedInsecure attrs) then
|
||||
{ valid = false; reason = "insecure"; errormsg = "is marked as insecure"; }
|
||||
|
|
|
@ -30,7 +30,7 @@ let
|
|||
buildInputs = [ curl openssl sqlite xz bzip2 ]
|
||||
++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium
|
||||
++ lib.optionals is20 [ brotli ] # Since 1.12
|
||||
++ lib.optional (hostPlatform.isSeccomputable) libseccomp
|
||||
++ lib.meta.enableIfAvailable libseccomp
|
||||
++ lib.optional ((stdenv.isLinux || stdenv.isDarwin) && is20)
|
||||
(aws-sdk-cpp.override {
|
||||
apis = ["s3"];
|
||||
|
@ -60,7 +60,7 @@ let
|
|||
hostPlatform != buildPlatform && hostPlatform ? nix && hostPlatform.nix ? system
|
||||
) ''--with-system=${hostPlatform.nix.system}''
|
||||
# RISC-V support in progress https://github.com/seccomp/libseccomp/pull/50
|
||||
++ lib.optional (!hostPlatform.isSeccomputable) "--disable-seccomp-sandboxing";
|
||||
++ lib.optional (!libseccomp.meta.available) "--disable-seccomp-sandboxing";
|
||||
|
||||
makeFlags = "profiledir=$(out)/etc/profile.d";
|
||||
|
||||
|
|
|
@ -3132,9 +3132,7 @@ with pkgs;
|
|||
|
||||
keepalived = callPackage ../tools/networking/keepalived { };
|
||||
|
||||
kexectools = if hostPlatform.isKexecable
|
||||
then callPackage ../os-specific/linux/kexectools { }
|
||||
else null;
|
||||
kexectools = callPackage ../os-specific/linux/kexectools { };
|
||||
|
||||
keybase = callPackage ../tools/security/keybase { };
|
||||
|
||||
|
@ -9795,9 +9793,7 @@ with pkgs;
|
|||
|
||||
libgroove = callPackage ../development/libraries/libgroove { };
|
||||
|
||||
libseccomp = if hostPlatform.isSeccomputable
|
||||
then callPackage ../development/libraries/libseccomp { }
|
||||
else null;
|
||||
libseccomp = callPackage ../development/libraries/libseccomp { };
|
||||
|
||||
libsecret = callPackage ../development/libraries/libsecret { };
|
||||
|
||||
|
|
Loading…
Reference in New Issue