mirror of
https://github.com/privatevoid-net/nix-super.git
synced 2024-11-22 22:16:16 +02:00
Merge branch 'aarch64-armv7' of git://github.com/lheckemann/nix
Support extra compatible architectures (#1916)
This commit is contained in:
commit
8e6108ff71
5 changed files with 35 additions and 11 deletions
|
@ -254,6 +254,25 @@ false</literal>.</para>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
|
<varlistentry xml:id="conf-extra-platforms"><term><literal>extra-platforms</literal></term>
|
||||||
|
|
||||||
|
<listitem><para>Platforms other than the native one which
|
||||||
|
this machine is capable of building for. This can be useful for
|
||||||
|
supporting additional architectures on compatible machines:
|
||||||
|
i686-linux can be built on x86_64-linux machines (and the default
|
||||||
|
for this setting reflects this); armv7 is backwards-compatible with
|
||||||
|
armv6 and armv5tel; some aarch64 machines can also natively run
|
||||||
|
32-bit ARM code; and qemu-user may be used to support non-native
|
||||||
|
platforms (though this may be slow and buggy). Most values for this
|
||||||
|
are not enabled by default because build systems will often
|
||||||
|
misdetect the target platform and generate incompatible code, so you
|
||||||
|
may wish to cross-check the results of using this option against
|
||||||
|
proper natively-built versions of your
|
||||||
|
derivations.</para></listitem>
|
||||||
|
|
||||||
|
</varlistentry>
|
||||||
|
|
||||||
|
|
||||||
<varlistentry xml:id="conf-extra-substituters"><term><literal>extra-substituters</literal></term>
|
<varlistentry xml:id="conf-extra-substituters"><term><literal>extra-substituters</literal></term>
|
||||||
|
|
||||||
<listitem><para>Additional binary caches appended to those
|
<listitem><para>Additional binary caches appended to those
|
||||||
|
|
|
@ -98,7 +98,9 @@ int main (int argc, char * * argv)
|
||||||
source >> drvPath;
|
source >> drvPath;
|
||||||
auto requiredFeatures = readStrings<std::set<std::string>>(source);
|
auto requiredFeatures = readStrings<std::set<std::string>>(source);
|
||||||
|
|
||||||
auto canBuildLocally = amWilling && (neededSystem == settings.thisSystem);
|
auto canBuildLocally = amWilling
|
||||||
|
&& ( neededSystem == settings.thisSystem
|
||||||
|
|| settings.extraPlatforms.get().count(neededSystem) > 0);
|
||||||
|
|
||||||
/* Error ignored here, will be caught later */
|
/* Error ignored here, will be caught later */
|
||||||
mkdir(currentLoad.c_str(), 0777);
|
mkdir(currentLoad.c_str(), 0777);
|
||||||
|
|
|
@ -2499,6 +2499,10 @@ void setupSeccomp()
|
||||||
seccomp_arch_add(ctx, SCMP_ARCH_X32) != 0)
|
seccomp_arch_add(ctx, SCMP_ARCH_X32) != 0)
|
||||||
throw SysError("unable to add X32 seccomp architecture");
|
throw SysError("unable to add X32 seccomp architecture");
|
||||||
|
|
||||||
|
if (settings.thisSystem == "aarch64-linux" &&
|
||||||
|
seccomp_arch_add(ctx, SCMP_ARCH_ARM) != 0)
|
||||||
|
printError("unsable to add ARM seccomp architecture; this may result in spurious build failures if running 32-bit ARM processes.");
|
||||||
|
|
||||||
/* Prevent builders from creating setuid/setgid binaries. */
|
/* Prevent builders from creating setuid/setgid binaries. */
|
||||||
for (int perm : { S_ISUID, S_ISGID }) {
|
for (int perm : { S_ISUID, S_ISGID }) {
|
||||||
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(chmod), 1,
|
if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(EPERM), SCMP_SYS(chmod), 1,
|
||||||
|
|
|
@ -57,16 +57,8 @@ bool BasicDerivation::isBuiltin() const
|
||||||
bool BasicDerivation::canBuildLocally() const
|
bool BasicDerivation::canBuildLocally() const
|
||||||
{
|
{
|
||||||
return platform == settings.thisSystem
|
return platform == settings.thisSystem
|
||||||
|| isBuiltin()
|
|| settings.extraPlatforms.get().count(platform) > 0
|
||||||
#if __linux__
|
|| isBuiltin();
|
||||||
|| (platform == "i686-linux" && settings.thisSystem == "x86_64-linux")
|
|
||||||
|| (platform == "armv6l-linux" && settings.thisSystem == "armv7l-linux")
|
|
||||||
|| (platform == "armv5tel-linux" && (settings.thisSystem == "armv7l-linux" || settings.thisSystem == "armv6l-linux"))
|
|
||||||
#elif __FreeBSD__
|
|
||||||
|| (platform == "i686-linux" && settings.thisSystem == "x86_64-freebsd")
|
|
||||||
|| (platform == "i686-linux" && settings.thisSystem == "i686-freebsd")
|
|
||||||
#endif
|
|
||||||
;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -295,6 +295,13 @@ public:
|
||||||
"Nix store has a valid signature (that is, one signed using a key "
|
"Nix store has a valid signature (that is, one signed using a key "
|
||||||
"listed in 'trusted-public-keys'."};
|
"listed in 'trusted-public-keys'."};
|
||||||
|
|
||||||
|
Setting<StringSet> extraPlatforms{this,
|
||||||
|
SYSTEM == "x86_64-linux" ? StringSet{"i686-linux"} : StringSet{},
|
||||||
|
"extra-platforms",
|
||||||
|
"Additional platforms that can be built on the local system. "
|
||||||
|
"These may be supported natively (e.g. armv7 on some aarch64 CPUs "
|
||||||
|
"or using hacks like qemu-user."};
|
||||||
|
|
||||||
Setting<Strings> substituters{this,
|
Setting<Strings> substituters{this,
|
||||||
nixStore == "/nix/store" ? Strings{"https://cache.nixos.org/"} : Strings(),
|
nixStore == "/nix/store" ? Strings{"https://cache.nixos.org/"} : Strings(),
|
||||||
"substituters",
|
"substituters",
|
||||||
|
|
Loading…
Reference in a new issue