pyrox.dev
1/*
2 Build configuration used to build glibc, Info files, and locale
3 information.
4
5 Note that this derivation has multiple outputs and does not respect the
6 standard convention of putting the executables into the first output. The
7 first output is `lib` so that the libraries provided by this derivation
8 can be accessed directly, e.g.
9
10 "${pkgs.glibc}/lib/ld-linux-x86_64.so.2"
11
12 The executables are put into `bin` output and need to be referenced via
13 the `bin` attribute of the main package, e.g.
14
15 "${pkgs.glibc.bin}/bin/ldd".
16
17 The executables provided by glibc typically include `ldd`, `locale`, `iconv`
18 but the exact set depends on the library version and the configuration.
19*/
20
21# Note: this package is used for bootstrapping fetchurl, and thus
22# cannot use fetchpatch! All mutable patches (generated by GitHub or
23# cgit) that are needed here should be included directly in Nixpkgs as
24# files.
25
26{
27 stdenv,
28 lib,
29 buildPackages,
30 fetchurl,
31 linuxHeaders ? null,
32 gd ? null,
33 libpng ? null,
34 libidn2,
35 bison,
36 python3Minimal,
37}:
38
39{
40 pname,
41 withLinuxHeaders ? false,
42 profilingLibraries ? false,
43 withGd ? false,
44 enableCET ? false,
45 enableCETRuntimeDefault ? false,
46 extraBuildInputs ? [ ],
47 extraNativeBuildInputs ? [ ],
48 ...
49}@args:
50
51let
52 version = "2.40";
53 patchSuffix = "-66";
54 sha256 = "sha256-GaiQF16SY9dI9ieZPeb0sa+c0h4D8IDkv7Oh+sECBaI=";
55in
56
57assert withLinuxHeaders -> linuxHeaders != null;
58assert withGd -> gd != null && libpng != null;
59assert enableCET == false -> !enableCETRuntimeDefault;
60
61stdenv.mkDerivation (
62 {
63 version = version + patchSuffix;
64
65 enableParallelBuilding = true;
66
67 patches = [
68 /*
69 No tarballs for stable upstream branch, only https://sourceware.org/git/glibc.git and using git would complicate bootstrapping.
70 $ git fetch --all -p && git checkout origin/release/2.40/master && git describe
71 glibc-2.40-142-g2eb180377b
72 $ git show --minimal --reverse glibc-2.40.. ':!ADVISORIES' > 2.40-master.patch
73
74 To compare the archive contents zdiff can be used.
75 $ diff -u 2.40-master.patch ../nixpkgs/pkgs/development/libraries/glibc/2.40-master.patch
76
77 Please note that each commit has changes to the file ADVISORIES excluded since
78 that conflicts with the directory advisories/ making cross-builds from
79 hosts with case-insensitive file-systems impossible.
80 */
81 ./2.40-master.patch
82
83 # Allow NixOS and Nix to handle the locale-archive.
84 ./nix-locale-archive.patch
85
86 # Don't use /etc/ld.so.cache, for non-NixOS systems.
87 ./dont-use-system-ld-so-cache.patch
88
89 # Don't use /etc/ld.so.preload, but /etc/ld-nix.so.preload.
90 ./dont-use-system-ld-so-preload.patch
91
92 /*
93 The command "getconf CS_PATH" returns the default search path
94 "/bin:/usr/bin", which is inappropriate on NixOS machines. This
95 patch extends the search path by "/run/current-system/sw/bin".
96 */
97 ./fix_path_attribute_in_getconf.patch
98
99 ./fix-x64-abi.patch
100
101 # https://github.com/NixOS/nixpkgs/pull/137601
102 ./nix-nss-open-files.patch
103
104 ./0001-Revert-Remove-all-usage-of-BASH-or-BASH-in-installed.patch
105
106 /*
107 Patch derived from archlinux,
108 https://gitlab.archlinux.org/archlinux/packaging/packages/glibc/-/blob/e54d98e2d1aae4930ecad9404ef12234922d9dfd/reenable_DT_HASH.patch
109
110 See also https://github.com/ValveSoftware/Proton/issues/6051
111 & https://github.com/NixOS/nixpkgs/pull/188492#issuecomment-1233802991
112 */
113 ./reenable_DT_HASH.patch
114 ]
115 /*
116 NVCC does not support ARM intrinsics. Since <math.h> is pulled in by almost
117 every HPC piece of software, without this patch CUDA compilation on ARM
118 is effectively broken. See
119 https://forums.developer.nvidia.com/t/nvcc-fails-to-build-with-arm-neon-instructions-cpp-vs-cu/248355/2.
120 */
121 ++ (
122 let
123 isAarch64 = stdenv.buildPlatform.isAarch64 || stdenv.hostPlatform.isAarch64;
124 isLinux = stdenv.buildPlatform.isLinux || stdenv.hostPlatform.isLinux;
125 in
126 # Remove certain defines when __CUDACC__ is defined (i.e. we're building with a CUDA compiler)
127 lib.optional (isAarch64 && isLinux) ./0001-aarch64-math-vector.h-add-NVCC-include-guard.patch
128 )
129 # Modify certain defines to be compatible with musl
130 ++ lib.optional stdenv.hostPlatform.isMusl ./fix-rpc-types-musl-conflicts.patch
131 # Enable cross-compilation of glibc on Darwin (build=Darwin, host=Linux)
132 ++ lib.optional stdenv.buildPlatform.isDarwin ./darwin-cross-build.patch
133 # Reverts this patch: https://sourceware.org/git/?p=glibc.git;a=commit;h=55d63e731253de82e96ed4ddca2e294076cd0bc5
134 # This revert enables [CET] (Control-flow Enforcement Technology) by default
135 # [CET]: https://en.wikipedia.org/wiki/Control-flow_integrity#Intel_Control-flow_Enforcement_Technology
136 ++ lib.optional enableCETRuntimeDefault ./2.39-revert-cet-default-disable.patch;
137
138 postPatch = ''
139 # Needed for glibc to build with the gnumake 3.82
140 # http://comments.gmane.org/gmane.linux.lfs.support/31227
141 sed -i 's/ot \$/ot:\n\ttouch $@\n$/' manual/Makefile
142
143 # nscd needs libgcc, and we don't want it dynamically linked
144 # because we don't want it to depend on bootstrap-tools libs.
145 echo "LDFLAGS-nscd += -static-libgcc" >> nscd/Makefile
146
147 # Ensure that `__nss_files_fopen` can still be wrapped by `libredirect`.
148 sed -i -e '/libc_hidden_def (__nss_files_fopen)/d' nss/nss_files_fopen.c
149 sed -i -e '/libc_hidden_proto (__nss_files_fopen)/d' include/nss_files.h
150 ''
151 # FIXME: find a solution for infinite recursion in cross builds.
152 # For now it's hopefully acceptable that IDN from libc doesn't reliably work.
153 + lib.optionalString (stdenv.hostPlatform == stdenv.buildPlatform) ''
154
155 # Ensure that libidn2 is found.
156 patch -p 1 <<EOF
157 --- a/inet/idna.c
158 +++ b/inet/idna.c
159 @@ -25,1 +25,1 @@
160 -#define LIBIDN2_SONAME "libidn2.so.0"
161 +#define LIBIDN2_SONAME "${lib.getLib libidn2}/lib/libidn2.so.0"
162 EOF
163 ''
164 # For some reason, with gcc-15 build fails with the following error:
165 #
166 # zic.c:3767:1: note: did you mean to specify it after ')' following function parameters?
167 # zic.c:3781:1: error: standard 'reproducible' attribute can only be applied to function declarators or type specifiers with function type []
168 + ''
169 for path in timezone/zic.c timezone/zdump.c ; do
170 substituteInPlace $path --replace-fail "ATTRIBUTE_REPRODUCIBLE" ""
171 done
172 '';
173
174 configureFlags = [
175 "-C"
176 "--enable-add-ons"
177 "--sysconfdir=/etc"
178 "--enable-stack-protector=strong"
179 "--enable-bind-now"
180 (lib.withFeatureAs withLinuxHeaders "headers" "${linuxHeaders}/include")
181 (lib.enableFeature profilingLibraries "profile")
182 "--enable-fortify-source"
183 ]
184 ++ lib.optionals (stdenv.hostPlatform.isx86 || stdenv.hostPlatform.isAarch64) [
185 # This feature is currently supported on
186 # i386, x86_64 and x32 with binutils 2.29 or later,
187 # and on aarch64 with binutils 2.30 or later.
188 # https://sourceware.org/glibc/wiki/PortStatus
189 "--enable-static-pie"
190 ]
191 ++ lib.optionals (enableCET != false) [
192 # Enable Intel Control-flow Enforcement Technology (CET) support
193 "--enable-cet${if builtins.isString enableCET then "=${enableCET}" else ""}"
194 ]
195 ++ lib.optionals withLinuxHeaders [
196 "--enable-kernel=3.10.0" # RHEL 7 and derivatives, seems oldest still supported kernel
197 ]
198 ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
199 (lib.flip lib.withFeature "fp" (
200 stdenv.hostPlatform.gcc.float or (stdenv.hostPlatform.parsed.abi.float or "hard") == "soft"
201 ))
202 "--with-__thread"
203 ]
204 ++ lib.optionals (stdenv.hostPlatform == stdenv.buildPlatform && stdenv.hostPlatform.isAarch32) [
205 "--host=arm-linux-gnueabi"
206 "--build=arm-linux-gnueabi"
207
208 # To avoid linking with -lgcc_s (dynamic link)
209 # so the glibc does not depend on its compiler store path
210 "libc_cv_as_needed=no"
211 ]
212 ++ lib.optional withGd "--with-gd";
213
214 makeFlags =
215 (args.makeFlags or [ ])
216 ++ [ "OBJCOPY=${stdenv.cc.targetPrefix}objcopy" ]
217 ++ lib.optionals (stdenv.cc.libc != null) [
218 "BUILD_LDFLAGS=-Wl,-rpath,${stdenv.cc.libc}/lib"
219 "OBJDUMP=${stdenv.cc.bintools.bintools}/bin/objdump"
220 ];
221
222 postInstall = (args.postInstall or "") + ''
223 moveToOutput bin/getent $getent
224 '';
225
226 installFlags = [ "sysconfdir=$(out)/etc" ];
227
228 # out as the first output is an exception exclusive to glibc
229
230 # getent is its own output, not kept in bin, since many things
231 # depend on getent but not on the locale generation tools in the bin
232 # output. This saves a couple of megabytes of closure size in many cases.
233 outputs = [
234 "out"
235 "bin"
236 "dev"
237 "static"
238 "getent"
239 ];
240
241 strictDeps = true;
242 depsBuildBuild = [ buildPackages.stdenv.cc ];
243 nativeBuildInputs = [
244 bison
245 python3Minimal
246 ]
247 ++ extraNativeBuildInputs;
248 buildInputs = [
249 linuxHeaders
250 ]
251 ++ lib.optionals withGd [
252 gd
253 libpng
254 ]
255 ++ extraBuildInputs;
256
257 env = {
258 linuxHeaders = lib.optionalString withLinuxHeaders linuxHeaders;
259 inherit (stdenv.hostPlatform) is64bit;
260 # Needed to install share/zoneinfo/zone.tab. Set to impure /bin/sh to
261 # prevent a retained dependency on the bootstrap tools in the stdenv-linux
262 # bootstrap.
263 BASH_SHELL = "/bin/sh";
264 };
265
266 # Used by libgcc, elf-header, and others to determine ABI
267 passthru = {
268 inherit version;
269 minorRelease = version;
270 };
271 }
272
273 // (removeAttrs args [
274 "withLinuxHeaders"
275 "linuxHeaders"
276 "withGd"
277 "enableCET"
278 "postInstall"
279 "makeFlags"
280 ])
281 //
282
283 {
284 src = fetchurl {
285 url = "mirror://gnu/glibc/glibc-${version}.tar.xz";
286 inherit sha256;
287 };
288
289 # Remove absolute paths from `configure' & co.; build out-of-tree.
290 preConfigure = ''
291 export PWD_P=$(type -tP pwd)
292 for i in configure io/ftwtest-sh; do
293 # Can't use substituteInPlace here because replace hasn't been
294 # built yet in the bootstrap.
295 sed -i "$i" -e "s^/bin/pwd^$PWD_P^g"
296 done
297
298 mkdir ../build
299 cd ../build
300
301 configureScript="`pwd`/../$sourceRoot/configure"
302 ''
303 + lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) ''
304 sed -i s/-lgcc_eh//g "../$sourceRoot/Makeconfig"
305
306 cat > config.cache << "EOF"
307 libc_cv_forced_unwind=yes
308 libc_cv_c_cleanup=yes
309 libc_cv_gnu89_inline=yes
310 EOF
311
312 # ./configure has logic like
313 #
314 # AR=`$CC -print-prog-name=ar`
315 #
316 # This searches various directories in the gcc and its wrapper. In nixpkgs,
317 # this returns the bare string "ar", which is build ar. This can result as
318 # a build failure with the following message:
319 #
320 # libc_pic.a: error adding symbols: archive has no index; run ranlib to add one
321 #
322 # (Observed cross compiling from aarch64-linux -> armv7l-linux).
323 #
324 # Nixpkgs passes a correct value for AR and friends, so to use the correct
325 # set of tools, we only need to delete this special handling.
326 sed -i \
327 -e '/^AR=/d' \
328 -e '/^AS=/d' \
329 -e '/^LD=/d' \
330 -e '/^OBJCOPY=/d' \
331 -e '/^OBJDUMP=/d' \
332 $configureScript
333 '';
334
335 preBuild = lib.optionalString withGd "unset NIX_DONT_SET_RPATH";
336
337 doCheck = false; # fails
338
339 meta =
340 with lib;
341 {
342 homepage = "https://www.gnu.org/software/libc/";
343 description = "GNU C Library";
344
345 longDescription = ''
346 Any Unix-like operating system needs a C library: the library which
347 defines the "system calls" and other basic facilities such as
348 open, malloc, printf, exit...
349
350 The GNU C library is used as the C library in the GNU system and
351 most systems with the Linux kernel.
352 '';
353
354 license = licenses.lgpl2Plus;
355
356 maintainers = with maintainers; [
357 ma27
358 connorbaker
359 ];
360 platforms = platforms.linux;
361 }
362 // (args.meta or { });
363 }
364)