commit cd7047c46169b935719ed5f19f693d97bd760ec7 · pyrox.dev/nixpkgs

+2

lib/meta.nix

···

       86
       86
        
               then { system = elem; }

     

       87
       87
        
               else { parsed = elem; };

     

       88
       88
        
           in lib.matchAttrs pattern platform;

     

       89
       89
       +
       

     

       90
       90
       +
         enableIfAvailable = p: if p.meta.available or true then [ p ] else [];

     

       89
       91
        
       }

-4

lib/systems/inspect.nix

···

       39
       39
        
           isAndroid      = [ { abi = abis.android; } { abi = abis.androideabi; } ];

     

       40
       40
        
           isMusl         = with abis; map (a: { abi = a; }) [ musl musleabi musleabihf ];

     

       41
       41
        
       

     

       42
       42
       -
           isKexecable    = map (family: { kernel = kernels.linux; cpu.family = family; })

     

       43
       43
       -
                              [ "x86" "arm" "aarch64" "mips" ];

     

       44
       42
        
           isEfi          = map (family: { cpu.family = family; })

     

       45
       43
        
                              [ "x86" "arm" "aarch64" ];

     

       46
       46
       -
           isSeccomputable = map (family: { kernel = kernels.linux; cpu.family = family; })

     

       47
       47
       -
                               [ "x86" "arm" "aarch64" "mips" ];

     

       48
       44
        
         };

     

       49
       45
        
       

     

       50
       46
        
         matchAnyAttrs = patterns:

+1 -1

nixos/modules/system/boot/kexec.nix

···

       1
       1
        
       { config, pkgs, lib, ... }:

     

       2
       2
        
       

     

       3
       3
        
       {

     

       4
       4
       -
         config = lib.mkIf (pkgs.kexectools != null) {

     

       4
       4
       +
         config = lib.mkIf (pkgs.kexectools.meta.available) {

     

       5
       5
        
           environment.systemPackages = [ pkgs.kexectools ];

     

       6
       6
        
       

     

       7
       7
        
           systemd.services."prepare-kexec" =

+1

pkgs/development/libraries/libseccomp/default.nix

···

       25
       25
        
           homepage    = "https://github.com/seccomp/libseccomp";

     

       26
       26
        
           license     = licenses.lgpl21;

     

       27
       27
        
           platforms   = platforms.linux;

     

       28
       28
       +
           badPlatforms = platforms.riscv;

     

       28
       29
        
           maintainers = with maintainers; [ thoughtpolice wkennington ];

     

       29
       30
        
         };

     

       30
       31
        
       }

+1

pkgs/os-specific/linux/kexectools/default.nix

···

       22
       22
        
           homepage = http://horms.net/projects/kexec/kexec-tools;

     

       23
       23
        
           description = "Tools related to the kexec Linux feature";

     

       24
       24
        
           platforms = platforms.linux;

     

       25
       25
       +
           badPlatforms = platforms.riscv;

     

       25
       26
        
         };

     

       26
       27
        
       }

+4 -1

pkgs/os-specific/linux/systemd/default.nix

···

       41
       41
        
         buildInputs =

     

       42
       42
        
           [ linuxHeaders libcap kmod xz pam acl

     

       43
       43
        
             /* cryptsetup */ libuuid glib libgcrypt libgpgerror libidn2

     

       44
       44
       -
             libmicrohttpd kexectools libseccomp libffi audit lz4 bzip2 libapparmor

     

       44
       44
       +
             libmicrohttpd ] ++

     

       45
       45
       +
             stdenv.lib.meta.enableIfAvailable kexectools ++

     

       46
       46
       +
             stdenv.lib.meta.enableIfAvailable libseccomp ++

     

       47
       47
       +
           [ libffi audit lz4 bzip2 libapparmor

     

       45
       48
        
             iptables gnu-efi

     

       46
       49
        
             # This is actually native, but we already pull it from buildPackages

     

       47
       50
        
             pythonLxmlEnv

+4 -2

pkgs/stdenv/generic/check-meta.nix

···

       165
       165
        
           isFcitxEngine = bool;

     

       166
       166
        
           isIbusEngine = bool;

     

       167
       167
        
           isGutenprint = bool;

     

       168
       168
       +
           badPlatforms = platforms;

     

       168
       169
        
         };

     

       169
       170
        
       

     

       170
       171
        
         checkMetaAttr = k: v:

     
···

       174
       175
        
         checkMeta = meta: if shouldCheckMeta then lib.remove null (lib.mapAttrsToList checkMetaAttr meta) else [];

     

       175
       176
        
       

     

       176
       177
        
         checkPlatform = attrs:

     

       177
       177
       -
           lib.any (lib.meta.platformMatch hostPlatform) attrs.meta.platforms;

     

       178
       178
       +
           (!(attrs ? meta.platforms) || lib.any (lib.meta.platformMatch hostPlatform) attrs.meta.platforms) &&

     

       179
       179
       +
           (!(attrs ? meta.badPlatforms && lib.any (lib.meta.platformMatch hostPlatform) attrs.meta.badPlatforms));

     

       178
       180
        
       

     

       179
       181
        
         # Check if a derivation is valid, that is whether it passes checks for

     

       180
       182
        
         # e.g brokenness or license.

     
···

       189
       191
        
             { valid = false; reason = "blacklisted"; errormsg = "has a blacklisted license (‘${showLicense attrs.meta.license}’)"; }

     

       190
       192
        
           else if !allowBroken && attrs.meta.broken or false then

     

       191
       193
        
             { valid = false; reason = "broken"; errormsg = "is marked as broken"; }

     

       192
       192
       -
           else if !allowUnsupportedSystem && !allowBroken && attrs.meta.platforms or null != null && !(checkPlatform attrs) then

     

       194
       194
       +
           else if !allowUnsupportedSystem && !allowBroken && !(checkPlatform attrs) then

     

       193
       195
        
             { valid = false; reason = "broken"; errormsg = "is not supported on ‘${hostPlatform.config}’"; }

     

       194
       196
        
           else if !(hasAllowedInsecure attrs) then

     

       195
       197
        
             { valid = false; reason = "insecure"; errormsg = "is marked as insecure"; }

+2 -2

pkgs/tools/package-management/nix/default.nix

···

       30
       30
        
           buildInputs = [ curl openssl sqlite xz bzip2 ]

     

       31
       31
        
             ++ lib.optional (stdenv.isLinux || stdenv.isDarwin) libsodium

     

       32
       32
        
             ++ lib.optionals is20 [ brotli ] # Since 1.12

     

       33
       33
       -
             ++ lib.optional (hostPlatform.isSeccomputable) libseccomp

     

       33
       33
       +
             ++ lib.meta.enableIfAvailable libseccomp

     

       34
       34
        
             ++ lib.optional ((stdenv.isLinux || stdenv.isDarwin) && is20)

     

       35
       35
        
                 (aws-sdk-cpp.override {

     

       36
       36
        
                   apis = ["s3"];

     
···

       60
       60
        
                 hostPlatform != buildPlatform && hostPlatform ? nix && hostPlatform.nix ? system

     

       61
       61
        
             ) ''--with-system=${hostPlatform.nix.system}''

     

       62
       62
        
                # RISC-V support in progress https://github.com/seccomp/libseccomp/pull/50

     

       63
       63
       -
             ++ lib.optional (!hostPlatform.isSeccomputable) "--disable-seccomp-sandboxing";

     

       63
       63
       +
             ++ lib.optional (!libseccomp.meta.available) "--disable-seccomp-sandboxing";

     

       64
       64
        
       

     

       65
       65
        
           makeFlags = "profiledir=$(out)/etc/profile.d";

     

       66
       66

+2 -6

pkgs/top-level/all-packages.nix

···

       3132
       3132
        
       

     

       3133
       3133
        
         keepalived = callPackage ../tools/networking/keepalived { };

     

       3134
       3134
        
       

     

       3135
       3135
       -
         kexectools = if hostPlatform.isKexecable

     

       3136
       3136
       -
                        then callPackage ../os-specific/linux/kexectools { }

     

       3137
       3137
       -
                      else null;

     

       3135
       3135
       +
         kexectools = callPackage ../os-specific/linux/kexectools { };

     

       3138
       3136
        
       

     

       3139
       3137
        
         keybase = callPackage ../tools/security/keybase { };

     

       3140
       3138
        
       

     
···

       9795
       9793
        
       

     

       9796
       9794
        
         libgroove = callPackage ../development/libraries/libgroove { };

     

       9797
       9795
        
       

     

       9798
       9798
       -
         libseccomp =  if hostPlatform.isSeccomputable

     

       9799
       9799
       -
                         then callPackage ../development/libraries/libseccomp { }

     

       9800
       9800
       -
                       else null;

     

       9796
       9796
       +
         libseccomp = callPackage ../development/libraries/libseccomp { };

     

       9801
       9797
        
       

     

       9802
       9798
        
         libsecret = callPackage ../development/libraries/libsecret { };

     

       9803
       9799