From 46bd0da51b3dc8469098c370d8c6816ef70410bb Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Wed, 29 Oct 2025 11:22:06 +0100 Subject: [PATCH 01/12] consistent let..in as a preemptive measure --- deps/botan/default.nix | 25 +++++--- deps/http-parser/default.nix | 8 ++- deps/lest/default.nix | 45 +++++++------ deps/libfmt/default.nix | 11 ++-- deps/musl-unpatched/default.nix | 55 +++++++++------- deps/musl/default.nix | 69 +++++++++++--------- deps/s2n/default.nix | 89 ++++++++++++++------------ deps/uzlib/default.nix | 108 +++++++++++++++++--------------- 8 files changed, 229 insertions(+), 181 deletions(-) diff --git a/deps/botan/default.nix b/deps/botan/default.nix index 2b5cae02e..decf5c7a7 100644 --- a/deps/botan/default.nix +++ b/deps/botan/default.nix @@ -3,18 +3,23 @@ }: let cpuFlag = if pkgs.stdenv.system == "i686-linux" then "x86_32" else "x86_64"; + + self = pkgs.botan2; + + dev = pkgs.libs.getDev self; + lib = pkgs.libs.getLib self; in -pkgs.botan2.overrideAttrs (oldAttrs: { + self.overrideAttrs (oldAttrs: { - postInstall = (oldAttrs.postInstall or "") + '' - ln -sr "$out/include/botan-2/botan" "$out/include" - ''; + postInstall = (oldAttrs.postInstall or "") + '' + ln -sr "$out/include/botan-2/botan" "$out/include" + ''; - buildPhase = '' - runHook preBuild + buildPhase = '' + runHook preBuild - make -j $NIX_BUILD_CORES + make -j $NIX_BUILD_CORES - runHook postBuild - ''; -}) + runHook postBuild + ''; + }) diff --git a/deps/http-parser/default.nix b/deps/http-parser/default.nix index 45e3e7aa7..49118e163 100644 --- a/deps/http-parser/default.nix +++ b/deps/http-parser/default.nix @@ -13,8 +13,14 @@ let sha256 = "15bdlccjg14qa7lwkcc7pikvi386ig108ca62hbxfas5wyw1fr62"; }; pkgsHttpfix = import nixpkgsHttpfix { crossSystem = { config = stdenv.targetPlatform.config; }; }; + pkgs = pkgsHttpfix.pkgsStatic; + + self = pkgs.http-parser; + + dev = pkgs.lib.getDev self; + lib = pkgs.lib.getLib self; in - pkgsHttpfix.pkgsStatic.http-parser.overrideAttrs (oldAttrs: { + self.overrideAttrs (oldAttrs: { inherit stdenv; postInstall = (oldAttrs.postInstall or "") + '' mkdir "$out/include/http-parser" diff --git a/deps/lest/default.nix b/deps/lest/default.nix index 37ad42d8d..86f2dfd6d 100644 --- a/deps/lest/default.nix +++ b/deps/lest/default.nix @@ -2,27 +2,34 @@ pkgs, stdenv }: -stdenv.mkDerivation rec { - pname = "lest"; - version = "1.36.0"; +let + self = stdenv.mkDerivation rec { + pname = "lest"; + version = "1.36.0"; - meta = { - description = "A tiny C++11 test framework – lest errors escape testing."; - homepage = "https://github.com/martinmoene/lest"; - license = pkgs.lib.licenses.boost; - }; + meta = { + description = "A tiny C++11 test framework – lest errors escape testing."; + homepage = "https://github.com/martinmoene/lest"; + license = pkgs.lib.licenses.boost; + }; - src = fetchGit { - url = "https://github.com/martinmoene/lest.git"; - ref = "refs/tags/v${version}"; - rev = "57197f32f2c7d3f3d3664a9010d3ff181a40f6ca"; - }; + src = fetchGit { + url = "https://github.com/martinmoene/lest.git"; + ref = "refs/tags/v${version}"; + rev = "57197f32f2c7d3f3d3664a9010d3ff181a40f6ca"; + }; - cmakeBuildType = "Debug"; + cmakeBuildType = "Debug"; + + postBuild = '' + mkdir -p "$out/include" + cp -r include "$out/" + ''; + }; - postBuild = '' - mkdir -p "$out/include" - cp -r include "$out/" - ''; + dev = pkgs.lib.getDev self; + lib = pkgs.lib.getLib self; +in + self.overrideAttrs (oldAttrs: { + }) -} diff --git a/deps/libfmt/default.nix b/deps/libfmt/default.nix index 2bf00f857..f186fcb55 100644 --- a/deps/libfmt/default.nix +++ b/deps/libfmt/default.nix @@ -6,7 +6,7 @@ cmake ? pkgs.cmake }: let - libfmt = stdenv.mkDerivation rec { + self = stdenv.mkDerivation rec { pname = "fmt"; version = "12.0.0"; @@ -28,8 +28,11 @@ let "-DFMT_INSTALL=ON" ]; }; + + dev = pkgs.lib.getDev self; + lib = pkgs.lib.getLib self; in - libfmt // { - include = "${libfmt}/include"; - lib = "${libfmt}/lib"; + self // { + include = "${self}/include"; + lib = "${self}/lib"; } diff --git a/deps/musl-unpatched/default.nix b/deps/musl-unpatched/default.nix index 9fbb4e2de..cc8ca7092 100644 --- a/deps/musl-unpatched/default.nix +++ b/deps/musl-unpatched/default.nix @@ -3,35 +3,42 @@ stdenv , pkgs , linuxHeaders ? null }: -stdenv.mkDerivation rec { - pname = "musl-unpatched"; - version = "1.2.5"; +let + self = stdenv.mkDerivation rec { + pname = "musl-unpatched"; + version = "1.2.5"; - src = fetchGit { - url = "git://git.musl-libc.org/musl"; - rev = "0784374d561435f7c787a555aeab8ede699ed298"; - }; + src = fetchGit { + url = "git://git.musl-libc.org/musl"; + rev = "0784374d561435f7c787a555aeab8ede699ed298"; + }; - enableParallelBuilding = true; + enableParallelBuilding = true; - configurePhase = '' - echo "Configuring with musl's configure script" - echo "Target platform is ${stdenv.targetPlatform.config}" - ./configure --prefix=$out --with-malloc=oldmalloc --disable-shared --enable-debug CROSS_COMPILE=${stdenv.targetPlatform.config}- - ''; + configurePhase = '' + echo "Configuring with musl's configure script" + echo "Target platform is ${stdenv.targetPlatform.config}" + ./configure --prefix=$out --with-malloc=oldmalloc --disable-shared --enable-debug CROSS_COMPILE=${stdenv.targetPlatform.config}- + ''; - # Copy linux headers - taken from upstream nixpkgs musl, needed for libcxx to build - postInstall = '' - (cd $out/include && ln -s $(ls -d ${linuxHeaders}/include/* | grep -v "scsi$") .) - ''; + # Copy linux headers - taken from upstream nixpkgs musl, needed for libcxx to build + postInstall = '' + (cd $out/include && ln -s $(ls -d ${linuxHeaders}/include/* | grep -v "scsi$") .) + ''; - CFLAGS = "-Wno-error=int-conversion -nostdinc"; + CFLAGS = "-Wno-error=int-conversion -nostdinc"; - passthru.linuxHeaders = linuxHeaders; + passthru.linuxHeaders = linuxHeaders; - meta = { - description = "musl - Linux based libc (unpatched)"; - homepage = "https://www.musl-libc.org/"; - license = pkgs.lib.licenses.mit; + meta = { + description = "musl - Linux based libc (unpatched)"; + homepage = "https://www.musl-libc.org/"; + license = pkgs.lib.licenses.mit; + }; }; -} + + dev = pkgs.lib.getDev self; + lib = pkgs.lib.getLib self; +in + self.overrideAttrs (oldAttrs: { + }) diff --git a/deps/musl/default.nix b/deps/musl/default.nix index c3070d334..a2ea8adad 100644 --- a/deps/musl/default.nix +++ b/deps/musl/default.nix @@ -3,45 +3,52 @@ stdenv , pkgs , linuxHeaders ? null }: -stdenv.mkDerivation rec { - pname = "musl-includeos"; - version = "1.2.5"; +let + self = stdenv.mkDerivation rec { + pname = "musl-includeos"; + version = "1.2.5"; - src = fetchGit { - url = "git://git.musl-libc.org/musl"; - rev = "0784374d561435f7c787a555aeab8ede699ed298"; - }; + src = fetchGit { + url = "git://git.musl-libc.org/musl"; + rev = "0784374d561435f7c787a555aeab8ede699ed298"; + }; - enableParallelBuilding = true; + enableParallelBuilding = true; - patches = [ - ./patches/musl.patch - ./patches/endian.patch - ]; + patches = [ + ./patches/musl.patch + ./patches/endian.patch + ]; - passthru.linuxHeaders = linuxHeaders; + passthru.linuxHeaders = linuxHeaders; - postUnpack = '' - echo "Replacing musl's syscall headers with IncludeOS syscalls" + postUnpack = '' + echo "Replacing musl's syscall headers with IncludeOS syscalls" - cp ${./patches/includeos_syscalls.h} $sourceRoot/src/internal/includeos_syscalls.h - cp ${./patches/syscall.h} $sourceRoot/src/internal/syscall.h + cp ${./patches/includeos_syscalls.h} $sourceRoot/src/internal/includeos_syscalls.h + cp ${./patches/syscall.h} $sourceRoot/src/internal/syscall.h - rm $sourceRoot/arch/x86_64/syscall_arch.h - rm $sourceRoot/arch/i386/syscall_arch.h - ''; + rm $sourceRoot/arch/x86_64/syscall_arch.h + rm $sourceRoot/arch/i386/syscall_arch.h + ''; - configurePhase = '' - echo "Configuring with musl's configure script" - echo "Target platform is ${stdenv.targetPlatform.config}" - ./configure --prefix=$out --disable-shared --enable-debug --with-malloc=oldmalloc CROSS_COMPILE=${stdenv.targetPlatform.config}- - ''; + configurePhase = '' + echo "Configuring with musl's configure script" + echo "Target platform is ${stdenv.targetPlatform.config}" + ./configure --prefix=$out --disable-shared --enable-debug --with-malloc=oldmalloc CROSS_COMPILE=${stdenv.targetPlatform.config}- + ''; - CFLAGS = "-Wno-error=int-conversion -nostdinc"; + CFLAGS = "-Wno-error=int-conversion -nostdinc"; - meta = { - description = "musl - Linux based libc, built with IncludeOS linux-like syscalls"; - homepage = "https://www.musl-libc.org/"; - license = pkgs.lib.licenses.mit; + meta = { + description = "musl - Linux based libc, built with IncludeOS linux-like syscalls"; + homepage = "https://www.musl-libc.org/"; + license = pkgs.lib.licenses.mit; + }; }; -} + + dev = pkgs.lib.getDev self; + lib = pkgs.lib.getLib self; +in + self.overrideAttrs (oldAttrs: { + }) diff --git a/deps/s2n/default.nix b/deps/s2n/default.nix index a4ea517b5..4de013e91 100644 --- a/deps/s2n/default.nix +++ b/deps/s2n/default.nix @@ -3,55 +3,62 @@ pkgs, stdenv }: -stdenv.mkDerivation rec { - pname = "s2n-tls"; - # ./conanfile.py lists 0.8, but there are not tags in the repo with version < 0.9.0 - version = "0.9.0"; - - src = pkgs.fetchzip { - url = "https://github.com/aws/s2n-tls/archive/v${version}.tar.gz"; - sha256 = "18qjqc2jrpiwdpzqxl6hl1cq0nfmqk8qas0ijpwr0g606av0aqm9"; - }; +let + self = stdenv.mkDerivation rec { + pname = "s2n-tls"; + # ./conanfile.py lists 0.8, but there are not tags in the repo with version < 0.9.0 + version = "0.9.0"; + + src = pkgs.fetchzip { + url = "https://github.com/aws/s2n-tls/archive/v${version}.tar.gz"; + sha256 = "18qjqc2jrpiwdpzqxl6hl1cq0nfmqk8qas0ijpwr0g606av0aqm9"; + }; - buildInputs = [ - pkgs.pkgsStatic.openssl - ]; + buildInputs = [ + pkgs.pkgsStatic.openssl + ]; - # the default 'all' target depends on tests which are broken (see below) - buildPhase = '' - runHook preBuild + # the default 'all' target depends on tests which are broken (see below) + buildPhase = '' + runHook preBuild - make bin + make bin - runHook postBuild - ''; + runHook postBuild + ''; - # TODO: tests fail: - # make -C unit - # make[2]: Entering directory '/build/source/tests/unit' - # Running s2n_3des_test.c ... FAILED test 1 - # !((conn = s2n_connection_new(S2N_SERVER)) == (((void *)0))) is not true (s2n_3des_test.c line 44) - # Error Message: 'error calling mlock (Did you run prlimit?)' - # Debug String: 'Error encountered in s2n_mem.c line 103' - # make[2]: *** [Makefile:44: s2n_3des_test] Error 1 - doCheck = false; + # TODO: tests fail: + # make -C unit + # make[2]: Entering directory '/build/source/tests/unit' + # Running s2n_3des_test.c ... FAILED test 1 + # !((conn = s2n_connection_new(S2N_SERVER)) == (((void *)0))) is not true (s2n_3des_test.c line 44) + # Error Message: 'error calling mlock (Did you run prlimit?)' + # Debug String: 'Error encountered in s2n_mem.c line 103' + # make[2]: *** [Makefile:44: s2n_3des_test] Error 1 + doCheck = false; - # Upstream Makefile has no install target - installPhase = '' - runHook preInstall + # Upstream Makefile has no install target + installPhase = '' + runHook preInstall - mkdir -p "$out/include" - cp api/s2n.h "$out/include" + mkdir -p "$out/include" + cp api/s2n.h "$out/include" - mkdir -p "$out/lib" - cp lib/libs2n.a lib/libs2n.so "$out/lib" + mkdir -p "$out/lib" + cp lib/libs2n.a lib/libs2n.so "$out/lib" - runHook postInstall - ''; + runHook postInstall + ''; - meta = { - description = "An implementation of the TLS/SSL protocols"; - homepage = "https://github.com/aws/s2n-tls"; - license = pkgs.lib.licenses.asl20; + meta = { + description = "An implementation of the TLS/SSL protocols"; + homepage = "https://github.com/aws/s2n-tls"; + license = pkgs.lib.licenses.asl20; + }; }; -} + + dev = pkgs.lib.getDev self; + lib = pkgs.lib.getLib self; +in + self.overrideAttrs (oldAttrs: { + }) diff --git a/deps/uzlib/default.nix b/deps/uzlib/default.nix index d1c39e88f..23e0207e9 100644 --- a/deps/uzlib/default.nix +++ b/deps/uzlib/default.nix @@ -2,60 +2,66 @@ pkgs, stdenv }: +let + self = stdenv.mkDerivation rec { + pname = "uzlib"; -stdenv.mkDerivation rec { - pname = "uzlib"; + # Latest version, seems incompatible with IncludeOS. + #version = "2.9.5"; + # + #src = fetchzip { + # url = "https://github.com/pfalcon/uzlib/archive/v${version}.tar.gz"; + # sha256 = "01l5y3rwa9935bqlrgww71zr83mbdinq69xzk2gfk96adgjvrl7k"; + #}; - # Latest version, seems incompatible with IncludeOS. - #version = "2.9.5"; - # - #src = fetchzip { - # url = "https://github.com/pfalcon/uzlib/archive/v${version}.tar.gz"; - # sha256 = "01l5y3rwa9935bqlrgww71zr83mbdinq69xzk2gfk96adgjvrl7k"; - #}; + # same version as listed in ./conanfile.py + version = "2.1.1"; - # same version as listed in ./conanfile.py - version = "2.1.1"; + src = pkgs.fetchzip { + url = "https://github.com/pfalcon/uzlib/archive/v${version}.tar.gz"; + sha256 = "1bdbfkxq648blh6v7lvvy1dhrykmib1kzpgjh1fb5zhzq5xib9b2"; + }; - src = pkgs.fetchzip { - url = "https://github.com/pfalcon/uzlib/archive/v${version}.tar.gz"; - sha256 = "1bdbfkxq648blh6v7lvvy1dhrykmib1kzpgjh1fb5zhzq5xib9b2"; - }; + # v2.1.1 has no top-level Makefile + buildPhase = '' + make -C src -f makefile.elf + ''; + + postPatch = '' + echo 'Replacing gcc with $(CC) in makefile.elf' + sed 's/gcc/$(CC)/g' -i ./src/makefile.elf + sed 's/ar /$(AR) /g' -i ./src/makefile.elf + sed 's/ranlib /$(RANLIB) /g' -i ./src/makefile.elf + ''; + + # Upstream doesn't have an install target (not even in the latest version) + installPhase = '' + runHook preInstall + + #ls -lR - # v2.1.1 has no top-level Makefile - buildPhase = '' - make -C src -f makefile.elf - ''; - - postPatch = '' - echo 'Replacing gcc with $(CC) in makefile.elf' - sed 's/gcc/$(CC)/g' -i ./src/makefile.elf - sed 's/ar /$(AR) /g' -i ./src/makefile.elf - sed 's/ranlib /$(RANLIB) /g' -i ./src/makefile.elf - ''; - - # Upstream doesn't have an install target (not even in the latest version) - installPhase = '' - runHook preInstall - - #ls -lR - - mkdir -p "$out/include" - cp src/tinf.h "$out/include" - #cp src/tinf_compat.h "$out/include" # doesn't exist in v2.1.1 - #cp src/uzlib.h "$out/include" # doesn't exist in v2.1.1 - cp src/defl_static.h "$out/include" - #cp src/uzlib_conf.h "$out/include" # doesn't exist in v2.1.1 - - mkdir -p "$out/lib" - cp lib/libtinf.a "$out/lib" - - runHook postInstall - ''; - - meta = { - description = "Radically unbloated DEFLATE/zlib/gzip compression/decompression library"; - homepage = "https://github.com/pfalcon/uzlib"; - license = pkgs.lib.licenses.zlib; + mkdir -p "$out/include" + cp src/tinf.h "$out/include" + #cp src/tinf_compat.h "$out/include" # doesn't exist in v2.1.1 + #cp src/uzlib.h "$out/include" # doesn't exist in v2.1.1 + cp src/defl_static.h "$out/include" + #cp src/uzlib_conf.h "$out/include" # doesn't exist in v2.1.1 + + mkdir -p "$out/lib" + cp lib/libtinf.a "$out/lib" + + runHook postInstall + ''; + + meta = { + description = "Radically unbloated DEFLATE/zlib/gzip compression/decompression library"; + homepage = "https://github.com/pfalcon/uzlib"; + license = pkgs.lib.licenses.zlib; + }; }; -} + + dev = pkgs.lib.getDev self; + lib = pkgs.lib.getLib self; +in + self.overrideAttrs (oldAttrs: { + }) From 985b02b18c0365c23392d3ef383406a59cb0d50d Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Wed, 29 Oct 2025 11:23:28 +0100 Subject: [PATCH 02/12] sort deps alphabetically --- overlay.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/overlay.nix b/overlay.nix index 94b2d34ba..86b30a118 100644 --- a/overlay.nix +++ b/overlay.nix @@ -159,12 +159,12 @@ final: prev: { ++ prev.lib.optionals withCcache [self.ccacheWrapper ccacheNoticeHook]; buildInputs = [ - self.libfmt - self.botan2 - self.http-parser prev.pkgsStatic.openssl prev.pkgsStatic.rapidjson - #self.s2n-tls 👈 This is postponed until we can fix the s2n build. + self.botan2 + self.http-parser + self.libfmt + # self.s2n-tls 👈 This is postponed until we can fix the s2n build. self.uzlib self.vmbuild ]; @@ -205,12 +205,12 @@ final: prev: { passthru.pkgs = prev.pkgs; # this is for convenience for other packages that depend on includeos passthru = { - inherit (self) uzlib; - inherit (self) http-parser; inherit (self) botan2; - inherit (self) libfmt; - #inherit (self) s2n-tls; inherit (self) cmake; + inherit (self) http-parser; + inherit (self) libfmt; + # inherit (self) s2n-tls; + inherit (self) uzlib; inherit (self) vmbuild; }; From 835745ac12ad9fddae30cefff91a9a67b34674b8 Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 13:05:25 +0200 Subject: [PATCH 03/12] prefer consistent naming --- deps/{botan => botan2}/WIP.md | 0 deps/{botan => botan2}/default.nix | 0 deps/{s2n => s2n-tls}/default.nix | 0 overlay.nix | 4 ++-- 4 files changed, 2 insertions(+), 2 deletions(-) rename deps/{botan => botan2}/WIP.md (100%) rename deps/{botan => botan2}/default.nix (100%) rename deps/{s2n => s2n-tls}/default.nix (100%) diff --git a/deps/botan/WIP.md b/deps/botan2/WIP.md similarity index 100% rename from deps/botan/WIP.md rename to deps/botan2/WIP.md diff --git a/deps/botan/default.nix b/deps/botan2/default.nix similarity index 100% rename from deps/botan/default.nix rename to deps/botan2/default.nix diff --git a/deps/s2n/default.nix b/deps/s2n-tls/default.nix similarity index 100% rename from deps/s2n/default.nix rename to deps/s2n-tls/default.nix diff --git a/overlay.nix b/overlay.nix index 86b30a118..ddd2ad14a 100644 --- a/overlay.nix +++ b/overlay.nix @@ -87,10 +87,10 @@ final: prev: { inherit suppressTargetWarningHook; # Deps - botan2 = self.callPackage ./deps/botan/default.nix { }; + botan2 = self.callPackage ./deps/botan2/default.nix { }; libfmt = self.callPackage ./deps/libfmt/default.nix { }; + s2n-tls = self.callPackage ./deps/s2n-tls/default.nix { }; http-parser = self.callPackage ./deps/http-parser/default.nix { }; - s2n-tls = self.callPackage ./deps/s2n/default.nix { }; uzlib = self.callPackage ./deps/uzlib/default.nix { }; vmbuild = self.callPackage ./vmbuild.nix { }; From 218617f5f6aecbce00cea6622b622b8a1df17bd1 Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 15:46:25 +0200 Subject: [PATCH 04/12] add nix build for libfdt --- .../libfdt/clang-no-suggest-attr-format.patch | 16 +++++++ deps/libfdt/default.nix | 48 +++++++++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 deps/libfdt/clang-no-suggest-attr-format.patch create mode 100644 deps/libfdt/default.nix diff --git a/deps/libfdt/clang-no-suggest-attr-format.patch b/deps/libfdt/clang-no-suggest-attr-format.patch new file mode 100644 index 000000000..e063104c1 --- /dev/null +++ b/deps/libfdt/clang-no-suggest-attr-format.patch @@ -0,0 +1,16 @@ +diff --git a/Makefile b/Makefile +index f1f0ab3..edbcb4a 100644 +--- a/Makefile ++++ b/Makefile +@@ -20,7 +20,10 @@ ASSUME_MASK ?= 0 + CPPFLAGS = -I libfdt -I . -DFDT_ASSUME_MASK=$(ASSUME_MASK) + WARNINGS = -Wall -Wpointer-arith -Wcast-qual -Wnested-externs -Wsign-compare \ + -Wstrict-prototypes -Wmissing-prototypes -Wredundant-decls -Wshadow \ +- -Wsuggest-attribute=format -Wwrite-strings ++ -Wwrite-strings ++ifeq ($(findstring gcc,$(notdir $(CC))),gcc) ++WARNINGS += -Wsuggest-attribute=format ++endif + CFLAGS = -g -Os $(SHAREDLIB_CFLAGS) -Werror $(WARNINGS) $(EXTRA_CFLAGS) + + BISON = bison diff --git a/deps/libfdt/default.nix b/deps/libfdt/default.nix new file mode 100644 index 000000000..4614fb11b --- /dev/null +++ b/deps/libfdt/default.nix @@ -0,0 +1,48 @@ +{ + pkgs, + stdenv +}: + +let + self = stdenv.mkDerivation rec { + pname = "libfdt"; + version = "1.7.2"; + src = pkgs.fetchzip { + url = "https://mirrors.edge.kernel.org/pub/software/utils/dtc/dtc-${version}.tar.xz"; + hash = "sha256-KZCzrvdWd6zfQHppjyp4XzqNCfH2UnuRneu+BNIRVAY="; + }; + meta.license = pkgs.lib.licenses.bsd2; + + nativeBuildInputs = with pkgs.buildPackages; [ + pkg-config flex bison + ]; + outputs = [ "out" "dev" ]; + + patches = [ + ./clang-no-suggest-attr-format.patch # TODO: upstream + ]; + + buildPhase = '' + runHook preBuild + make -j"$NIX_BUILD_CORES" libfdt/libfdt.a + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + install -D -m644 -t "$out/lib/" libfdt/libfdt.a + install -D -m644 -t "$dev/include/fdt" libfdt/*.h + runHook postInstall + ''; + }; + + dev = pkgs.lib.getDev self; +in + self.overrideAttrs (prev: { + passthru = { + include_root = "${dev}/include"; + include = "${dev}/include/fdt"; + lib = "${self}/lib"; + }; + }) + From 95fc4c786f9b3b795e77a03bff9a851f9f9b397d Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 15:46:38 +0200 Subject: [PATCH 05/12] deprecate cmakelists for dependency --- deps/libfdt/CMakeLists.txt | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 deps/libfdt/CMakeLists.txt diff --git a/deps/libfdt/CMakeLists.txt b/deps/libfdt/CMakeLists.txt deleted file mode 100644 index d54f7ad32..000000000 --- a/deps/libfdt/CMakeLists.txt +++ /dev/null @@ -1,29 +0,0 @@ -cmake_minimum_required(VERSION 3.31.6) - -project(libfdt) - -set(SRC_S - dtc/libfdt/fdt.c - dtc/libfdt/fdt_ro.c - dtc/libfdt/fdt_wip.c - dtc/libfdt/fdt_sw.c - dtc/libfdt/fdt_rw.c - dtc/libfdt/fdt_strerror.c - dtc/libfdt/fdt_empty_tree.c - dtc/libfdt/fdt_addresses.c - dtc/libfdt/fdt_overlay.c -) - -set(HEADERS - dtc/libfdt/fdt.h - dtc/libfdt/libfdt.h - dtc/libfdt/libfdt_env.h -) - -include_directories(dtc/libfdt) - -add_library(fdt STATIC ${SRC_S}) - -INSTALL(TARGETS fdt DESTINATION "lib") - -INSTALL(FILES ${HEADERS} DESTINATION "include") From 3bc80406ebbf15e13df47fb417ec93b91e438746 Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 16:13:15 +0200 Subject: [PATCH 06/12] export include and lib paths for deps --- deps/botan2/default.nix | 7 +++++++ deps/http-parser/default.nix | 7 ++++++- deps/lest/default.nix | 8 ++++++-- deps/uzlib/default.nix | 8 +++++++- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/deps/botan2/default.nix b/deps/botan2/default.nix index decf5c7a7..cc10cc0cf 100644 --- a/deps/botan2/default.nix +++ b/deps/botan2/default.nix @@ -23,3 +23,10 @@ in runHook postBuild ''; }) + + passthru = (oldAttrs.passthru or {}) // { + include_root = "${dev}/include"; + include = "${dev}/include/botan-2"; # include/botan2/botan/*.h + lib = "${lib}/lib"; + }; +}) diff --git a/deps/http-parser/default.nix b/deps/http-parser/default.nix index 49118e163..895f10d3d 100644 --- a/deps/http-parser/default.nix +++ b/deps/http-parser/default.nix @@ -7,7 +7,7 @@ let # TODO: Upstream doesn't use that subdir though, so better fix IncludeOS # sources. # - # Uses a more recent version of nixpkgs to get support for static builds + # Uses a more recent version of nixpkgs to get support for static builds # TODO: verify if still obsolete nixpkgsHttpfix = builtins.fetchTarball { url = "https://github.com/NixOS/nixpkgs/archive/33f464b661f939689aa56af6b6e27b504c5afb93.tar.gz"; sha256 = "15bdlccjg14qa7lwkcc7pikvi386ig108ca62hbxfas5wyw1fr62"; @@ -26,4 +26,9 @@ in mkdir "$out/include/http-parser" ln -sr "$out/include/http_parser.h" "$out/include/http-parser" ''; + passthru = (oldAttrs.passthru or {}) // { + include_root = "${dev}/include"; + include = "${dev}/include"; # TODO: consider subdir? + lib = "${self}/lib"; + }; }) diff --git a/deps/lest/default.nix b/deps/lest/default.nix index 86f2dfd6d..185a05b4a 100644 --- a/deps/lest/default.nix +++ b/deps/lest/default.nix @@ -30,6 +30,10 @@ let dev = pkgs.lib.getDev self; lib = pkgs.lib.getLib self; in - self.overrideAttrs (oldAttrs: { + self.overrideAttrs (prev: { + passthru = (prev.passthru or {}) // { + include_root = "${dev}/include"; + include = "${dev}/include/lest"; + # lib = "${self}"; # TODO: consider precompiling + }; }) - diff --git a/deps/uzlib/default.nix b/deps/uzlib/default.nix index 23e0207e9..4da7be7ca 100644 --- a/deps/uzlib/default.nix +++ b/deps/uzlib/default.nix @@ -6,6 +6,7 @@ let self = stdenv.mkDerivation rec { pname = "uzlib"; + # TODO: update? # Latest version, seems incompatible with IncludeOS. #version = "2.9.5"; # @@ -63,5 +64,10 @@ let dev = pkgs.lib.getDev self; lib = pkgs.lib.getLib self; in - self.overrideAttrs (oldAttrs: { + self.overrideAttrs (prev: { + passthru = (prev.passthru or {}) // { + include_root = "${dev}/include"; + include = "${dev}/include"; # TODO: consider subdir? + lib = "${self}/lib"; + }; }) From 360992880e361cec6dbbf3ee7815d6d2d1d1f603 Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 16:13:54 +0200 Subject: [PATCH 07/12] enable libfdt dependency --- overlay.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/overlay.nix b/overlay.nix index ddd2ad14a..9fa451bf8 100644 --- a/overlay.nix +++ b/overlay.nix @@ -92,6 +92,7 @@ final: prev: { s2n-tls = self.callPackage ./deps/s2n-tls/default.nix { }; http-parser = self.callPackage ./deps/http-parser/default.nix { }; uzlib = self.callPackage ./deps/uzlib/default.nix { }; + libfdt = self.callPackage ./deps/libfdt/default.nix { }; vmbuild = self.callPackage ./vmbuild.nix { }; @@ -165,6 +166,7 @@ final: prev: { self.http-parser self.libfmt # self.s2n-tls 👈 This is postponed until we can fix the s2n build. + self.libfdt self.uzlib self.vmbuild ]; @@ -208,8 +210,14 @@ final: prev: { inherit (self) botan2; inherit (self) cmake; inherit (self) http-parser; +<<<<<<< HEAD inherit (self) libfmt; # inherit (self) s2n-tls; +||||||| parent of c0f128940 (enable libfdt dependency) +======= + inherit (self) libfdt; + # inherit (self) s2n-tls; +>>>>>>> c0f128940 (enable libfdt dependency) inherit (self) uzlib; inherit (self) vmbuild; }; From 1a64d1ace636958ac595ead80f326268c712988c Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 16:15:44 +0200 Subject: [PATCH 08/12] include dependencies into LSP commands --- develop.nix | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/develop.nix b/develop.nix index 74f59ac39..bcf29710e 100644 --- a/develop.nix +++ b/develop.nix @@ -72,6 +72,21 @@ includeos.pkgs.mkShell.override { inherit (includeos) stdenv; } rec { -D ARCH=${arch} \ -D CMAKE_MODULE_PATH=${includeos}/cmake + # TODO: missing s2n-tls (postponed in overlay.nix) + DEP_INCLUDE_PATH="$( + for d in \ + "$IOS_SRC/test/lest_util" \ + "${includeos.botan2.include}" \ + "${includeos.http-parser.include}" \ + "${includeos.lest.include}" \ + "${includeos.uzlib.include}" \ + "${includeos.pkgs.rapidjson}/include" \ + "${includeos.pkgs.openssl}/include" + do + printf ' -I %s' "$d" + done + )" + # procuced by CMake CCDB="${buildpath}/compile_commands.json" @@ -83,13 +98,13 @@ includeos.pkgs.mkShell.override { inherit (includeos) stdenv; } rec { jq \ --arg libcxx "${includeos.libraries.libcxx.include}" \ --arg libc "${includeos.libraries.libc}" \ - --arg libfmt "${includeos.passthru.libfmt.include}" \ --arg localsrc "${toString ./.}" \ + --arg extra "$DEP_INCLUDE_PATH" \ ' map(.command |= ( . + " -isystem \($libcxx)" + " -isystem \($libc)/include" - + " -I \($libfmt)" + + " \($extra)" | gsub("(?-I)(?/lib/LiveUpdate/include)"; .a + $localsrc + .b) )) ' "$CCDB" > "$tmp" && mv "$tmp" "$CCDB" From 6e8ae44731e114dfcaa6b354aa1494bb66e7779c Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 16:16:27 +0200 Subject: [PATCH 09/12] avoid unnecessary clutter: disable compile_commands.json in root dir by default --- develop.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/develop.nix b/develop.nix index bcf29710e..89d403833 100644 --- a/develop.nix +++ b/develop.nix @@ -111,7 +111,7 @@ includeos.pkgs.mkShell.override { inherit (includeos) stdenv; } rec { # most clangd configurations and editors will look in ./build/, but this just makes it easier to find for some niche edge cases - ln -sfn "${buildpath}/compile_commands.json" "$IOS_SRC/compile_commands.json" + # ln -sfn "${buildpath}/compile_commands.json" "$IOS_SRC/compile_commands.json" ''; } From 58f4967611dee12a42a0394c0745c51460ce147d Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 16:18:06 +0200 Subject: [PATCH 10/12] expose temporary s2n-tls paths --- deps/s2n-tls/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deps/s2n-tls/default.nix b/deps/s2n-tls/default.nix index 4de013e91..4c685673d 100644 --- a/deps/s2n-tls/default.nix +++ b/deps/s2n-tls/default.nix @@ -61,4 +61,10 @@ let lib = pkgs.lib.getLib self; in self.overrideAttrs (oldAttrs: { + # TODO: verify the {include, lib} paths. commented are Gentoo artifacts + passthru = (prev.passthru or {}) // { + include_root = "${dev}/include"; # /usr/include/s2n.h + include = "${dev}/include/s2n"; # /usr/include/s2n/unstable/*.h + lib = "${self}/lib"; # /usr/lib64 on Gentoo... + }; }) From 150676ad96514b9e21f7bbd8a2ade52d89048265 Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 16:46:36 +0200 Subject: [PATCH 11/12] try to get s2n-tls working --- deps/s2n-tls/default.nix | 19 ++- deps/s2n-tls/fix-strict-prototypes.patch | 142 +++++++++++++++++++++++ 2 files changed, 149 insertions(+), 12 deletions(-) create mode 100644 deps/s2n-tls/fix-strict-prototypes.patch diff --git a/deps/s2n-tls/default.nix b/deps/s2n-tls/default.nix index 4c685673d..ca545d883 100644 --- a/deps/s2n-tls/default.nix +++ b/deps/s2n-tls/default.nix @@ -11,14 +11,18 @@ let src = pkgs.fetchzip { url = "https://github.com/aws/s2n-tls/archive/v${version}.tar.gz"; - sha256 = "18qjqc2jrpiwdpzqxl6hl1cq0nfmqk8qas0ijpwr0g606av0aqm9"; + sha256 = "18qjqc2jrpiwdpzqxl6hl1cq0nfmqk8qas0ijpwr0g606av0aqm9"; # v0.9.0 + # hash = "sha256-aJRw1a/XJivNZS3NkZ4U6nC12+wY/aoNv33mbAzNl0k="; # v1.5.27 }; + patches = [ ./fix-strict-prototypes.patch ]; + buildInputs = [ pkgs.pkgsStatic.openssl ]; - # the default 'all' target depends on tests which are broken (see below) + # ld: cannot find -lgcc_eh: No such file or directory + # ld: have you installed the static version of the gcc_eh library ? buildPhase = '' runHook preBuild @@ -27,17 +31,8 @@ let runHook postBuild ''; - # TODO: tests fail: - # make -C unit - # make[2]: Entering directory '/build/source/tests/unit' - # Running s2n_3des_test.c ... FAILED test 1 - # !((conn = s2n_connection_new(S2N_SERVER)) == (((void *)0))) is not true (s2n_3des_test.c line 44) - # Error Message: 'error calling mlock (Did you run prlimit?)' - # Debug String: 'Error encountered in s2n_mem.c line 103' - # make[2]: *** [Makefile:44: s2n_3des_test] Error 1 - doCheck = false; - # Upstream Makefile has no install target + # FIXME: looks like it does now: https://github.com/aws/s2n-tls/blame/73720795dbc37d295592f427e8c225cfafef39a0/Makefile#L106 installPhase = '' runHook preInstall diff --git a/deps/s2n-tls/fix-strict-prototypes.patch b/deps/s2n-tls/fix-strict-prototypes.patch new file mode 100644 index 000000000..ccc9a4b6c --- /dev/null +++ b/deps/s2n-tls/fix-strict-prototypes.patch @@ -0,0 +1,142 @@ +diff --git a/crypto/s2n_aead_cipher_aes_gcm.c b/crypto/s2n_aead_cipher_aes_gcm.c +index 36820ab20..1c12eb4ed 100644 +--- a/crypto/s2n_aead_cipher_aes_gcm.c ++++ b/crypto/s2n_aead_cipher_aes_gcm.c +@@ -23,12 +23,12 @@ + #include "utils/s2n_safety.h" + #include "utils/s2n_blob.h" + +-static uint8_t s2n_aead_cipher_aes128_gcm_available() ++static uint8_t s2n_aead_cipher_aes128_gcm_available(void) + { + return (EVP_aes_128_gcm() ? 1 : 0); + } + +-static uint8_t s2n_aead_cipher_aes256_gcm_available() ++static uint8_t s2n_aead_cipher_aes256_gcm_available(void) + { + return (EVP_aes_256_gcm() ? 1 : 0); + } +diff --git a/crypto/s2n_cbc_cipher_3des.c b/crypto/s2n_cbc_cipher_3des.c +index 0a9aae2ed..3e7cc3227 100644 +--- a/crypto/s2n_cbc_cipher_3des.c ++++ b/crypto/s2n_cbc_cipher_3des.c +@@ -23,7 +23,7 @@ + #include "utils/s2n_safety.h" + #include "utils/s2n_blob.h" + +-static uint8_t s2n_cbc_cipher_3des_available() ++static uint8_t s2n_cbc_cipher_3des_available(void) + { + return (EVP_des_ede3_cbc() ? 1 : 0); + } +diff --git a/crypto/s2n_cbc_cipher_aes.c b/crypto/s2n_cbc_cipher_aes.c +index a504fd103..8818a5f8d 100644 +--- a/crypto/s2n_cbc_cipher_aes.c ++++ b/crypto/s2n_cbc_cipher_aes.c +@@ -23,12 +23,12 @@ + #include "utils/s2n_safety.h" + #include "utils/s2n_blob.h" + +-static uint8_t s2n_cbc_cipher_aes128_available() ++static uint8_t s2n_cbc_cipher_aes128_available(void) + { + return (EVP_aes_128_cbc() ? 1 : 0); + } + +-static uint8_t s2n_cbc_cipher_aes256_available() ++static uint8_t s2n_cbc_cipher_aes256_available(void) + { + return (EVP_aes_256_cbc() ? 1 : 0); + } +diff --git a/crypto/s2n_stream_cipher_null.c b/crypto/s2n_stream_cipher_null.c +index 2d2093ca4..5ff3ea6be 100644 +--- a/crypto/s2n_stream_cipher_null.c ++++ b/crypto/s2n_stream_cipher_null.c +@@ -20,7 +20,7 @@ + #include "utils/s2n_safety.h" + #include "utils/s2n_blob.h" + +-static uint8_t s2n_stream_cipher_null_available() ++static uint8_t s2n_stream_cipher_null_available(void) + { + return 1; + } +diff --git a/crypto/s2n_stream_cipher_rc4.c b/crypto/s2n_stream_cipher_rc4.c +index bf94aad7a..8abd3223f 100644 +--- a/crypto/s2n_stream_cipher_rc4.c ++++ b/crypto/s2n_stream_cipher_rc4.c +@@ -21,7 +21,7 @@ + #include "utils/s2n_safety.h" + #include "utils/s2n_blob.h" + +-static uint8_t s2n_stream_cipher_rc4_available() ++static uint8_t s2n_stream_cipher_rc4_available(void) + { + return (EVP_rc4() ? 1 : 0); + } +diff --git a/utils/s2n_map.c b/utils/s2n_map.c +index b76d44057..4d4d78272 100644 +--- a/utils/s2n_map.c ++++ b/utils/s2n_map.c +@@ -81,7 +81,7 @@ static int s2n_map_embiggen(struct s2n_map *map, uint32_t capacity) + return 0; + } + +-struct s2n_map *s2n_map_new() ++struct s2n_map *s2n_map_new(void) + { + struct s2n_blob mem = {0}; + struct s2n_map *map; +diff --git a/utils/s2n_map.h b/utils/s2n_map.h +index abea548f1..25a5a4bab 100644 +--- a/utils/s2n_map.h ++++ b/utils/s2n_map.h +@@ -22,7 +22,7 @@ + + struct s2n_map; + +-extern struct s2n_map *s2n_map_new(); ++extern struct s2n_map *s2n_map_new(void); + extern int s2n_map_add(struct s2n_map *map, struct s2n_blob *key, struct s2n_blob *value); + extern int s2n_map_put(struct s2n_map *map, struct s2n_blob *key, struct s2n_blob *value); + extern int s2n_map_complete(struct s2n_map *map); +diff --git a/utils/s2n_random.c b/utils/s2n_random.c +index 6066d1564..4a2100ac7 100644 +--- a/utils/s2n_random.c ++++ b/utils/s2n_random.c +@@ -313,7 +313,7 @@ int s2n_set_private_drbg_for_test(struct s2n_drbg drbg) + } + + +-int s2n_cpu_supports_rdrand() ++int s2n_cpu_supports_rdrand(void) + { + #if ((defined(__x86_64__) || defined(__i386__)) && (defined(__clang__) || S2N_GCC_VERSION_AT_LEAST(4,3,0))) + uint32_t eax, ebx, ecx, edx; +diff --git a/utils/s2n_safety.c b/utils/s2n_safety.c +index 7e110b75f..90339d926 100644 +--- a/utils/s2n_safety.c ++++ b/utils/s2n_safety.c +@@ -29,7 +29,7 @@ + * Returns: + * The process ID of the current process + */ +-pid_t s2n_actual_getpid() ++pid_t s2n_actual_getpid(void) + { + #if defined(__GNUC__) && defined(SYS_getpid) + /* http://yarchive.net/comp/linux/getpid_caching.html */ +diff --git a/utils/s2n_safety.h b/utils/s2n_safety.h +index 5768f86f8..5f9fad752 100644 +--- a/utils/s2n_safety.h ++++ b/utils/s2n_safety.h +@@ -108,7 +108,7 @@ static inline void* trace_memcpy_check(void *restrict to, const void *restrict f + * Returns: + * The process ID of the current process + */ +-extern pid_t s2n_actual_getpid(); ++extern pid_t s2n_actual_getpid(void); + + /* Returns 1 if a and b are equal, in constant time */ + extern int s2n_constant_time_equals(const uint8_t * a, const uint8_t * b, uint32_t len); From ad8dcc5c383f3b108105eee82f0b36382b39b7dd Mon Sep 17 00:00:00 2001 From: Mazunki Hoksaas Date: Sun, 19 Oct 2025 17:52:02 +0200 Subject: [PATCH 12/12] include libfdt --- develop.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/develop.nix b/develop.nix index 89d403833..748314f7c 100644 --- a/develop.nix +++ b/develop.nix @@ -79,6 +79,7 @@ includeos.pkgs.mkShell.override { inherit (includeos) stdenv; } rec { "${includeos.botan2.include}" \ "${includeos.http-parser.include}" \ "${includeos.lest.include}" \ + "${includeos.libfdt.include}" \ "${includeos.uzlib.include}" \ "${includeos.pkgs.rapidjson}/include" \ "${includeos.pkgs.openssl}/include"