diff --git a/chainloader.nix b/chainloader.nix index afbbcead7..00d7d0a9e 100644 --- a/chainloader.nix +++ b/chainloader.nix @@ -20,6 +20,9 @@ let includeos = pkgs.pkgsIncludeOS.includeos; stdenv = pkgs.pkgsIncludeOS.stdenv; + + suppress = includeos.pkgs.callPackage ./nix/suppress.nix {}; + ccache = includeos.pkgs.callPackage ./nix/ccache.nix {}; in assert (stdenv.targetPlatform.system != "i686-linux") -> @@ -48,5 +51,5 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgs.buildPackages.cmake pkgs.buildPackages.nasm - ] ++ [ pkgs.pkgsIncludeOS.suppressTargetWarningHook ]; + ] ++ [ suppress.targetWarningHook ]; } diff --git a/nix/ccache.nix b/nix/ccache.nix new file mode 100644 index 000000000..e5e05cc03 --- /dev/null +++ b/nix/ccache.nix @@ -0,0 +1,54 @@ +{ pkgs +, cc +, ccacheDir ? "/nix/var/cache/ccache" +, showNotice ? true +}: +let + noticeHook = + if showNotice then + pkgs.writeTextFile { + name = "ccache-notice-hook"; + destination = "/nix-support/setup-hook"; + text = '' + echo "=====" + echo "ccache is enabled!" + echo "Disable with: --arg withCcache false" + echh "" + echo "It's recommended to run tests with ccache disabled to avoid cache incoherencies." + echo "=====" + ''; + } + else + null; + + wrapper = pkgs.ccacheWrapper.override { + inherit cc; + + extraConfig = '' + export CCACHE_DIR="${ccacheDir}" + if [ ! -d "$CCACHE_DIR" ]; then + echo "=====" + echo "Directory '$CCACHE_DIR' does not exist" + echo " sudo mkdir -m0770 '$CCACHE_DIR' + echo "sudo chown root:nixbld '$CCACHE_DIR'" + echo "" + echo 'Alternatively, disable ccache with `--arg withCcache false`' + echo "=====" + exit 1 + fi + if [ ! -w "$CCACHE_DIR" ]; then + echo "=====" + echo "Directory '$CCACHE_DIR' exists but isn't writable by $(whoami)" + echo "Please verify its access permissions" + echo "=====" + exit 1 + fi + export CCACHE_COMPRESS=1 + export CCACHE_UMASK=007 + export CCACHE_SLOPPINESS=random_seed + ''; + }; +in +{ + inherit wrapper noticeHook; +} diff --git a/nix/suppress.nix b/nix/suppress.nix new file mode 100644 index 000000000..38ea816f7 --- /dev/null +++ b/nix/suppress.nix @@ -0,0 +1,16 @@ +{ pkgs }: +let + targetWarningHook = pkgs.writeTextFile { + name = "suppress-target-warning-hook"; + destination = "/nix-support/setup-hook"; + text = '' + # see https://github.com/NixOS/nixpkgs/issues/395191 + # delete this hook and downstream references once resolved + + export NIX_CC_WRAPPER_SUPPRESS_TARGET_WARNING=1 + ''; + }; +in +{ + inherit targetWarningHook; +} diff --git a/overlay.nix b/overlay.nix index 94b2d34ba..6d268e95a 100644 --- a/overlay.nix +++ b/overlay.nix @@ -59,32 +59,12 @@ final: prev: { pkgsIncludeOS = prev.pkgsStatic.lib.makeScope prev.pkgsStatic.newScope (self: let - ccacheNoticeHook = prev.writeTextFile { - name = "ccache-notice-hook"; - destination = "/nix-support/setup-hook"; - text = '' - echo "=====" - echo "ccache is enabled!" - echo "If you run into any issues, try: --arg withCcache false" - echo "It's recommended to run tests with ccache disabled to avoid cache incoherencies." - echo "=====" - ''; - }; - - suppressTargetWarningHook = prev.writeTextFile { - name = "suppress-target-warning-hook"; - destination = "/nix-support/setup-hook"; - text = '' - # see https://github.com/NixOS/nixpkgs/issues/395191 - # delete this hook and downstream references once resolved + ccache = import ./nix/ccache.nix { pkgs = prev; inherit (self.stdenv) cc; }; - export NIX_CC_WRAPPER_SUPPRESS_TARGET_WARNING=1 - ''; - }; + suppress = import ./nix/suppress.nix { pkgs = prev; }; in { # self.callPackage will use this stdenv. stdenv = final.stdenvIncludeOS.includeos_stdenv; - inherit suppressTargetWarningHook; # Deps botan2 = self.callPackage ./deps/botan/default.nix { }; @@ -95,36 +75,6 @@ final: prev: { vmbuild = self.callPackage ./vmbuild.nix { }; - ccacheWrapper = prev.ccacheWrapper.override { - inherit (self.stdenv) cc; - extraConfig = '' - export CCACHE_DIR="/nix/var/cache/ccache" - if [ ! -d "$CCACHE_DIR" ]; then - echo "=====" - echo "Directory '$CCACHE_DIR' does not exist" - echo "Please create it with:" - echo " sudo mkdir -m0770 '$CCACHE_DIR'" - echo " sudo chown root:nixbld '$CCACHE_DIR'" - echo "" - echo 'Alternatively, disable ccache with `--arg withCcache false`' - echo "=====" - exit 1 - fi - if [ ! -w "$CCACHE_DIR" ]; then - echo "=====" - echo "Directory '$CCACHE_DIR' exists, but is not accessible for user $(whoami)" - echo "Please verify its access permissions" - echo 'Alternatively, disable ccache with `--arg withCcache false`' - echo "=====" - exit 1 - fi - - export CCACHE_COMPRESS=1 - export CCACHE_UMASK=007 - export CCACHE_SLOPPINESS=random_seed - ''; - }; - # IncludeOS includeos = self.stdenv.mkDerivation rec { enableParallelBuilding = true; @@ -155,8 +105,8 @@ final: prev: { nativeBuildInputs = [ prev.buildPackages.cmake prev.buildPackages.nasm - ] ++ prev.lib.optionals disableTargetWarning [suppressTargetWarningHook] - ++ prev.lib.optionals withCcache [self.ccacheWrapper ccacheNoticeHook]; + ] ++ prev.lib.optionals disableTargetWarning [suppress.targetWarningHook] + ++ prev.lib.optionals withCcache [ccache.wrapper ccache.noticeHook]; buildInputs = [ self.libfmt diff --git a/unikernel.nix b/unikernel.nix index e29913bdb..8c1eecd62 100644 --- a/unikernel.nix +++ b/unikernel.nix @@ -38,6 +38,9 @@ let includeos.vmrunner else includeos.pkgs.callPackage (builtins.toPath /. + vmrunner) {}; + + suppress = includeos.pkgs.callPackage ./nix/suppress.nix {}; + ccache = includeos.pkgs.callPackage ./nix/ccache.nix {}; in includeos.stdenv.mkDerivation rec { pname = "includeos_example"; @@ -49,7 +52,7 @@ includeos.stdenv.mkDerivation rec { nativeBuildInputs = [ includeos.pkgs.buildPackages.nasm includeos.pkgs.buildPackages.cmake - ] ++ [ includeos.pkgs.pkgsIncludeOS.suppressTargetWarningHook ]; + ] ++ [ suppress.targetWarningHook ]; buildInputs = [ includeos diff --git a/unittests.nix b/unittests.nix index ae22628b7..6b324adf1 100644 --- a/unittests.nix +++ b/unittests.nix @@ -3,6 +3,9 @@ stdenv ? pkgs.llvmPackages_19.libcxxStdenv, withCcache ? false, }: +let + ccache = pkgs.callPackage ./nix/ccache.nix { }; +in stdenv.mkDerivation rec { pname = "unittests"; version = "dev"; @@ -10,38 +13,12 @@ stdenv.mkDerivation rec { sourceRoot = "test"; - ccacheWrapper = pkgs.ccacheWrapper.override { - inherit (stdenv) cc; - extraConfig = '' - export CCACHE_COMPRESS=1 - export CCACHE_DIR="/nix/var/cache/ccache" - export CCACHE_UMASK=007 - export CCACHE_SLOPPINESS=random_seed - if [ ! -d "$CCACHE_DIR" ]; then - echo "=====" - echo "Directory '$CCACHE_DIR' does not exist" - echo "Please create it with:" - echo " sudo mkdir -m0770 '$CCACHE_DIR'" - echo " sudo chown root:nixbld '$CCACHE_DIR'" - echo "=====" - exit 1 - fi - if [ ! -w "$CCACHE_DIR" ]; then - echo "=====" - echo "Directory '$CCACHE_DIR' is not accessible for user $(whoami)" - echo "Please verify its access permissions" - echo "=====" - exit 1 - fi - ''; - }; - srcs = [ ./test ./src ./api ./lib - ]; + ]; hardeningDisable = [ "all" ]; cmakeBuildType = "Debug"; @@ -59,7 +36,7 @@ stdenv.mkDerivation rec { pkgs.buildPackages.cmake pkgs.buildPackages.valgrind pkgs.buildPackages.clang-tools - ] ++ pkgs.lib.optionals withCcache [ccacheWrapper]; + ] ++ pkgs.lib.optionals withCcache [ccache.wrapper]; buildInputs = [ pkgs.rapidjson