From 111db8b38fd8350d92d72fa17fd3d9e8ef5a0e09 Mon Sep 17 00:00:00 2001 From: Qyriad Date: Thu, 18 Apr 2024 16:15:24 -0600 Subject: [PATCH 1/2] meson: correctly embed sandbox shell when asked Change-Id: I2f6c0d42245204a516d2e424eea26a6391e975ad --- meson.build | 10 ++++++++++ meson.options | 4 ++-- package.nix | 1 + src/libstore/meson.build | 18 ++++++++++++++++++ 4 files changed, 31 insertions(+), 2 deletions(-) diff --git a/meson.build b/meson.build index 0c0bfb8f0..2128ec6e2 100644 --- a/meson.build +++ b/meson.build @@ -284,6 +284,16 @@ endif # Used to workaround https://github.com/mesonbuild/meson/issues/2320 in src/nix/meson.build. installcmd = find_program('install') +enable_embedded_sandbox_shell = get_option('enable-embedded-sandbox-shell') +if enable_embedded_sandbox_shell + # This one goes in config.h + # The path to busybox is passed as a -D flag when compiling libstore. + # Idk why, ask the old buildsystem. + configdata += { + 'HAVE_EMBEDDED_SANDBOX_SHELL': 1, + } +endif + sandbox_shell = get_option('sandbox-shell') # Consider it required if we're on Linux and the user explicitly specified a non-default value. sandbox_shell_required = sandbox_shell != 'busybox' and host_machine.system() == 'linux' diff --git a/meson.options b/meson.options index 48ac63bc7..6b13fa8a0 100644 --- a/meson.options +++ b/meson.options @@ -7,8 +7,8 @@ option('enable-build', type : 'boolean', value : true, option('gc', type : 'feature', description : 'enable garbage collection in the Nix expression evaluator (requires Boehm GC)', ) -# TODO(Qyriad): is this feature maintained? -option('embedded-sandbox-shell', type : 'feature', + +option('enable-embedded-sandbox-shell', type : 'boolean', value : false, description : 'include the sandbox shell in the Nix binary', ) diff --git a/package.nix b/package.nix index aab98c0ae..9a2e08038 100644 --- a/package.nix +++ b/package.nix @@ -182,6 +182,7 @@ stdenv.mkDerivation (finalAttrs: { lib.optionals (buildWithMeson && stdenv.hostPlatform.isLinux) [ "-Dsandbox-shell=${lib.getBin busybox-sandbox-shell}/bin/busybox" ] + ++ lib.optional stdenv.hostPlatform.isStatic "-Denable-embedded-sandbox-shell=true" ++ lib.optional (finalAttrs.dontBuild) "-Denable-build=false" # mesonConfigurePhase automatically passes -Dauto_features=enabled, # so we must explicitly enable or disable features that we are not passing diff --git a/src/libstore/meson.build b/src/libstore/meson.build index fbf818825..e1c6c267a 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -10,6 +10,24 @@ foreach header : [ 'schema.sql', 'ca-specific-schema.sql' ] ) endforeach +if enable_embedded_sandbox_shell + hexdump = find_program('hexdump', required : true) + embedded_sandbox_shell_gen = custom_target( + 'embedded-sandbox-shell.gen.hh', + command : [ + hexdump, + '-v', + '-e', + '1/1 "0x%x," "\n"' + ], + input : busybox.full_path(), + output : 'embedded-sandbox-shell.gen.hh', + capture : true, + feed : true, + ) + libstore_generated_headers += embedded_sandbox_shell_gen +endif + libstore_sources = files( 'binary-cache-store.cc', 'build-result.cc', From 9e1b0b04adaab13c7cfcff07c57167c52323185c Mon Sep 17 00:00:00 2001 From: Qyriad Date: Wed, 17 Apr 2024 20:07:38 -0600 Subject: [PATCH 2/2] meson: flip the switch!! MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit makes Meson the default buildsystem for Lix. The Make buildsystem is now deprecated and will be removed soon, but has not yet, which will be done in a later commit when all seems good. The mesonBuild jobs have been removed, and have not been replaced with equivalent jobs to ensure the Make buildsystem still works. The full, new commands in a development shell are: $ meson setup ./build "--prefix=$out" $mesonFlags (A simple `meson setup ./build` will also build, but will do a different thing, not having the settings from package.nix applied.) $ meson compile -C build $ meson test -C build --suite=check $ meson install -C build $ meson test -C build --suite=installcheck (Check and installcheck may both be done after install, allowing you to omit the --suite argument entirely, but this is the order package.nix runs them in.) If tests fail and Meson helpfully has no output for why, use the `--print-error-logs` option to `meson test`. Why this is not the default I cannot explain. If you change a setting in the buildsystem, most cases will automatically regenerate the Meson configuration, but some cases, like trying to build a specific target whose name is new to the buildsystem (e.g. `meson compile -C build src/libmelt/libmelt.dylib`, when `libmelt.dylib` did not exist as a target the last time the buildsystem was generated), then you can reconfigure using new settings but existing options, and only recompiling stuff affected by the changes: $ meson setup --reconfigure build Note that changes to the default values in `meson.options` or in the `default_options :` argument to project() are NOT propagated with `--reconfigure`. If you want a totally clean build, you can use: $ meson setup --wipe build That will work regardless of if `./build` exists or not. Specific, named targets may be addressed in `meson build -C build ` with "target ID" if there is one, which is the first string argument passed to target functions that have one, and unrelated to the variable name, e.g.: libexpr_dylib = library('nixexpr', …) can be addressed with: $ meson compile -C build nixexpr All targets may be addressed as their output, relative to the build directory, e.g.: $ meson compile -C build src/libexpr/libnixexpr.so But Meson does not consider intermediate files like object files targets. To build a specific object file, use Ninja directly and specify the output file relative to the build directory: $ ninja -C build src/libexpr/libnixexpr.so.p/nixexpr.cc.o To inspect the canonical source of truth on what the state of the buildsystem configuration is, use: $ meson introspect Have fun! Change-Id: Ia3e7b1e6fae26daf3162e655b4ded611a5cd57ad --- flake.nix | 22 ---------------------- package.nix | 2 +- 2 files changed, 1 insertion(+), 23 deletions(-) diff --git a/flake.nix b/flake.nix index bb03b16ab..e8526f5c4 100644 --- a/flake.nix +++ b/flake.nix @@ -196,24 +196,6 @@ } ); - # FIXME(Qyriad): remove this when the migration to Meson has been completed. - # NOTE: mesonBuildClang depends on mesonBuild depends on build to avoid OOMs - # on aarch64 builders caused by too many parallel compiler/linker processes. - mesonBuild = forAllSystems ( - system: - (self.packages.${system}.nix.override { buildWithMeson = true; }).overrideAttrs (prev: { - buildInputs = prev.buildInputs ++ [ self.packages.${system}.nix ]; - }) - ); - mesonBuildClang = forAllSystems ( - system: - (nixpkgsFor.${system}.stdenvs.clangStdenvPackages.nix.override { buildWithMeson = true; }) - .overrideAttrs - (prev: { - buildInputs = prev.buildInputs ++ [ self.hydraJobs.mesonBuild.${system} ]; - }) - ); - # Perl bindings for various platforms. perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nix.perl-bindings); @@ -237,7 +219,6 @@ inherit (pkgs) build-release-notes; internalApiDocs = true; busybox-sandbox-shell = pkgs.busybox-sandbox-shell; - buildWithMeson = true; }; in nix.overrideAttrs (prev: { @@ -367,9 +348,6 @@ checks = forAllSystems ( system: { - # FIXME(Qyriad): remove this when the migration to Meson has been completed. - mesonBuild = self.hydraJobs.mesonBuild.${system}; - mesonBuildClang = self.hydraJobs.mesonBuildClang.${system}; binaryTarball = self.hydraJobs.binaryTarball.${system}; perlBindings = self.hydraJobs.perlBindings.${system}; nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system}; diff --git a/package.nix b/package.nix index 9a2e08038..b4144becc 100644 --- a/package.nix +++ b/package.nix @@ -62,7 +62,7 @@ # FIXME(Qyriad): build Lix using Meson instead of autoconf and make. # This flag will be removed when the migration to Meson is complete. - buildWithMeson ? false, + buildWithMeson ? true, # Not a real argument, just the only way to approximate let-binding some # stuff for argument defaults.