aboutsummaryrefslogtreecommitdiff
path: root/contrib/guix/manifest.scm
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/guix/manifest.scm')
-rw-r--r--contrib/guix/manifest.scm107
1 files changed, 65 insertions, 42 deletions
diff --git a/contrib/guix/manifest.scm b/contrib/guix/manifest.scm
index d35ad85e56..8e5c89cc5e 100644
--- a/contrib/guix/manifest.scm
+++ b/contrib/guix/manifest.scm
@@ -21,7 +21,6 @@
(gnu packages llvm)
(gnu packages mingw)
(gnu packages moreutils)
- (gnu packages perl)
(gnu packages pkg-config)
(gnu packages python)
(gnu packages python-crypto)
@@ -78,6 +77,11 @@ http://www.linuxfromscratch.org/hlfs/view/development/chapter05/gcc-pass1.html"
(("-rpath=") "-rpath-link="))
#t))))))))
+(define building-on (string-append (list-ref (string-split (%current-system) #\-) 0) "-guix-linux-gnu"))
+
+(define (explicit-cross-configure package)
+ (package-with-extra-configure-variable package "--build" building-on))
+
(define (make-cross-toolchain target
base-gcc-for-libc
base-kernel-headers
@@ -87,9 +91,9 @@ http://www.linuxfromscratch.org/hlfs/view/development/chapter05/gcc-pass1.html"
(let* ((xbinutils (cross-binutils target))
;; 1. Build a cross-compiling gcc without targeting any libc, derived
;; from BASE-GCC-FOR-LIBC
- (xgcc-sans-libc (cross-gcc target
- #:xgcc base-gcc-for-libc
- #:xbinutils xbinutils))
+ (xgcc-sans-libc (explicit-cross-configure (cross-gcc target
+ #:xgcc base-gcc-for-libc
+ #:xbinutils xbinutils)))
;; 2. Build cross-compiled kernel headers with XGCC-SANS-LIBC, derived
;; from BASE-KERNEL-HEADERS
(xkernel (cross-kernel-headers target
@@ -98,17 +102,17 @@ http://www.linuxfromscratch.org/hlfs/view/development/chapter05/gcc-pass1.html"
xbinutils))
;; 3. Build a cross-compiled libc with XGCC-SANS-LIBC and XKERNEL,
;; derived from BASE-LIBC
- (xlibc (cross-libc target
- base-libc
- xgcc-sans-libc
- xbinutils
- xkernel))
+ (xlibc (explicit-cross-configure (cross-libc target
+ base-libc
+ xgcc-sans-libc
+ xbinutils
+ xkernel)))
;; 4. Build a cross-compiling gcc targeting XLIBC, derived from
;; BASE-GCC
- (xgcc (cross-gcc target
- #:xgcc base-gcc
- #:xbinutils xbinutils
- #:libc xlibc)))
+ (xgcc (explicit-cross-configure (cross-gcc target
+ #:xgcc base-gcc
+ #:xbinutils xbinutils
+ #:libc xlibc))))
;; Define a meta-package that propagates the resulting XBINUTILS, XLIBC, and
;; XGCC
(package
@@ -132,26 +136,19 @@ chain for " target " development."))
(define base-gcc gcc-10)
(define base-linux-kernel-headers linux-libre-headers-5.15)
-;; Building glibc with stack smashing protector first landed in glibc 2.25, use
-;; this function to disable for older glibcs
-;;
-;; From glibc 2.25 changelog:
-;;
-;; * Most of glibc can now be built with the stack smashing protector enabled.
-;; It is recommended to build glibc with --enable-stack-protector=strong.
-;; Implemented by Nick Alcock (Oracle).
-(define (make-glibc-without-ssp xglibc)
- (package-with-extra-configure-variable
- (package-with-extra-configure-variable
- xglibc "libc_cv_ssp" "no")
- "libc_cv_ssp_strong" "no"))
+;; https://gcc.gnu.org/install/configure.html
+(define (hardened-gcc gcc)
+ (package-with-extra-configure-variable (
+ package-with-extra-configure-variable gcc
+ "--enable-default-ssp" "yes")
+ "--enable-default-pie" "yes"))
(define* (make-bitcoin-cross-toolchain target
#:key
(base-gcc-for-libc base-gcc)
(base-kernel-headers base-linux-kernel-headers)
- (base-libc (make-glibc-without-ssp (make-glibc-without-werror glibc-2.24)))
- (base-gcc (make-gcc-rpath-link base-gcc)))
+ (base-libc (make-glibc-with-bind-now (make-glibc-without-werror glibc-2.24)))
+ (base-gcc (make-gcc-rpath-link (hardened-gcc base-gcc))))
"Convenience wrapper around MAKE-CROSS-TOOLCHAIN with default values
desirable for building Bitcoin Core release binaries."
(make-cross-toolchain target
@@ -161,7 +158,10 @@ desirable for building Bitcoin Core release binaries."
base-gcc))
(define (make-gcc-with-pthreads gcc)
- (package-with-extra-configure-variable gcc "--enable-threads" "posix"))
+ (package-with-extra-configure-variable
+ (package-with-extra-patches gcc
+ (search-our-patches "gcc-10-remap-guix-store.patch"))
+ "--enable-threads" "posix"))
(define (make-mingw-w64-cross-gcc cross-gcc)
(package-with-extra-patches cross-gcc
@@ -198,12 +198,17 @@ chain for " target " development."))
(define (make-nsis-for-gcc-10 base-nsis)
(package-with-extra-patches base-nsis
- (search-our-patches "nsis-gcc-10-memmove.patch")))
+ (search-our-patches "nsis-gcc-10-memmove.patch"
+ "nsis-disable-installer-reloc.patch")))
+
+(define (fix-ppc64-nx-default lief)
+ (package-with-extra-patches lief
+ (search-our-patches "lief-fix-ppc64-nx-default.patch")))
(define-public lief
(package
(name "python-lief")
- (version "0.12.0")
+ (version "0.12.1")
(source
(origin
(method git-fetch)
@@ -213,8 +218,15 @@ chain for " target " development."))
(file-name (git-file-name name version))
(sha256
(base32
- "026jchj56q25v6gc0754dj9cj5hz5zaza8ij93y5ga94w20kzm9q"))))
+ "1xzbh3bxy4rw1yamnx68da1v5s56ay4g081cyamv67256g0qy2i1"))))
(build-system python-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'parallel-jobs
+ ;; build with multiple cores
+ (lambda _
+ (substitute* "setup.py" (("self.parallel if self.parallel else 1") (number->string (parallel-job-count)))))))))
(native-inputs
`(("cmake" ,cmake)))
(home-page "https://github.com/lief-project/LIEF")
@@ -256,7 +268,7 @@ thus should be able to compile on most platforms where these exist.")
(license license:gpl3+))) ; license is with openssl exception
(define-public python-elfesteem
- (let ((commit "87bbd79ab7e361004c98cc8601d4e5f029fd8bd5"))
+ (let ((commit "2eb1e5384ff7a220fd1afacd4a0170acff54fe56"))
(package
(name "python-elfesteem")
(version (git-version "0.1" "1" commit))
@@ -269,8 +281,7 @@ thus should be able to compile on most platforms where these exist.")
(file-name (git-file-name name commit))
(sha256
(base32
- "1nyvjisvyxyxnd0023xjf5846xd03lwawp5pfzr8vrky7wwm5maz"))
- (patches (search-our-patches "elfsteem-value-error-python-39.patch"))))
+ "07x6p8clh11z8s1n2kdxrqwqm2almgc5qpkcr9ckb6y5ivjdr5r6"))))
(build-system python-build-system)
;; There are no tests, but attempting to run python setup.py test leads to
;; PYTHONPATH problems, just disable the test
@@ -403,6 +414,11 @@ thus should be able to compile on most platforms where these exist.")
(string-append indent
"@unittest.skip(\"Disabled by Guix\")\n"
line)))
+ (substitute* "tests/test_validate.py"
+ (("^(.*)def test_revocation_mode_soft" line indent)
+ (string-append indent
+ "@unittest.skip(\"Disabled by Guix\")\n"
+ line)))
#t))
(replace 'check
(lambda _
@@ -521,6 +537,12 @@ inspecting signatures in Mach-O binaries.")
(define (make-glibc-without-werror glibc)
(package-with-extra-configure-variable glibc "enable_werror" "no"))
+(define (make-glibc-with-stack-protector glibc)
+ (package-with-extra-configure-variable glibc "--enable-stack-protector" "all"))
+
+(define (make-glibc-with-bind-now glibc)
+ (package-with-extra-configure-variable glibc "--enable-bind-now" "yes"))
+
(define-public glibc-2.24
(package
(inherit glibc-2.31)
@@ -538,7 +560,8 @@ inspecting signatures in Mach-O binaries.")
"glibc-versioned-locpath.patch"
"glibc-2.24-elfm-loadaddr-dynamic-rewrite.patch"
"glibc-2.24-no-build-time-cxx-header-run.patch"
- "glibc-2.24-fcommon.patch"))))))
+ "glibc-2.24-fcommon.patch"
+ "glibc-2.24-guix-prefix.patch"))))))
(define-public glibc-2.27/bitcoin-patched
(package
@@ -555,7 +578,8 @@ inspecting signatures in Mach-O binaries.")
"1b2n1gxv9f4fd5yy68qjbnarhf8mf4vmlxk10i3328c1w5pmp0ca"))
(patches (search-our-patches "glibc-ldd-x86_64.patch"
"glibc-2.27-riscv64-Use-__has_include-to-include-asm-syscalls.h.patch"
- "glibc-2.27-dont-redefine-nss-database.patch"))))))
+ "glibc-2.27-dont-redefine-nss-database.patch"
+ "glibc-2.27-guix-prefix.patch"))))))
(packages->manifest
(append
@@ -590,12 +614,11 @@ inspecting signatures in Mach-O binaries.")
gcc-toolchain-10
(list gcc-toolchain-10 "static")
;; Scripting
- perl
python-3
;; Git
- git
+ git-minimal
;; Tests
- lief)
+ (fix-ppc64-nx-default lief))
(let ((target (getenv "HOST")))
(cond ((string-suffix? "-mingw32" target)
;; Windows
@@ -606,8 +629,8 @@ inspecting signatures in Mach-O binaries.")
((string-contains target "-linux-")
(list (cond ((string-contains target "riscv64-")
(make-bitcoin-cross-toolchain target
- #:base-libc (make-glibc-without-werror glibc-2.27/bitcoin-patched)
- #:base-kernel-headers base-linux-kernel-headers))
+ #:base-libc (make-glibc-with-stack-protector
+ (make-glibc-with-bind-now (make-glibc-without-werror glibc-2.27/bitcoin-patched)))))
(else
(make-bitcoin-cross-toolchain target)))))
((string-contains target "darwin")
generated by cgit v1.2.3 (git 2.26.2) at 2024-10-02 22:02:09 +0000