WIP: improve support for crosscompiling to musl32 #62817
Conversation
The makefile patch pulled from alpinelinux used to enable stackprotector unconditionally. This change use the nixpkgs flag hardeningEnable. This is required to support platform where stackprotector has problems.
|
This pull request has been mentioned on Nix community. There might be relevant details there: https://discourse.nixos.org/t/crosscompilation-to-musl32-problems/3110/5 |
The patches from alpinelinux failed to apply to v2.8.5, on the other hand upstream has added support for musl based system in the master branch on github [1]. The patch has been added to the nixpkgs repo since it needs to be modified slightly, a copyright notice has been removed, to apply cleanly. 1. linux-audit/audit-userspace@d579a08
Without this change crosscompiling fails because perl is not found during configure.
ofborg
bot
added
10.rebuild-darwin: 501+
10.rebuild-darwin: 501-1000
and removed
10.rebuild-darwin: 101-500
labels
Disable the pipe rewind related feature since musl has no support for it.
| url = https://git.alpinelinux.org/cgit/aports/plain/main/libexecinfo/30-linux-makefile.patch?id=730cdcef6901750f4029d4c3b8639ce02ee3ead1; | ||
| sha256 = "1jwjz22z5cjy5h2bfghn62yl9ar8jiqhdvbwrcfavv17ihbhwcaf"; | ||
| }) | ||
| ./30-linux-makefile.patch |
There was a problem hiding this comment.
I wonder if alpine has a way to get ssp working?
There was a problem hiding this comment.
@matthewbauer Alpinelinux creates a small libssp_nonshared library in the musl-dev package.
https://git.alpinelinux.org/aports/tree/main/musl?h=master
I've recreated it in my local nixpkgs repo, however I'm not sure how to automatically link with libssp_nonshared.a.
Do you have a hint?
There was a problem hiding this comment.
You probably need to put it in musl's $out/lib/libssp_nonshared.a. Unfortunately we also need to apply this patch to GCC:
https://git.alpinelinux.org/aports/tree/main/gcc/gcc-6.1-musl-libssp.patch
That would probably be okay to apply to GCC, but maybe only on i686-musl builds.
|
For context: is this problem irrelevant in 64-bit case? |
I have never seen it on x86_64. I think it could be possible to hit it with some messy linking, but I would prefer to limit the patching to just i*86 for now. |
In order to support stackprotector on musl32, this change import a couple of patches from alpinelinux: 1. libssp_nonshared.a is built alongside musl's libc 2. the above library is automatically linked when compiling with gcc6 or gcc7
|
I successfully used this PR to compile openssl. |
|
Can we submit some of these patches upstream and |
@Ericson2314 I'll look into this the next week. I would like to have this PR merged somewhere in the future, but I need guidance about the correct branch to use since I fear it will cause a massive rebuild. |
|
@wfranzini this should target the |
|
Thank you for your contributions.
|
stale
bot
added
the
2.status: stale
|
I would really like to see this merged in one form or another. |
stale
bot
removed
the
2.status: stale
| From d579a08bb1cde71f939c13ac6b2261052ae9f77e Mon Sep 17 00:00:00 2001 | ||
| From: Steve Grubb <sgrubb@redhat.com> | ||
| Date: Tue, 26 Feb 2019 18:33:33 -0500 | ||
| Subject: [PATCH] Add substitue functions for strndupa & rawmemchr |
There was a problem hiding this comment.
| Subject: [PATCH] Add substitue functions for strndupa & rawmemchr | |
| Subject: [PATCH] Add substitute functions for strndupa & rawmemchr |
|
Later today, I'm going to open a new PR starting from staging. |
|
I'll continue working on the cross compilation to musl32 in PR #89471 |
Motivation for this change
Crosscompiling packages to musl32 lead to compilation errors due to the missing
__stack_chk_fail_localsymbol. Even building nix fails. This PR disable stackprotector for musl32.Things done
sandboxinnix.confon non-NixOS)nix-shell -p nix-review --run "nix-review wip"./result/bin/)nix path-info -Sbefore and after)