multicompiler: add multicompiler package #30632
Conversation
Allows setting specific prefix for C compiler targets. This can be
useful when multiple compilers should be available side-by-side; the
default wrapper operation creates '${out}/bin/cc' and
'${out}/bin/c++', generating a prefix only when the targetPlatform is
different. The new optional 'overridePrefix' parameter allows a
specific prefix (e.g. llvm and gcc could be used side-by-side by
building llvm with 'overridePrefix="llvm"' to subsequently invoke it
as 'llvmcc'.
Adds the multicompiler variation of clang/llvm which allows compiling with artificial software diversity.
|
Please note that the checks fail due to the Travis timeout on the build job; building llvm+clang takes longer than Travis will allow, but I have built this successfully in a local sandbox... several times, unfortunately :-). |
|
Can you update this for latest master? I'll review this shortly... Also pinging cc-wrapper maintainers @Ericson2314 @orivej |
| @@ -0,0 +1,140 @@ | |||
| { pkgs ? import <nixpkgs> {} | |||
There was a problem hiding this comment.
Remove this please, add dependencies as arguments instead.
| cd .. | ||
| ''; | ||
|
|
||
| buildInputs = with pkgs; [ cmake libedit libxml2 llvm python perl groff libffi ]; |
There was a problem hiding this comment.
cmake, python, perl, and groff should be "nativeBuildInputs".
| postPatch = '' | ||
| #sed -i -e 's/Args.hasArg(options::OPT_nostdlibinc)/true/' lib/Driver/Tools.cpp | ||
| #sed -i -e 's/DriverArgs.hasArg(options::OPT_nostdlibinc)/true/' lib/Driver/ToolChains.cpp | ||
| ''; |
There was a problem hiding this comment.
Please look at current LLVM/Clang 3.5 expressions and sync this to match updates/fixes there.
| # Clang expects to find LLVMgold in its own prefix | ||
| # Clang expects to find sanitizer libraries in its own prefix | ||
| postInstall = '' | ||
| #ln -sv ${pkgs.llvm}/lib/LLVMgold.so $out/lib |
|
Oh! I am sorry I didn't see this earlier. I have in fact used the multicompiler. |
|
This had looked pretty good modulo @dtzWill's comments. Now that we support cross compilation with llvm, it should be easier too. |
Motivation for this change
Adds the multicompiler, which is a fork of the llvm-based clang which provides artificial software diversity to protect software from code-reuse attacks.
Things done
build-use-sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)