pkgs/by-name/lk/lkl/package.nix at python-updates

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / by-name / lk / lkl / package.nix
at python-updates 120 lines 3.4 kB view raw
wrap content
  1{
  2  lib,
  3  stdenv,
  4  fetchFromGitHub,
  5  bc,
  6  python3,
  7  bison,
  8  flex,
  9  fuse3,
 10  libarchive,
 11  buildPackages,
 12
 13  firewallSupport ? false,
 14}:
 15
 16stdenv.mkDerivation {
 17  pname = "lkl";
 18
 19  version = "2025-11-13";
 20
 21  outputs = [
 22    "dev"
 23    "lib"
 24    "out"
 25  ];
 26
 27  src = fetchFromGitHub {
 28    owner = "lkl";
 29    repo = "linux";
 30    rev = "9c51103caa1481493ebbbaf858f016e7f25ab921";
 31    hash = "sha256-7S1lA6qfpGLj5lCqdOEEfcChxNw+35SC/NEjFWcwvko=";
 32  };
 33
 34  nativeBuildInputs = [
 35    bc
 36    bison
 37    flex
 38    python3
 39  ];
 40
 41  buildInputs = [
 42    fuse3
 43    libarchive
 44  ];
 45
 46  postPatch = ''
 47    # Fix a /usr/bin/env reference in here that breaks sandboxed builds
 48    patchShebangs arch/lkl/scripts
 49
 50    patchShebangs scripts/ld-version.sh
 51  ''
 52  + lib.optionalString (stdenv.hostPlatform.isi686 || stdenv.hostPlatform.isLoongArch64) ''
 53    echo CONFIG_KALLSYMS=n >> arch/lkl/configs/defconfig
 54    echo CONFIG_KALLSYMS_BASE_RELATIVE=n >> arch/lkl/configs/defconfig
 55  ''
 56  + lib.optionalString firewallSupport ''
 57    cat ${./lkl-defconfig-enable-nftables} >> arch/lkl/configs/defconfig
 58  '';
 59
 60  installPhase = ''
 61    mkdir -p $out/bin $lib/lib $dev
 62
 63    cp tools/lkl/bin/lkl-hijack.sh $out/bin
 64    sed -i $out/bin/lkl-hijack.sh \
 65        -e "s,LD_LIBRARY_PATH=.*,LD_LIBRARY_PATH=$lib/lib,"
 66
 67    cp tools/lkl/{cptofs,fs2tar,lklfuse} $out/bin
 68    ln -s cptofs $out/bin/cpfromfs
 69    cp -r tools/lkl/include $dev/
 70    cp tools/lkl/liblkl.a \
 71       tools/lkl/lib/liblkl.so \
 72       tools/lkl/lib/hijack/liblkl-hijack.so $lib/lib
 73  '';
 74
 75  postFixup = ''
 76    ln -s $out/bin/lklfuse $out/bin/mount.fuse.lklfuse
 77  '';
 78
 79  # We turn off format and fortify because of these errors (fortify implies -O2, which breaks the jitter entropy code):
 80  #   fs/xfs/xfs_log_recover.c:2575:3: error: format not a string literal and no format arguments [-Werror=format-security]
 81  #   crypto/jitterentropy.c:54:3: error: #error "The CPU Jitter random number generator must not be compiled with optimizations. See documentation. Use the compiler switch -O0 for compiling jitterentropy.c."
 82  hardeningDisable = [
 83    "format"
 84    "fortify"
 85  ];
 86
 87  # Fixes the following error when using liblkl-hijack.so on aarch64-linux:
 88  # symbol lookup error: liblkl-hijack.so: undefined symbol: __aarch64_ldadd4_sync
 89  env.NIX_CFLAGS_LINK = "-lgcc_s";
 90
 91  # Fixes the following error when linking on loongarch64-linux:
 92  # ld: tools/lkl/liblkl.a(lkl.o): relocation R_LARCH_PCREL20_S2 overflow 0x200090
 93  # ld: recompile with 'gcc -mno-relax' or 'as -mno-relax' or 'ld --no-relax'
 94  # ld: final link failed: bad value
 95  env.NIX_LDFLAGS = lib.optionalString stdenv.hostPlatform.isLoongArch64 "--no-relax";
 96
 97  makeFlags = [
 98    "-C tools/lkl"
 99    "CC=${stdenv.cc}/bin/${stdenv.cc.targetPrefix}cc"
100    "HOSTCC=${buildPackages.stdenv.cc}/bin/${buildPackages.stdenv.cc.targetPrefix}cc"
101    "CROSS_COMPILE=${stdenv.cc.targetPrefix}"
102  ];
103
104  enableParallelBuilding = true;
105
106  meta = {
107    description = "Linux kernel as a library";
108    longDescription = ''
109      LKL (Linux Kernel Library) aims to allow reusing the Linux kernel code as
110      extensively as possible with minimal effort and reduced maintenance
111      overhead
112    '';
113    homepage = "https://github.com/lkl/linux/";
114    platforms = lib.platforms.linux; # Darwin probably works too but I haven't tested it
115    license = lib.licenses.gpl2;
116    maintainers = with lib.maintainers; [
117      timschumi
118    ];
119  };
120}