third_party/nix: introduce toolchain bundle
This introduces a nix derivation that builds a musl amd64/aarch64
toolchain sysroot.
Change-Id: Iba082edb8fd1f2ab580020bb1c7339a76487f3c8
Reviewed-on: https://review.monogon.dev/c/monogon/+/4006
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI
diff --git a/MODULE.bazel b/MODULE.bazel
index 0dcb084..139bfc3 100644
--- a/MODULE.bazel
+++ b/MODULE.bazel
@@ -93,6 +93,7 @@
bazel_dep(name = "rules_proto", version = "7.1.0")
bazel_dep(name = "rules_proto_grpc_doc", version = "5.1.0")
bazel_dep(name = "rules_proto_grpc_buf", version = "5.1.0")
+bazel_dep(name = "rules_foreign_cc", version = "0.14.0")
# Currently supported version are listed here:
# https://protobuf.dev/support/version-support/
@@ -124,7 +125,10 @@
register_toolchains("//build/toolchain/rust-efi:prost_efi_toolchain")
+register_toolchains("//build/toolchain/toolchain-bundle:all")
+
include("//build/bazel:rust.MODULE.bazel")
include("//build/bazel:go.MODULE.bazel")
include("//build/bazel:oci.MODULE.bazel")
include("//build/bazel:third_party.MODULE.bazel")
+include("//build/bazel:toolchain.MODULE.bazel")
diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock
index 773a633..7c46418 100644
--- a/MODULE.bazel.lock
+++ b/MODULE.bazel.lock
@@ -138,6 +138,8 @@
"https://bcr.bazel.build/modules/rules_cc/0.1.1/MODULE.bazel": "2f0222a6f229f0bf44cd711dc13c858dad98c62d52bd51d8fc3a764a83125513",
"https://bcr.bazel.build/modules/rules_cc/0.1.2/MODULE.bazel": "557ddc3a96858ec0d465a87c0a931054d7dcfd6583af2c7ed3baf494407fd8d0",
"https://bcr.bazel.build/modules/rules_cc/0.1.2/source.json": "53fcb09b5816c83ca60d9d7493faf3bfaf410dfc2f15deb52d6ddd146b8d43f0",
+ "https://bcr.bazel.build/modules/rules_foreign_cc/0.14.0/MODULE.bazel": "56fb9a239503bab4183d06ba6cabb01cd73aae296ab499085b9193624a8a66e2",
+ "https://bcr.bazel.build/modules/rules_foreign_cc/0.14.0/source.json": "64ccb6c4bff8afc336a24af2487b4557b8d2b13f981f2d8190983bc196b36a68",
"https://bcr.bazel.build/modules/rules_foreign_cc/0.9.0/MODULE.bazel": "c9e8c682bf75b0e7c704166d79b599f93b72cfca5ad7477df596947891feeef6",
"https://bcr.bazel.build/modules/rules_fuzzing/0.5.2/MODULE.bazel": "40c97d1144356f52905566c55811f13b299453a14ac7769dfba2ac38192337a8",
"https://bcr.bazel.build/modules/rules_go/0.55.1/MODULE.bazel": "a57a6fc59a74326c0b440d07cca209edf13c7d1a641e48cfbeab56e79f873609",
@@ -205,6 +207,7 @@
"https://bcr.bazel.build/modules/rules_python/0.4.0/MODULE.bazel": "9208ee05fd48bf09ac60ed269791cf17fb343db56c8226a720fbb1cdf467166c",
"https://bcr.bazel.build/modules/rules_python/0.40.0/MODULE.bazel": "9d1a3cd88ed7d8e39583d9ffe56ae8a244f67783ae89b60caafc9f5cf318ada7",
"https://bcr.bazel.build/modules/rules_python/1.0.0/MODULE.bazel": "898a3d999c22caa585eb062b600f88654bf92efb204fa346fb55f6f8edffca43",
+ "https://bcr.bazel.build/modules/rules_python/1.1.0/MODULE.bazel": "57e01abae22956eb96d891572490d20e07d983e0c065de0b2170cafe5053e788",
"https://bcr.bazel.build/modules/rules_python/1.4.1/MODULE.bazel": "8991ad45bdc25018301d6b7e1d3626afc3c8af8aaf4bc04f23d0b99c938b73a6",
"https://bcr.bazel.build/modules/rules_python/1.4.1/source.json": "8ec8c90c70ccacc4de8ca1b97f599e756fb59173e898ee08b733006650057c07",
"https://bcr.bazel.build/modules/rules_rust/0.61.0/MODULE.bazel": "0318a95777b9114c8740f34b60d6d68f9cfef61e2f4b52424ca626213d33787b",
@@ -425,6 +428,390 @@
]
}
},
+ "@@rules_foreign_cc+//foreign_cc:extensions.bzl%tools": {
+ "general": {
+ "bzlTransitiveDigest": "s250RunLyhfcQbKIaaBuMfP5f663Spl3T3NSHanLTeY=",
+ "usagesDigest": "Eyh4mAOi6L+Nn/lY/wQBJclQrmBnWdQM+B4lZeq6azA=",
+ "recordedFileInputs": {},
+ "recordedDirentsInputs": {},
+ "envVariables": {},
+ "generatedRepoSpecs": {
+ "rules_foreign_cc_framework_toolchain_linux": {
+ "repoRuleId": "@@rules_foreign_cc+//foreign_cc/private/framework:toolchain.bzl%framework_toolchain_repository",
+ "attributes": {
+ "commands_src": "@rules_foreign_cc//foreign_cc/private/framework/toolchains:linux_commands.bzl",
+ "exec_compatible_with": [
+ "@platforms//os:linux"
+ ]
+ }
+ },
+ "rules_foreign_cc_framework_toolchain_freebsd": {
+ "repoRuleId": "@@rules_foreign_cc+//foreign_cc/private/framework:toolchain.bzl%framework_toolchain_repository",
+ "attributes": {
+ "commands_src": "@rules_foreign_cc//foreign_cc/private/framework/toolchains:freebsd_commands.bzl",
+ "exec_compatible_with": [
+ "@platforms//os:freebsd"
+ ]
+ }
+ },
+ "rules_foreign_cc_framework_toolchain_windows": {
+ "repoRuleId": "@@rules_foreign_cc+//foreign_cc/private/framework:toolchain.bzl%framework_toolchain_repository",
+ "attributes": {
+ "commands_src": "@rules_foreign_cc//foreign_cc/private/framework/toolchains:windows_commands.bzl",
+ "exec_compatible_with": [
+ "@platforms//os:windows"
+ ]
+ }
+ },
+ "rules_foreign_cc_framework_toolchain_macos": {
+ "repoRuleId": "@@rules_foreign_cc+//foreign_cc/private/framework:toolchain.bzl%framework_toolchain_repository",
+ "attributes": {
+ "commands_src": "@rules_foreign_cc//foreign_cc/private/framework/toolchains:macos_commands.bzl",
+ "exec_compatible_with": [
+ "@platforms//os:macos"
+ ]
+ }
+ },
+ "rules_foreign_cc_framework_toolchains": {
+ "repoRuleId": "@@rules_foreign_cc+//foreign_cc/private/framework:toolchain.bzl%framework_toolchain_repository_hub",
+ "attributes": {}
+ },
+ "cmake_src": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "filegroup(\n name = \"all_srcs\",\n srcs = glob([\"**\"]),\n visibility = [\"//visibility:public\"],\n)\n",
+ "sha256": "f316b40053466f9a416adf981efda41b160ca859e97f6a484b447ea299ff26aa",
+ "strip_prefix": "cmake-3.23.2",
+ "urls": [
+ "https://github.com/Kitware/CMake/releases/download/v3.23.2/cmake-3.23.2.tar.gz"
+ ],
+ "patches": [
+ "@@rules_foreign_cc+//toolchains/patches:cmake-c++11.patch"
+ ]
+ }
+ },
+ "gnumake_src": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "filegroup(\n name = \"all_srcs\",\n srcs = glob([\"**\"]),\n visibility = [\"//visibility:public\"],\n)\n",
+ "sha256": "dd16fb1d67bfab79a72f5e8390735c49e3e8e70b4945a15ab1f81ddb78658fb3",
+ "strip_prefix": "make-4.4.1",
+ "urls": [
+ "https://mirror.bazel.build/ftpmirror.gnu.org/gnu/make/make-4.4.1.tar.gz",
+ "http://ftpmirror.gnu.org/gnu/make/make-4.4.1.tar.gz"
+ ]
+ }
+ },
+ "ninja_build_src": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "filegroup(\n name = \"all_srcs\",\n srcs = glob([\"**\"]),\n visibility = [\"//visibility:public\"],\n)\n",
+ "integrity": "sha256-ghvf9Io/aDvEuztvC1/nstZHz2XVKutjMoyRpsbfKFo=",
+ "strip_prefix": "ninja-1.12.1",
+ "urls": [
+ "https://mirror.bazel.build/github.com/ninja-build/ninja/archive/v1.12.1.tar.gz",
+ "https://github.com/ninja-build/ninja/archive/v1.12.1.tar.gz"
+ ]
+ }
+ },
+ "meson_src": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "exports_files([\"meson.py\"])\n\nfilegroup(\n name = \"runtime\",\n # NOTE: excluding __pycache__ is important to avoid rebuilding due to pyc\n # files, see https://github.com/bazel-contrib/rules_foreign_cc/issues/1342\n srcs = glob([\"mesonbuild/**\"], exclude = [\"**/__pycache__/*\"]),\n visibility = [\"//visibility:public\"],\n)\n",
+ "sha256": "567e533adf255de73a2de35049b99923caf872a455af9ce03e01077e0d384bed",
+ "strip_prefix": "meson-1.5.1",
+ "urls": [
+ "https://mirror.bazel.build/github.com/mesonbuild/meson/releases/download/1.5.1/meson-1.5.1.tar.gz",
+ "https://github.com/mesonbuild/meson/releases/download/1.5.1/meson-1.5.1.tar.gz"
+ ]
+ }
+ },
+ "glib_dev": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "\ncc_import(\n name = \"glib_dev\",\n hdrs = glob([\"include/**\"]),\n shared_library = \"@glib_runtime//:bin/libglib-2.0-0.dll\",\n visibility = [\"//visibility:public\"],\n)\n ",
+ "sha256": "bdf18506df304d38be98a4b3f18055b8b8cca81beabecad0eece6ce95319c369",
+ "urls": [
+ "https://mirror.bazel.build/download.gnome.org/binaries/win64/glib/2.26/glib-dev_2.26.1-1_win64.zip",
+ "https://download.gnome.org/binaries/win64/glib/2.26/glib-dev_2.26.1-1_win64.zip"
+ ]
+ }
+ },
+ "glib_src": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "\ncc_import(\n name = \"msvc_hdr\",\n hdrs = [\"msvc_recommended_pragmas.h\"],\n visibility = [\"//visibility:public\"],\n)\n ",
+ "sha256": "bc96f63112823b7d6c9f06572d2ad626ddac7eb452c04d762592197f6e07898e",
+ "strip_prefix": "glib-2.26.1",
+ "urls": [
+ "https://mirror.bazel.build/download.gnome.org/sources/glib/2.26/glib-2.26.1.tar.gz",
+ "https://download.gnome.org/sources/glib/2.26/glib-2.26.1.tar.gz"
+ ]
+ }
+ },
+ "glib_runtime": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "\nexports_files(\n [\n \"bin/libgio-2.0-0.dll\",\n \"bin/libglib-2.0-0.dll\",\n \"bin/libgmodule-2.0-0.dll\",\n \"bin/libgobject-2.0-0.dll\",\n \"bin/libgthread-2.0-0.dll\",\n ],\n visibility = [\"//visibility:public\"],\n)\n ",
+ "sha256": "88d857087e86f16a9be651ee7021880b3f7ba050d34a1ed9f06113b8799cb973",
+ "urls": [
+ "https://mirror.bazel.build/download.gnome.org/binaries/win64/glib/2.26/glib_2.26.1-1_win64.zip",
+ "https://download.gnome.org/binaries/win64/glib/2.26/glib_2.26.1-1_win64.zip"
+ ]
+ }
+ },
+ "gettext_runtime": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "\ncc_import(\n name = \"gettext_runtime\",\n shared_library = \"bin/libintl-8.dll\",\n visibility = [\"//visibility:public\"],\n)\n ",
+ "sha256": "1f4269c0e021076d60a54e98da6f978a3195013f6de21674ba0edbc339c5b079",
+ "urls": [
+ "https://mirror.bazel.build/download.gnome.org/binaries/win64/dependencies/gettext-runtime_0.18.1.1-2_win64.zip",
+ "https://download.gnome.org/binaries/win64/dependencies/gettext-runtime_0.18.1.1-2_win64.zip"
+ ]
+ }
+ },
+ "pkgconfig_src": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "build_file_content": "filegroup(\n name = \"all_srcs\",\n srcs = glob([\"**\"]),\n visibility = [\"//visibility:public\"],\n)\n",
+ "sha256": "6fc69c01688c9458a57eb9a1664c9aba372ccda420a02bf4429fe610e7e7d591",
+ "strip_prefix": "pkg-config-0.29.2",
+ "patches": [
+ "@@rules_foreign_cc+//toolchains/patches:pkgconfig-detectenv.patch",
+ "@@rules_foreign_cc+//toolchains/patches:pkgconfig-makefile-vc.patch",
+ "@@rules_foreign_cc+//toolchains/patches:pkgconfig-builtin-glib-int-conversion.patch"
+ ],
+ "urls": [
+ "https://pkgconfig.freedesktop.org/releases/pkg-config-0.29.2.tar.gz",
+ "https://mirror.bazel.build/pkgconfig.freedesktop.org/releases/pkg-config-0.29.2.tar.gz"
+ ]
+ }
+ },
+ "bazel_features": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "sha256": "ba1282c1aa1d1fffdcf994ab32131d7c7551a9bc960fbf05f42d55a1b930cbfb",
+ "strip_prefix": "bazel_features-1.15.0",
+ "url": "https://github.com/bazel-contrib/bazel_features/releases/download/v1.15.0/bazel_features-v1.15.0.tar.gz"
+ }
+ },
+ "bazel_skylib": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "sha256": "bc283cdfcd526a52c3201279cda4bc298652efa898b10b4db0837dc51652756f",
+ "urls": [
+ "https://mirror.bazel.build/github.com/bazelbuild/bazel-skylib/releases/download/1.7.1/bazel-skylib-1.7.1.tar.gz",
+ "https://github.com/bazelbuild/bazel-skylib/releases/download/1.7.1/bazel-skylib-1.7.1.tar.gz"
+ ]
+ }
+ },
+ "rules_cc": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/bazelbuild/rules_cc/releases/download/0.0.17/rules_cc-0.0.17.tar.gz"
+ ],
+ "sha256": "abc605dd850f813bb37004b77db20106a19311a96b2da1c92b789da529d28fe1",
+ "strip_prefix": "rules_cc-0.0.17"
+ }
+ },
+ "rules_python": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "sha256": "0a158f883fc494724f25e2ce6a5c3d31fd52163a92d4b7180aef0ff9a0622f70",
+ "strip_prefix": "rules_python-1.1.0-rc0",
+ "url": "https://github.com/bazelbuild/rules_python/releases/download/1.1.0-rc0/rules_python-1.1.0-rc0.tar.gz"
+ }
+ },
+ "rules_shell": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "sha256": "d8cd4a3a91fc1dc68d4c7d6b655f09def109f7186437e3f50a9b60ab436a0c53",
+ "strip_prefix": "rules_shell-0.3.0",
+ "url": "https://github.com/bazelbuild/rules_shell/releases/download/v0.3.0/rules_shell-v0.3.0.tar.gz"
+ }
+ },
+ "cmake-3.23.2-linux-aarch64": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/Kitware/CMake/releases/download/v3.23.2/cmake-3.23.2-linux-aarch64.tar.gz"
+ ],
+ "sha256": "f2654bf780b53f170bbbec44d8ac67d401d24788e590faa53036a89476efa91e",
+ "strip_prefix": "cmake-3.23.2-linux-aarch64",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"cmake_bin\",\n srcs = [\"bin/cmake\"],\n)\n\nfilegroup(\n name = \"cmake_data\",\n srcs = glob(\n [\n \"**\",\n ],\n exclude = [\n \"WORKSPACE\",\n \"WORKSPACE.bazel\",\n \"BUILD\",\n \"BUILD.bazel\",\n \"**/* *\",\n ],\n ),\n)\n\nnative_tool_toolchain(\n name = \"cmake_tool\",\n path = \"bin/cmake\",\n target = \":cmake_data\",\n env = {\"CMAKE\": \"$(execpath :cmake_bin)\"},\n tools = [\":cmake_bin\"],\n)\n"
+ }
+ },
+ "cmake-3.23.2-linux-x86_64": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/Kitware/CMake/releases/download/v3.23.2/cmake-3.23.2-linux-x86_64.tar.gz"
+ ],
+ "sha256": "aaced6f745b86ce853661a595bdac6c5314a60f8181b6912a0a4920acfa32708",
+ "strip_prefix": "cmake-3.23.2-linux-x86_64",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"cmake_bin\",\n srcs = [\"bin/cmake\"],\n)\n\nfilegroup(\n name = \"cmake_data\",\n srcs = glob(\n [\n \"**\",\n ],\n exclude = [\n \"WORKSPACE\",\n \"WORKSPACE.bazel\",\n \"BUILD\",\n \"BUILD.bazel\",\n \"**/* *\",\n ],\n ),\n)\n\nnative_tool_toolchain(\n name = \"cmake_tool\",\n path = \"bin/cmake\",\n target = \":cmake_data\",\n env = {\"CMAKE\": \"$(execpath :cmake_bin)\"},\n tools = [\":cmake_bin\"],\n)\n"
+ }
+ },
+ "cmake-3.23.2-macos-universal": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/Kitware/CMake/releases/download/v3.23.2/cmake-3.23.2-macos-universal.tar.gz"
+ ],
+ "sha256": "853a0f9af148c5ef47282ffffee06c4c9f257be2635936755f39ca13c3286c88",
+ "strip_prefix": "cmake-3.23.2-macos-universal/CMake.app/Contents",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"cmake_bin\",\n srcs = [\"bin/cmake\"],\n)\n\nfilegroup(\n name = \"cmake_data\",\n srcs = glob(\n [\n \"**\",\n ],\n exclude = [\n \"WORKSPACE\",\n \"WORKSPACE.bazel\",\n \"BUILD\",\n \"BUILD.bazel\",\n \"**/* *\",\n ],\n ),\n)\n\nnative_tool_toolchain(\n name = \"cmake_tool\",\n path = \"bin/cmake\",\n target = \":cmake_data\",\n env = {\"CMAKE\": \"$(execpath :cmake_bin)\"},\n tools = [\":cmake_bin\"],\n)\n"
+ }
+ },
+ "cmake-3.23.2-windows-i386": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/Kitware/CMake/releases/download/v3.23.2/cmake-3.23.2-windows-i386.zip"
+ ],
+ "sha256": "6a4fcd6a2315b93cb23c93507efccacc30c449c2bf98f14d6032bb226c582e07",
+ "strip_prefix": "cmake-3.23.2-windows-i386",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"cmake_bin\",\n srcs = [\"bin/cmake.exe\"],\n)\n\nfilegroup(\n name = \"cmake_data\",\n srcs = glob(\n [\n \"**\",\n ],\n exclude = [\n \"WORKSPACE\",\n \"WORKSPACE.bazel\",\n \"BUILD\",\n \"BUILD.bazel\",\n \"**/* *\",\n ],\n ),\n)\n\nnative_tool_toolchain(\n name = \"cmake_tool\",\n path = \"bin/cmake.exe\",\n target = \":cmake_data\",\n env = {\"CMAKE\": \"$(execpath :cmake_bin)\"},\n tools = [\":cmake_bin\"],\n)\n"
+ }
+ },
+ "cmake-3.23.2-windows-x86_64": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/Kitware/CMake/releases/download/v3.23.2/cmake-3.23.2-windows-x86_64.zip"
+ ],
+ "sha256": "2329387f3166b84c25091c86389fb891193967740c9bcf01e7f6d3306f7ffda0",
+ "strip_prefix": "cmake-3.23.2-windows-x86_64",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"cmake_bin\",\n srcs = [\"bin/cmake.exe\"],\n)\n\nfilegroup(\n name = \"cmake_data\",\n srcs = glob(\n [\n \"**\",\n ],\n exclude = [\n \"WORKSPACE\",\n \"WORKSPACE.bazel\",\n \"BUILD\",\n \"BUILD.bazel\",\n \"**/* *\",\n ],\n ),\n)\n\nnative_tool_toolchain(\n name = \"cmake_tool\",\n path = \"bin/cmake.exe\",\n target = \":cmake_data\",\n env = {\"CMAKE\": \"$(execpath :cmake_bin)\"},\n tools = [\":cmake_bin\"],\n)\n"
+ }
+ },
+ "cmake_3.23.2_toolchains": {
+ "repoRuleId": "@@rules_foreign_cc+//toolchains:prebuilt_toolchains_repository.bzl%prebuilt_toolchains_repository",
+ "attributes": {
+ "repos": {
+ "cmake-3.23.2-linux-aarch64": [
+ "@platforms//cpu:aarch64",
+ "@platforms//os:linux"
+ ],
+ "cmake-3.23.2-linux-x86_64": [
+ "@platforms//cpu:x86_64",
+ "@platforms//os:linux"
+ ],
+ "cmake-3.23.2-macos-universal": [
+ "@platforms//os:macos"
+ ],
+ "cmake-3.23.2-windows-i386": [
+ "@platforms//cpu:x86_32",
+ "@platforms//os:windows"
+ ],
+ "cmake-3.23.2-windows-x86_64": [
+ "@platforms//cpu:x86_64",
+ "@platforms//os:windows"
+ ]
+ },
+ "tool": "cmake"
+ }
+ },
+ "ninja_1.12.1_linux": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/ninja-build/ninja/releases/download/v1.12.1/ninja-linux.zip"
+ ],
+ "sha256": "6f98805688d19672bd699fbbfa2c2cf0fc054ac3df1f0e6a47664d963d530255",
+ "strip_prefix": "",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"ninja_bin\",\n srcs = [\"ninja\"],\n)\n\nnative_tool_toolchain(\n name = \"ninja_tool\",\n env = {\"NINJA\": \"$(execpath :ninja_bin)\"},\n path = \"$(execpath :ninja_bin)\",\n target = \":ninja_bin\",\n)\n"
+ }
+ },
+ "ninja_1.12.1_linux-aarch64": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/ninja-build/ninja/releases/download/v1.12.1/ninja-linux-aarch64.zip"
+ ],
+ "sha256": "5c25c6570b0155e95fce5918cb95f1ad9870df5768653afe128db822301a05a1",
+ "strip_prefix": "",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"ninja_bin\",\n srcs = [\"ninja\"],\n)\n\nnative_tool_toolchain(\n name = \"ninja_tool\",\n env = {\"NINJA\": \"$(execpath :ninja_bin)\"},\n path = \"$(execpath :ninja_bin)\",\n target = \":ninja_bin\",\n)\n"
+ }
+ },
+ "ninja_1.12.1_mac": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/ninja-build/ninja/releases/download/v1.12.1/ninja-mac.zip"
+ ],
+ "sha256": "89a287444b5b3e98f88a945afa50ce937b8ffd1dcc59c555ad9b1baf855298c9",
+ "strip_prefix": "",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"ninja_bin\",\n srcs = [\"ninja\"],\n)\n\nnative_tool_toolchain(\n name = \"ninja_tool\",\n env = {\"NINJA\": \"$(execpath :ninja_bin)\"},\n path = \"$(execpath :ninja_bin)\",\n target = \":ninja_bin\",\n)\n"
+ }
+ },
+ "ninja_1.12.1_mac_aarch64": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/ninja-build/ninja/releases/download/v1.12.1/ninja-mac.zip"
+ ],
+ "sha256": "89a287444b5b3e98f88a945afa50ce937b8ffd1dcc59c555ad9b1baf855298c9",
+ "strip_prefix": "",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"ninja_bin\",\n srcs = [\"ninja\"],\n)\n\nnative_tool_toolchain(\n name = \"ninja_tool\",\n env = {\"NINJA\": \"$(execpath :ninja_bin)\"},\n path = \"$(execpath :ninja_bin)\",\n target = \":ninja_bin\",\n)\n"
+ }
+ },
+ "ninja_1.12.1_win": {
+ "repoRuleId": "@@bazel_tools//tools/build_defs/repo:http.bzl%http_archive",
+ "attributes": {
+ "urls": [
+ "https://github.com/ninja-build/ninja/releases/download/v1.12.1/ninja-win.zip"
+ ],
+ "sha256": "f550fec705b6d6ff58f2db3c374c2277a37691678d6aba463adcbb129108467a",
+ "strip_prefix": "",
+ "build_file_content": "load(\"@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl\", \"native_tool_toolchain\")\n\npackage(default_visibility = [\"//visibility:public\"])\n\nfilegroup(\n name = \"ninja_bin\",\n srcs = [\"ninja.exe\"],\n)\n\nnative_tool_toolchain(\n name = \"ninja_tool\",\n env = {\"NINJA\": \"$(execpath :ninja_bin)\"},\n path = \"$(execpath :ninja_bin)\",\n target = \":ninja_bin\",\n)\n"
+ }
+ },
+ "ninja_1.12.1_toolchains": {
+ "repoRuleId": "@@rules_foreign_cc+//toolchains:prebuilt_toolchains_repository.bzl%prebuilt_toolchains_repository",
+ "attributes": {
+ "repos": {
+ "ninja_1.12.1_linux": [
+ "@platforms//cpu:x86_64",
+ "@platforms//os:linux"
+ ],
+ "ninja_1.12.1_linux-aarch64": [
+ "@platforms//cpu:aarch64",
+ "@platforms//os:linux"
+ ],
+ "ninja_1.12.1_mac": [
+ "@platforms//cpu:x86_64",
+ "@platforms//os:macos"
+ ],
+ "ninja_1.12.1_mac_aarch64": [
+ "@platforms//cpu:aarch64",
+ "@platforms//os:macos"
+ ],
+ "ninja_1.12.1_win": [
+ "@platforms//cpu:x86_64",
+ "@platforms//os:windows"
+ ]
+ },
+ "tool": "ninja"
+ }
+ }
+ },
+ "recordedRepoMappingEntries": [
+ [
+ "rules_foreign_cc+",
+ "bazel_tools",
+ "bazel_tools"
+ ],
+ [
+ "rules_foreign_cc+",
+ "rules_foreign_cc",
+ "rules_foreign_cc+"
+ ]
+ ]
+ }
+ },
"@@rules_java+//java:rules_java_deps.bzl%compatibility_proxy": {
"general": {
"bzlTransitiveDigest": "84xJEZ1jnXXwo8BXMprvBm++rRt4jsTu9liBxz0ivps=",
diff --git a/build/bazel/toolchain.MODULE.bazel b/build/bazel/toolchain.MODULE.bazel
new file mode 100644
index 0000000..f0434f5
--- /dev/null
+++ b/build/bazel/toolchain.MODULE.bazel
@@ -0,0 +1,19 @@
+http_archive = use_repo_rule("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
+
+http_archive(
+ name = "toolchain-bundle-x86_64-unknown-linux-musl",
+ build_file = "//build/toolchain/toolchain-bundle:toolchain-bundle.bzl",
+ integrity = "sha256-tpbvNL5S4t2WLkcj027sghf8tEzVJFL1e5leyx8JkCI=",
+ urls = [
+ "https://storage.googleapis.com/monogon-infra-public/toolchain/toolchain-bundle-x86_64-unknown-linux-musl-release-25.05.ffdcefdde9a4e540d1c875767da0e382e1ccf460.tar.zst",
+ ],
+)
+
+http_archive(
+ name = "toolchain-bundle-aarch64-unknown-linux-musl",
+ build_file = "//build/toolchain/toolchain-bundle:toolchain-bundle.bzl",
+ integrity = "sha256-6caDQ8S+DGXHy2xSAhfRu5EXFLZ7NNqbtkY6o1i33F4=",
+ urls = [
+ "https://storage.googleapis.com/monogon-infra-public/toolchain/toolchain-bundle-aarch64-unknown-linux-musl-release-25.05.ffdcefdde9a4e540d1c875767da0e382e1ccf460.tar.zst",
+ ],
+)
diff --git a/build/toolchain/README.md b/build/toolchain/README.md
new file mode 100644
index 0000000..99e673f
--- /dev/null
+++ b/build/toolchain/README.md
@@ -0,0 +1,11 @@
+# Toolchain Bundle (`toolchain-bundle/`)
+
+To ensure that tools like `make`, `nasm`, `qemu`, or `perl` are available in the Bazel build environment, we provide a `toolchain-bundle`. This bundle is pre-built and fetched as an external repository, allowing Bazel to use these tools without needing to install them on the host system. They are built for both `x86_64-unknown-linux-musl` and `aarch64-unknown-linux-musl` platforms with Nix.
+
+You can build these toolchains by invoking the `nix-build` via `nix-build build/toolchain/toolchain-bundle/default.nix`
+
+---
+
+# Rust EFI Toolchain (`rust-efi/`)
+
+The `rust-efi` directory configures a Rust toolchain for building EFI applications.
\ No newline at end of file
diff --git a/build/toolchain/toolchain-bundle/BUILD.bazel b/build/toolchain/toolchain-bundle/BUILD.bazel
new file mode 100644
index 0000000..1b26331
--- /dev/null
+++ b/build/toolchain/toolchain-bundle/BUILD.bazel
@@ -0,0 +1,11 @@
+load(":toolchain.bzl", "TOOLCHAINS", "toolchain_for")
+
+package(default_visibility = ["//visibility:public"])
+
+[
+ toolchain_for(
+ name = name,
+ config = config,
+ )
+ for name, config in TOOLCHAINS.items()
+]
diff --git a/build/toolchain/toolchain-bundle/default.nix b/build/toolchain/toolchain-bundle/default.nix
new file mode 100644
index 0000000..f59a6a8
--- /dev/null
+++ b/build/toolchain/toolchain-bundle/default.nix
@@ -0,0 +1,52 @@
+{ pkgs ? import ../../../third_party/nix/default.nix { } }: with pkgs;
+symlinkJoin {
+ name = "toolchain";
+ paths =
+ let
+ platforms = with pkgsCross; [
+ aarch64-multiplatform-musl
+ musl64
+ ];
+ in
+ map
+ (platform: (
+ let
+ merged = buildEnv {
+ name = "toolchain-env";
+ paths = with platform.pkgsStatic; [
+ gnumake
+ flex
+ bison
+ lz4
+ busybox
+ findutils
+ bc
+ util-linux-minimal # custom pkg
+ perl
+ nasm
+ acpica-tools
+ patch
+ diffutils
+ qemu-minimal # custom pkg
+ m4
+ strace
+ ];
+ };
+ in
+ stdenv.mkDerivation rec {
+ name = "toolchain-bundle";
+ buildInputs = [ gnutar zstd ];
+
+ phases = [ "buildPhase" "installPhase" ];
+ buildPhase = ''
+ tar --zstd --sort=name --hard-dereference -hcf bundle.tar.zst -C ${merged} .
+ '';
+
+ installPhase = ''
+ mkdir $out
+ mv bundle.tar.zst $out/${name}-${platform.hostPlatform.config}-${lib.version}.tar.zst
+ '';
+ }
+ ))
+ platforms;
+}
diff --git a/build/toolchain/toolchain-bundle/toolchain-bundle.bzl b/build/toolchain/toolchain-bundle/toolchain-bundle.bzl
new file mode 100644
index 0000000..6ac17fb
--- /dev/null
+++ b/build/toolchain/toolchain-bundle/toolchain-bundle.bzl
@@ -0,0 +1,453 @@
+package(default_visibility = ["//visibility:public"])
+
+exports_files(glob([
+ "**/*",
+]))
+
+# rules_perl expects all files as src entry, this does prevent us using
+# $(execpath) which is why we have another filegroup that uses this as
+# data dep.
+filegroup(
+ name = "perl_runtime",
+ srcs = [
+ ":bin/perl",
+ ":bin/xsubpp",
+ ] + glob([
+ "lib/perl5/**",
+ ]),
+)
+
+filegroup(
+ name = "perl",
+ srcs = [
+ ":bin/perl",
+ ],
+ data = [
+ ":perl_runtime",
+ ],
+)
+
+filegroup(
+ name = "bison",
+ srcs = [
+ ":bin/bison",
+ ],
+ data = glob([
+ "share/bison/**",
+ ]),
+)
+
+filegroup(
+ name = "qemu-kvm",
+ srcs = [
+ ":bin/qemu-kvm",
+ ],
+ data = glob([
+ "share/qemu-firmware/**",
+ "share/qemu/**",
+ ]),
+)
+
+filegroup(
+ name = "busybox",
+ srcs = [
+ ":bin/busybox",
+ ],
+ data = [
+ ":bin/[",
+ ":bin/[[",
+ ":bin/acpid",
+ ":bin/add-shell",
+ ":bin/addgroup",
+ ":bin/adduser",
+ ":bin/adjtimex",
+ ":bin/arch",
+ ":bin/arp",
+ ":bin/arping",
+ ":bin/ascii",
+ ":bin/ash",
+ ":bin/awk",
+ ":bin/base32",
+ ":bin/base64",
+ ":bin/basename",
+ ":bin/bc",
+ ":bin/beep",
+ ":bin/blkdiscard",
+ ":bin/blkid",
+ ":bin/blockdev",
+ ":bin/bootchartd",
+ ":bin/brctl",
+ ":bin/bunzip2",
+ ":bin/busybox",
+ ":bin/bzcat",
+ ":bin/bzip2",
+ ":bin/cal",
+ ":bin/cat",
+ ":bin/chat",
+ ":bin/chattr",
+ ":bin/chgrp",
+ ":bin/chmod",
+ ":bin/chown",
+ ":bin/chpasswd",
+ ":bin/chpst",
+ ":bin/chroot",
+ ":bin/chrt",
+ ":bin/chvt",
+ ":bin/cksum",
+ ":bin/clear",
+ ":bin/cmp",
+ ":bin/comm",
+ ":bin/conspy",
+ ":bin/cp",
+ ":bin/cpio",
+ ":bin/crc32",
+ ":bin/crond",
+ ":bin/crontab",
+ ":bin/cryptpw",
+ ":bin/cttyhack",
+ ":bin/cut",
+ ":bin/date",
+ ":bin/dc",
+ ":bin/dd",
+ ":bin/deallocvt",
+ ":bin/delgroup",
+ ":bin/deluser",
+ ":bin/depmod",
+ ":bin/devmem",
+ ":bin/df",
+ ":bin/dhcprelay",
+ ":bin/diff",
+ ":bin/dirname",
+ ":bin/dmesg",
+ ":bin/dnsd",
+ ":bin/dnsdomainname",
+ ":bin/dos2unix",
+ ":bin/dpkg",
+ ":bin/dpkg-deb",
+ ":bin/du",
+ ":bin/dumpkmap",
+ ":bin/dumpleases",
+ ":bin/echo",
+ ":bin/ed",
+ ":bin/egrep",
+ ":bin/eject",
+ ":bin/env",
+ ":bin/envdir",
+ ":bin/envuidgid",
+ ":bin/ether-wake",
+ ":bin/expand",
+ ":bin/expr",
+ ":bin/factor",
+ ":bin/fakeidentd",
+ ":bin/fallocate",
+ ":bin/false",
+ ":bin/fatattr",
+ ":bin/fbset",
+ ":bin/fbsplash",
+ ":bin/fdflush",
+ ":bin/fdformat",
+ ":bin/fdisk",
+ ":bin/fgconsole",
+ ":bin/fgrep",
+ ":bin/find",
+ ":bin/findfs",
+ ":bin/flock",
+ ":bin/fold",
+ ":bin/free",
+ ":bin/freeramdisk",
+ ":bin/fsck",
+ ":bin/fsck.minix",
+ ":bin/fsfreeze",
+ ":bin/fstrim",
+ ":bin/fsync",
+ ":bin/ftpd",
+ ":bin/ftpget",
+ ":bin/ftpput",
+ ":bin/fuser",
+ ":bin/getopt",
+ ":bin/getty",
+ ":bin/grep",
+ ":bin/groups",
+ ":bin/gunzip",
+ ":bin/gzip",
+ ":bin/halt",
+ ":bin/hd",
+ ":bin/hdparm",
+ ":bin/head",
+ ":bin/hexdump",
+ ":bin/hexedit",
+ ":bin/hostid",
+ ":bin/hostname",
+ ":bin/httpd",
+ ":bin/hush",
+ ":bin/hwclock",
+ ":bin/i2cdetect",
+ ":bin/i2cdump",
+ ":bin/i2cget",
+ ":bin/i2cset",
+ ":bin/i2ctransfer",
+ ":bin/id",
+ ":bin/ifconfig",
+ ":bin/ifdown",
+ ":bin/ifenslave",
+ ":bin/ifplugd",
+ ":bin/ifup",
+ ":bin/inetd",
+ ":bin/init",
+ ":bin/insmod",
+ ":bin/install",
+ ":bin/ionice",
+ ":bin/iostat",
+ ":bin/ip",
+ ":bin/ipaddr",
+ ":bin/ipcalc",
+ ":bin/ipcrm",
+ ":bin/ipcs",
+ ":bin/iplink",
+ ":bin/ipneigh",
+ ":bin/iproute",
+ ":bin/iprule",
+ ":bin/iptunnel",
+ ":bin/kbd_mode",
+ ":bin/kill",
+ ":bin/killall",
+ ":bin/killall5",
+ ":bin/klogd",
+ ":bin/less",
+ ":bin/link",
+ ":bin/linux32",
+ ":bin/linux64",
+ ":bin/ln",
+ ":bin/loadfont",
+ ":bin/loadkmap",
+ ":bin/logger",
+ ":bin/login",
+ ":bin/logname",
+ ":bin/logread",
+ ":bin/losetup",
+ ":bin/lpd",
+ ":bin/lpq",
+ ":bin/lpr",
+ ":bin/ls",
+ ":bin/lsattr",
+ ":bin/lsmod",
+ ":bin/lsof",
+ ":bin/lspci",
+ ":bin/lsscsi",
+ ":bin/lsusb",
+ ":bin/lzcat",
+ ":bin/lzma",
+ ":bin/lzop",
+ ":bin/makedevs",
+ ":bin/makemime",
+ ":bin/man",
+ ":bin/md5sum",
+ ":bin/mdev",
+ ":bin/mesg",
+ ":bin/microcom",
+ ":bin/mim",
+ ":bin/mkdir",
+ ":bin/mkdosfs",
+ ":bin/mke2fs",
+ ":bin/mkfifo",
+ ":bin/mkfs.ext2",
+ ":bin/mkfs.minix",
+ ":bin/mkfs.vfat",
+ ":bin/mknod",
+ ":bin/mkpasswd",
+ ":bin/mkswap",
+ ":bin/mktemp",
+ ":bin/modinfo",
+ ":bin/modprobe",
+ ":bin/more",
+ ":bin/mount",
+ ":bin/mountpoint",
+ ":bin/mpstat",
+ ":bin/mt",
+ ":bin/mv",
+ ":bin/nameif",
+ ":bin/nanddump",
+ ":bin/nandwrite",
+ ":bin/nbd-client",
+ ":bin/nc",
+ ":bin/netstat",
+ ":bin/nice",
+ ":bin/nl",
+ ":bin/nmeter",
+ ":bin/nohup",
+ ":bin/nologin",
+ ":bin/nproc",
+ ":bin/nsenter",
+ ":bin/nslookup",
+ ":bin/ntpd",
+ ":bin/od",
+ ":bin/openvt",
+ ":bin/partprobe",
+ ":bin/passwd",
+ ":bin/paste",
+ ":bin/patch",
+ ":bin/pgrep",
+ ":bin/pidof",
+ ":bin/ping",
+ ":bin/ping6",
+ ":bin/pipe_progress",
+ ":bin/pivot_root",
+ ":bin/pkill",
+ ":bin/pmap",
+ ":bin/popmaildir",
+ ":bin/poweroff",
+ ":bin/powertop",
+ ":bin/printenv",
+ ":bin/printf",
+ ":bin/ps",
+ ":bin/pscan",
+ ":bin/pstree",
+ ":bin/pwd",
+ ":bin/pwdx",
+ ":bin/raidautorun",
+ ":bin/rdate",
+ ":bin/rdev",
+ ":bin/readahead",
+ ":bin/readlink",
+ ":bin/readprofile",
+ ":bin/realpath",
+ ":bin/reboot",
+ ":bin/reformime",
+ ":bin/remove-shell",
+ ":bin/renice",
+ ":bin/reset",
+ ":bin/resize",
+ ":bin/resume",
+ ":bin/rev",
+ ":bin/rm",
+ ":bin/rmdir",
+ ":bin/rmmod",
+ ":bin/route",
+ ":bin/rpm",
+ ":bin/rpm2cpio",
+ ":bin/rtcwake",
+ ":bin/run-init",
+ ":bin/run-parts",
+ ":bin/runsv",
+ ":bin/runsvdir",
+ ":bin/rx",
+ ":bin/script",
+ ":bin/scriptreplay",
+ ":bin/sed",
+ ":bin/seedrng",
+ ":bin/sendmail",
+ ":bin/seq",
+ ":bin/setarch",
+ ":bin/setconsole",
+ ":bin/setfattr",
+ ":bin/setfont",
+ ":bin/setkeycodes",
+ ":bin/setlogcons",
+ ":bin/setpriv",
+ ":bin/setserial",
+ ":bin/setsid",
+ ":bin/setuidgid",
+ ":bin/sh",
+ ":bin/sha1sum",
+ ":bin/sha3sum",
+ ":bin/sha256sum",
+ ":bin/sha512sum",
+ ":bin/showkey",
+ ":bin/shred",
+ ":bin/shuf",
+ ":bin/slattach",
+ ":bin/sleep",
+ ":bin/smemcap",
+ ":bin/softlimit",
+ ":bin/sort",
+ ":bin/split",
+ ":bin/ssl_client",
+ ":bin/start-stop-daemon",
+ ":bin/stat",
+ ":bin/strings",
+ ":bin/stty",
+ ":bin/su",
+ ":bin/sulogin",
+ ":bin/sum",
+ ":bin/sv",
+ ":bin/svc",
+ ":bin/svlogd",
+ ":bin/svok",
+ ":bin/swapoff",
+ ":bin/swapon",
+ ":bin/switch_root",
+ ":bin/sync",
+ ":bin/sysctl",
+ ":bin/syslogd",
+ ":bin/tac",
+ ":bin/tail",
+ ":bin/tar",
+ ":bin/taskset",
+ ":bin/tcpsvd",
+ ":bin/tee",
+ ":bin/telnet",
+ ":bin/telnetd",
+ ":bin/test",
+ ":bin/tftp",
+ ":bin/tftpd",
+ ":bin/time",
+ ":bin/timeout",
+ ":bin/top",
+ ":bin/touch",
+ ":bin/tr",
+ ":bin/traceroute",
+ ":bin/traceroute6",
+ ":bin/tree",
+ ":bin/true",
+ ":bin/truncate",
+ ":bin/ts",
+ ":bin/tsort",
+ ":bin/tty",
+ ":bin/ttysize",
+ ":bin/tunctl",
+ ":bin/ubiattach",
+ ":bin/ubidetach",
+ ":bin/ubimkvol",
+ ":bin/ubirename",
+ ":bin/ubirmvol",
+ ":bin/ubirsvol",
+ ":bin/ubiupdatevol",
+ ":bin/udhcpc",
+ ":bin/udhcpc6",
+ ":bin/udhcpd",
+ ":bin/udpsvd",
+ ":bin/uevent",
+ ":bin/umount",
+ ":bin/uname",
+ ":bin/unexpand",
+ ":bin/uniq",
+ ":bin/unix2dos",
+ ":bin/unlink",
+ ":bin/unlzma",
+ ":bin/unshare",
+ ":bin/unxz",
+ ":bin/unzip",
+ ":bin/uptime",
+ ":bin/usleep",
+ ":bin/uudecode",
+ ":bin/uuencode",
+ ":bin/vconfig",
+ ":bin/vi",
+ ":bin/vlock",
+ ":bin/volname",
+ ":bin/watch",
+ ":bin/watchdog",
+ ":bin/wc",
+ ":bin/wget",
+ ":bin/which",
+ ":bin/whoami",
+ ":bin/whois",
+ ":bin/xargs",
+ ":bin/xxd",
+ ":bin/xz",
+ ":bin/xzcat",
+ ":bin/yes",
+ ":bin/zcat",
+ ":bin/zcip",
+ ],
+)
diff --git a/build/toolchain/toolchain-bundle/toolchain.bzl b/build/toolchain/toolchain-bundle/toolchain.bzl
new file mode 100644
index 0000000..a2b7df2
--- /dev/null
+++ b/build/toolchain/toolchain-bundle/toolchain.bzl
@@ -0,0 +1,188 @@
+load("@rules_foreign_cc//toolchains/native_tools:native_tools_toolchain.bzl", "native_tool_toolchain")
+
+# Copied from bazel-contrib/rules_foreign_cc licensed under Apache-2.0
+def _current_toolchain_impl(ctx):
+ toolchain = ctx.toolchains[ctx.attr._toolchain]
+
+ if toolchain.data.target:
+ return [
+ toolchain,
+ platform_common.TemplateVariableInfo(toolchain.data.env),
+ DefaultInfo(
+ files = toolchain.data.target.files,
+ runfiles = toolchain.data.target.default_runfiles,
+ ),
+ ]
+ return [
+ toolchain,
+ platform_common.TemplateVariableInfo(toolchain.data.env),
+ DefaultInfo(),
+ ]
+
+def current_toolchain(name):
+ return rule(
+ implementation = _current_toolchain_impl,
+ attrs = {
+ "_toolchain": attr.string(default = "//build/toolchain/toolchain-bundle:%s_toolchain" % name),
+ },
+ toolchains = [
+ "//build/toolchain/toolchain-bundle:%s_toolchain" % name,
+ ],
+ )
+
+def toolchain_for(name, config):
+ native.toolchain_type(
+ name = "%s_toolchain" % name,
+ )
+
+ config.current_toolchain_func(
+ name = name,
+ )
+
+ native.toolchain(
+ name = "%s_linux_x86_64_toolchain" % name,
+ exec_compatible_with = [
+ "@platforms//os:linux",
+ "@platforms//cpu:x86_64",
+ ],
+ toolchain = ":%s_linux_x86_64" % name,
+ toolchain_type = ":%s_toolchain" % name,
+ )
+
+ native.toolchain(
+ name = "%s_linux_aarch64_toolchain" % name,
+ exec_compatible_with = [
+ "@platforms//os:linux",
+ "@platforms//cpu:aarch64",
+ ],
+ toolchain = ":%s_linux_aarch64" % name,
+ toolchain_type = ":%s_toolchain" % name,
+ )
+
+ native_tool_toolchain(
+ name = "%s_linux_aarch64" % name,
+ env = {
+ name.upper(): "$(execpath @toolchain-bundle-aarch64-unknown-linux-musl//:%s)" % config.target,
+ },
+ target = "@toolchain-bundle-aarch64-unknown-linux-musl//:%s" % config.target,
+ )
+
+ native_tool_toolchain(
+ name = "%s_linux_x86_64" % name,
+ env = {
+ name.upper(): "$(execpath @toolchain-bundle-x86_64-unknown-linux-musl//:%s)" % config.target,
+ },
+ target = "@toolchain-bundle-x86_64-unknown-linux-musl//:%s" % config.target,
+ )
+
+current_qemu_img_toolchain = current_toolchain("qemu-img")
+current_qemu_kvm_toolchain = current_toolchain("qemu-kvm")
+current_make_toolchain = current_toolchain("make")
+current_strace_toolchain = current_toolchain("strace")
+current_nasm_toolchain = current_toolchain("nasm")
+current_bison_toolchain = current_toolchain("bison")
+current_flex_toolchain = current_toolchain("flex")
+current_m4_toolchain = current_toolchain("m4")
+current_bc_toolchain = current_toolchain("bc")
+current_busybox_toolchain = current_toolchain("busybox")
+current_diff_toolchain = current_toolchain("diff")
+current_perl_toolchain = current_toolchain("perl")
+current_iasl_toolchain = current_toolchain("iasl")
+current_lz4_toolchain = current_toolchain("lz4")
+
+TOOLCHAINS = {
+ "qemu-img": struct(
+ target = "bin/qemu-img",
+ current_toolchain_func = current_qemu_img_toolchain,
+ ),
+ "qemu-kvm": struct(
+ target = "qemu-kvm",
+ current_toolchain_func = current_qemu_kvm_toolchain,
+ ),
+ "make": struct(
+ target = "bin/make",
+ current_toolchain_func = current_make_toolchain,
+ ),
+ "strace": struct(
+ target = "bin/strace",
+ current_toolchain_func = current_strace_toolchain,
+ ),
+ "nasm": struct(
+ target = "bin/nasm",
+ current_toolchain_func = current_nasm_toolchain,
+ ),
+ "bison": struct(
+ target = "bison",
+ current_toolchain_func = current_bison_toolchain,
+ ),
+ "flex": struct(
+ target = "bin/flex",
+ current_toolchain_func = current_flex_toolchain,
+ ),
+ "m4": struct(
+ target = "bin/m4",
+ current_toolchain_func = current_m4_toolchain,
+ ),
+ "bc": struct(
+ target = "bin/bc",
+ current_toolchain_func = current_bc_toolchain,
+ ),
+ "diff": struct(
+ target = "bin/diff",
+ current_toolchain_func = current_diff_toolchain,
+ ),
+ "iasl": struct(
+ target = "bin/iasl",
+ current_toolchain_func = current_iasl_toolchain,
+ ),
+ "busybox": struct(
+ target = "busybox",
+ current_toolchain_func = current_busybox_toolchain,
+ ),
+ "perl": struct(
+ target = "perl",
+ current_toolchain_func = current_perl_toolchain,
+ ),
+ "lz4": struct(
+ target = "bin/lz4",
+ current_toolchain_func = current_lz4_toolchain,
+ ),
+}
+
+def build_toolchain_env(ctx, toolchains):
+ toolchain_info = [ctx.toolchains[t] for t in toolchains]
+ env = dict([(k, v) for t in toolchain_info for k, v in t.data.env.items()])
+ env = env | {"TOOL_PATH": ":".join([t.data.target.files.to_list()[0].path.rsplit("/", 1)[0] for t in toolchain_info])}
+
+ inputs = depset(transitive = [
+ depset(transitive = [t.data.target.files, t.data.target.default_runfiles.files])
+ for t in toolchain_info
+ ])
+
+ return env, inputs
+
+TOOLCHAIN_ENV_SETUP = """
+set -e
+
+# Iterate over all environment variables and expand paths that are
+# either external or bazel-out.
+for name in $(env | cut -d= -f1); do
+ val="${!name}"
+ [[ "$val" != *external/* && "$val" != *bazel-out/* ]] && continue # Quick skip
+
+ sep=' '; [[ $name == "TOOL_PATH" ]] && sep=':' # Set separator: : for PATH, space otherwise
+ IFS=$sep read -r -a items <<< "$val" # Split value into array using correct separator
+
+ for i in "${!items[@]}"; do
+ key="${items[i]%%=*}"; v="${items[i]#*=}" # Handle 'key=val' and standalone paths
+ if [[ ( $v == external/* || $v == bazel-out/* ) && -e "$v" ]]; then
+ [ "$key" = "$v" ] && items[i]=$(realpath -s "$v") || items[i]="$key=$(realpath -s "$v")"
+ fi
+ done
+ export "$name=$(IFS=$sep; echo "${items[*]}")" # Re-export with correct separator
+done
+
+# Add our now expanded TOOL_PATH to PATH
+PATH="$PATH:$TOOL_PATH"
+
+"""
diff --git a/build/utils/foreign_build.bzl b/build/utils/foreign_build.bzl
new file mode 100644
index 0000000..8f6030e
--- /dev/null
+++ b/build/utils/foreign_build.bzl
@@ -0,0 +1,84 @@
+# Copyright The Monogon Project Authors.
+# SPDX-License-Identifier: Apache-2.0
+
+load("@rules_cc//cc:action_names.bzl", "CPP_LINK_EXECUTABLE_ACTION_NAME", "C_COMPILE_ACTION_NAME")
+load("@rules_cc//cc/common:cc_common.bzl", "cc_common")
+load("//build/toolchain/toolchain-bundle:toolchain.bzl", "TOOLCHAIN_ENV_SETUP", "build_toolchain_env")
+
+DISABLED_FEATURES = []
+
+def build_llvm_compiler_env(ctx, cc_toolchain, prefix = ""):
+ feature_configuration = cc_common.configure_features(
+ ctx = ctx,
+ cc_toolchain = cc_toolchain,
+ requested_features = ctx.features,
+ unsupported_features = DISABLED_FEATURES + ctx.disabled_features,
+ )
+ c_compiler_path = cc_common.get_tool_for_action(
+ feature_configuration = feature_configuration,
+ action_name = C_COMPILE_ACTION_NAME,
+ )
+ c_compile_variables = cc_common.create_compile_variables(
+ feature_configuration = feature_configuration,
+ cc_toolchain = cc_toolchain,
+ user_compile_flags = ctx.fragments.cpp.copts + ctx.fragments.cpp.conlyopts,
+ )
+ c_compiler_flags = cc_common.get_memory_inefficient_command_line(
+ feature_configuration = feature_configuration,
+ action_name = C_COMPILE_ACTION_NAME,
+ variables = c_compile_variables,
+ )
+ c_linker_flags = cc_common.get_memory_inefficient_command_line(
+ feature_configuration = feature_configuration,
+ action_name = CPP_LINK_EXECUTABLE_ACTION_NAME,
+ variables = c_compile_variables,
+ )
+
+ # NOTE: Multicall tool is called as path/to/llvm clang to workaround a bug
+ # in out-of-process execution where tool name is repeated and parsing breaks.
+ return {
+ prefix + "CC_PATH": c_compiler_path.rsplit("/", 1)[0],
+ prefix + "CC": c_compiler_path.rsplit("/", 1)[0] + "/llvm clang",
+ prefix + "CXX": c_compiler_path.rsplit("/", 1)[0] + "/llvm clang++",
+ prefix + "LD": c_compiler_path.rsplit("/", 1)[0] + "/ld.lld",
+ prefix + "AR": c_compiler_path.rsplit("/", 1)[0] + "/llvm-ar",
+ prefix + "NM": c_compiler_path.rsplit("/", 1)[0] + "/llvm-nm",
+ prefix + "STRIP": c_compiler_path.rsplit("/", 1)[0] + "/llvm-strip",
+ prefix + "OBJCOPY": c_compiler_path.rsplit("/", 1)[0] + "/llvm-objcopy",
+ prefix + "OBJDUMP": c_compiler_path.rsplit("/", 1)[0] + "/llvm-objdump",
+ prefix + "READELF": c_compiler_path.rsplit("/", 1)[0] + "/llvm-readelf",
+ prefix + "CFLAGS": " ".join(c_compiler_flags),
+ prefix + "LDFLAGS": " ".join(c_linker_flags),
+ }, cc_toolchain.all_files
+
+def merge_env(env, extra_env):
+ for k, v in extra_env.items():
+ if k in env:
+ env[k] += " " + v
+ else:
+ env[k] = v
+ return env
+
+def generate_foreign_build_env(ctx, target_toolchain, exec_toolchain, toolchain_bundle_tools):
+ env = {}
+
+ # Figure out cc_toolchains
+ target_toolchain_env, target_toolchain_inputs = build_llvm_compiler_env(ctx, target_toolchain)
+ env = merge_env(env, target_toolchain_env)
+
+ exec_toolchain_env, exec_toolchain_inputs = build_llvm_compiler_env(ctx, exec_toolchain, "HOST")
+ env = merge_env(env, exec_toolchain_env)
+
+ # Setup tools from toolchain-bundle.
+ toolchain_bundle_env, toolchain_bundle_inputs = build_toolchain_env(ctx, toolchain_bundle_tools)
+ env = merge_env(env, toolchain_bundle_env)
+
+ inputs = depset(
+ transitive = [
+ target_toolchain_inputs,
+ exec_toolchain_inputs,
+ toolchain_bundle_inputs,
+ ],
+ )
+
+ return env, inputs, TOOLCHAIN_ENV_SETUP
diff --git a/shell.nix b/shell.nix
index 3963630..5d4fa01 100644
--- a/shell.nix
+++ b/shell.nix
@@ -1,6 +1,64 @@
# If you're on NixOS, use me! `nix-shell --pure`.
-{ sources ? import third_party/nix/sources.nix }:
+{ pkgs ? (import ./third_party/nix { }), extraConf ? "" }:
let
- pkgs = import sources.nixpkgs {};
+ wrapper = pkgs.writeScript "wrapper.sh"
+ ''
+ # Fancy colorful PS1 to make people notice easily they're in the Monogon Nix shell.
+ PS1='\[\033]0;\u/monogon:\w\007\]'
+ if type -P dircolors >/dev/null ; then
+ PS1+='\[\033[01;35m\]\u/monogon\[\033[01;36m\] \w \$\[\033[00m\] '
+ fi
+ export PS1
+
+ # Use Nix-provided cert store.
+ export NIX_SSL_CERT_FILE="${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
+ export SSL_CERT_FILE="${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
+
+ # Let some downstream machinery know we're on NixOS. This is used mostly to
+ # work around Bazel/NixOS interactions.
+ export MONOGON_NIXOS=yep
+
+ # Convince rules_go to use /bin/bash and not a NixOS store bash which has
+ # no idea how to resolve other things in the nix store once PATH is
+ # stripped by (host_)action_env.
+ export BAZEL_SH=/bin/bash
+
+ # buildFHSEnv makes /etc a tmpfs and symlinks some files from host /etc.
+ # Create some additional symlinks for files we want from host /etc.
+ for i in bazel.bazelrc gitconfig; do
+ if [[ -e "/.host-etc/$i" ]] && [[ ! -e "/etc/$i" ]]; then
+ ln -s "/.host-etc/$i" "/etc/$i"
+ fi
+ done
+
+ ${extraConf}
+
+ # Allow passing a custom command via env since nix-shell doesn't support
+ # this yet: https://github.com/NixOS/nix/issues/534
+ if [ ! -n "$COMMAND" ]; then
+ COMMAND="bash --noprofile --norc"
+ fi
+ exec $COMMAND
+ '';
in
-(import third_party/nix/env.nix { inherit pkgs; }).env
+(pkgs.buildFHSEnv {
+ name = "monogon-nix";
+ targetPkgs = targetPkgs: with targetPkgs; [
+ bazel-unwrapped # Our custom bazel package based on upstream
+ git
+ buildifier
+ zlib
+ curl
+ gcc
+ binutils
+ openjdk21
+ patch
+ python3
+ busybox
+ niv
+ google-cloud-sdk
+ swtpm
+ nix
+ ];
+ runScript = wrapper;
+}).env
diff --git a/third_party/nix/BUILD.bazel b/third_party/nix/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/nix/BUILD.bazel
diff --git a/third_party/nix/default.nix b/third_party/nix/default.nix
new file mode 100644
index 0000000..7688b7f
--- /dev/null
+++ b/third_party/nix/default.nix
@@ -0,0 +1,26 @@
+{ sources ? import ./sources.nix }:
+let
+ pkgs = import sources.nixpkgs
+ {
+ overlays = [
+ (self: super: {
+ qemu-minimal = import ./pkgs/qemu { pkgs = super; };
+ diffutils = import ./pkgs/diffutils { pkgs = super; };
+ util-linux-minimal = (import ./pkgs/util-linux { pkgs = super; });
+ bazel-unwrapped = import ./pkgs/bazel { pkgs = super; };
+ perl = import ./pkgs/perl { pkgs = super; };
+ })
+ (self: super: {
+ vde2 = super.vde2.overrideAttrs (oldAttrs: {
+ env.NIX_CFLAGS_COMPILE = (oldAttrs.NIX_CFLAGS_COMPILE or "") + " -Wno-error=int-conversion -Wno-error=implicit-function-declaration";
+ });
+ })
+ ];
+
+ config.replaceCrossStdenv = { buildPackages, baseStdenv }:
+ (buildPackages.withCFlags [ "-fPIC" ]) baseStdenv;
+ };
+in
+pkgs // {
+ lib.version = "${sources.nixpkgs.branch}.${sources.nixpkgs.rev}";
+}
diff --git a/third_party/nix/env.nix b/third_party/nix/env.nix
deleted file mode 100644
index 320e3df..0000000
--- a/third_party/nix/env.nix
+++ /dev/null
@@ -1,85 +0,0 @@
-{ pkgs, extraConf ? "" }: with pkgs;
-let
- wrapper = pkgs.writeScript "wrapper.sh"
- ''
- # Fancy colorful PS1 to make people notice easily they're in the Monogon Nix shell.
- PS1='\[\033]0;\u/monogon:\w\007\]'
- if type -P dircolors >/dev/null ; then
- PS1+='\[\033[01;35m\]\u/monogon\[\033[01;36m\] \w \$\[\033[00m\] '
- fi
- export PS1
-
- # Use Nix-provided cert store.
- export NIX_SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt"
- export SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt"
-
- # Let some downstream machinery know we're on NixOS. This is used mostly to
- # work around Bazel/NixOS interactions.
- export MONOGON_NIXOS=yep
-
- # Convince rules_go to use /bin/bash and not a NixOS store bash which has
- # no idea how to resolve other things in the nix store once PATH is
- # stripped by (host_)action_env.
- export BAZEL_SH=/bin/bash
-
- # buildFHSEnv makes /etc a tmpfs and symlinks some files from host /etc.
- # Create some additional symlinks for files we want from host /etc.
- for i in bazel.bazelrc gitconfig; do
- if [[ -e "/.host-etc/$i" ]] && [[ ! -e "/etc/$i" ]]; then
- ln -s "/.host-etc/$i" "/etc/$i"
- fi
- done
-
- ${extraConf}
-
- # Allow passing a custom command via env since nix-shell doesn't support
- # this yet: https://github.com/NixOS/nix/issues/534
- if [ ! -n "$COMMAND" ]; then
- COMMAND="bash --noprofile --norc"
- fi
- exec $COMMAND
- '';
-in
-(pkgs.buildFHSEnv {
- name = "monogon-nix";
- targetPkgs = pkgs: with pkgs; [
- git
- buildifier
- (stdenv.mkDerivation {
- name = "bazel";
- src = builtins.fetchurl {
- url = "https://github.com/bazelbuild/bazel/releases/download/8.1.0/bazel-8.1.0-linux-x86_64";
- sha256 = "19dwgh631d6c1m4ds1b1b3pbz18zm5i0x8bggjgsc04fyljfbfml";
- };
- unpackPhase = ''
- true
- '';
- nativeBuildInputs = [ makeWrapper ];
- buildPhase = ''
- mkdir -p $out/bin
- cp $src $out/bin/.bazel-inner
- chmod +x $out/bin/.bazel-inner
-
- cp ${./bazel-inner.sh} $out/bin/bazel
- chmod +x $out/bin/bazel
-
- # Use wrapProgram to set the actual bazel path
- wrapProgram $out/bin/bazel --set BAZEL_REAL $out/bin/.bazel-inner
- '';
- dontStrip = true;
- })
- zlib
- curl
- gcc
- binutils
- openjdk21
- patch
- python3
- busybox
- niv
- google-cloud-sdk
- qemu_kvm
- swtpm
- ];
- runScript = wrapper;
-})
diff --git a/third_party/nix/pkgs/bazel/BUILD.bazel b/third_party/nix/pkgs/bazel/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/nix/pkgs/bazel/BUILD.bazel
diff --git a/third_party/nix/bazel-inner.sh b/third_party/nix/pkgs/bazel/bazel-inner.sh
similarity index 100%
rename from third_party/nix/bazel-inner.sh
rename to third_party/nix/pkgs/bazel/bazel-inner.sh
diff --git a/third_party/nix/pkgs/bazel/default.nix b/third_party/nix/pkgs/bazel/default.nix
new file mode 100644
index 0000000..0b6ba7e
--- /dev/null
+++ b/third_party/nix/pkgs/bazel/default.nix
@@ -0,0 +1,24 @@
+{ pkgs }: with pkgs;
+stdenv.mkDerivation {
+ name = "bazel";
+ src = builtins.fetchurl {
+ url = "https://github.com/bazelbuild/bazel/releases/download/8.1.0/bazel-8.1.0-linux-x86_64";
+ sha256 = "19dwgh631d6c1m4ds1b1b3pbz18zm5i0x8bggjgsc04fyljfbfml";
+ };
+ unpackPhase = ''
+ true
+ '';
+ nativeBuildInputs = [ makeWrapper ];
+ buildPhase = ''
+ mkdir -p $out/bin
+ cp $src $out/bin/.bazel-inner
+ chmod +x $out/bin/.bazel-inner
+
+ cp ${./bazel-inner.sh} $out/bin/bazel
+ chmod +x $out/bin/bazel
+
+ # Use wrapProgram to set the actual bazel path
+ wrapProgram $out/bin/bazel --set BAZEL_REAL $out/bin/.bazel-inner
+ '';
+ dontStrip = true;
+}
diff --git a/third_party/nix/pkgs/diffutils/BUILD.bazel b/third_party/nix/pkgs/diffutils/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/nix/pkgs/diffutils/BUILD.bazel
diff --git a/third_party/nix/pkgs/diffutils/default.nix b/third_party/nix/pkgs/diffutils/default.nix
new file mode 100644
index 0000000..bbb38e3
--- /dev/null
+++ b/third_party/nix/pkgs/diffutils/default.nix
@@ -0,0 +1,39 @@
+{ pkgs }: with pkgs;
+if (!stdenv.hostPlatform.isStatic) then diffutils else
+diffutils.overrideAttrs (old: {
+ # Disable tests as they fail when static build.
+
+ # FAIL: test-getopt-gnu
+ #=====================
+ #
+ #test-getopt.h:661: assertion 'optind == 2' failed
+ #FAIL test-getopt-gnu (exit status: 134)
+ #
+ #FAIL: test-getopt-posix
+ #=======================
+ #
+ #test-getopt.h:661: assertion 'optind == 2' failed
+ #FAIL test-getopt-posix (exit status: 134)
+ #
+ #FAIL: test-nl_langinfo-mt
+ #=========================
+ #
+ #FAIL test-nl_langinfo-mt (exit status: 134)
+ #
+ #FAIL: test-random-mt
+ #====================
+ #
+ #FAIL test-random-mt (exit status: 134)
+ #
+ #FAIL: test-setlocale_null-mt-one
+ #================================
+ #
+ #FAIL test-setlocale_null-mt-one (exit status: 134)
+ #
+ #FAIL: test-setlocale_null-mt-all
+ #================================
+ #
+ #FAIL test-setlocale_null-mt-all (exit status: 134)
+ doCheck = false;
+ doInstallCheck = false;
+})
diff --git a/third_party/nix/pkgs/perl/BUILD.bazel b/third_party/nix/pkgs/perl/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/nix/pkgs/perl/BUILD.bazel
diff --git a/third_party/nix/pkgs/perl/default.nix b/third_party/nix/pkgs/perl/default.nix
new file mode 100644
index 0000000..c2677b5
--- /dev/null
+++ b/third_party/nix/pkgs/perl/default.nix
@@ -0,0 +1,24 @@
+{ pkgs }: with pkgs;
+if (!stdenv.hostPlatform.isStatic) then perl else
+perl.overrideAttrs (old: {
+ patches = old.patches ++ [
+ ./static_build.patch
+ ];
+
+ preConfigure = old.preConfigure + ''
+ cat >> config.over <<EOF
+ osvers="musllinux"
+ EOF
+ '';
+
+ configureFlags = old.configureFlags ++ [
+ "-Dotherlibdirs=.../../lib/perl5/${old.version}" # Tell perl to use a relative libdir
+ # 1. Why isn't this the default?
+ # 2. Apparently nobody uses this option, because it is missing the quotes inside the config_h.SH
+ # 3. Why should a variable called "procselfexe" be used with a different path than /proc/self/exe?
+ # 4. I really dislike perl. - fionera
+ "-Dprocselfexe=\"/proc/self/exe\""
+ ];
+
+ env.NIX_CFLAGS_COMPILE = (old.NIX_CFLAGS_COMPILE or "") + " -Wno-error=implicit-function-declaration";
+})
diff --git a/third_party/nix/pkgs/perl/static_build.patch b/third_party/nix/pkgs/perl/static_build.patch
new file mode 100644
index 0000000..8562a3f
--- /dev/null
+++ b/third_party/nix/pkgs/perl/static_build.patch
@@ -0,0 +1,13 @@
+diff --git a/ext/re/Makefile.PL b/ext/re/Makefile.PL
+--- a/ext/re/Makefile.PL
++++ b/ext/re/Makefile.PL
+@@ -27,8 +27,9 @@
+ }
+ }
+
+ my $defines = '-DPERL_EXT_RE_BUILD -DPERL_EXT_RE_DEBUG -DPERL_EXT';
++$defines .= ' -DPERL_EXT_RE_STATIC';
+ my %args;
+ for my $arg (@ARGV) {
+ $args{$1} = $2 if $arg =~ /^(\w+)=(.*)$/;
+ }
diff --git a/third_party/nix/pkgs/qemu/BUILD.bazel b/third_party/nix/pkgs/qemu/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/nix/pkgs/qemu/BUILD.bazel
diff --git a/third_party/nix/pkgs/qemu/default.nix b/third_party/nix/pkgs/qemu/default.nix
new file mode 100644
index 0000000..5134cb7
--- /dev/null
+++ b/third_party/nix/pkgs/qemu/default.nix
@@ -0,0 +1,48 @@
+{ pkgs }: with pkgs;
+
+let
+ qemuMinimal = qemu_kvm.override (old: {
+ hostCpuOnly = true;
+ vncSupport = true;
+
+ # Disable everything we don't need.
+ enableDocs = false;
+ ncursesSupport = false;
+ seccompSupport = false;
+ numaSupport = false;
+ alsaSupport = false;
+ pulseSupport = false;
+ pipewireSupport = false;
+ sdlSupport = false;
+ jackSupport = false;
+ gtkSupport = false;
+ smartcardSupport = false;
+ spiceSupport = false;
+ usbredirSupport = false;
+ xenSupport = false;
+ cephSupport = false;
+ glusterfsSupport = false;
+ openGLSupport = false;
+ rutabagaSupport = false;
+ virglSupport = false;
+ libiscsiSupport = false;
+ smbdSupport = false;
+ uringSupport = false;
+ canokeySupport = false;
+ capstoneSupport = false;
+ });
+in
+qemuMinimal.overrideAttrs (old: {
+ # Static build patch
+ # Based on https://github.com/NixOS/nixpkgs/pull/333923
+
+ patches = (old.patches ++ [
+ ./static_build_crc32c_duplicate_definition.patch
+ ]);
+
+ configureFlags = (builtins.filter (v: v != "--static") old.configureFlags) ++ [ "--disable-libcbor" ];
+ strictDeps = true;
+ # a private dependency of PAM which is not linked explicitly in static builds
+ buildInputs = old.buildInputs ++ [ pkgs.audit ];
+ env.NIX_LDFLAGS = " -laudit ";
+})
diff --git a/third_party/nix/pkgs/qemu/static_build_crc32c_duplicate_definition.patch b/third_party/nix/pkgs/qemu/static_build_crc32c_duplicate_definition.patch
new file mode 100644
index 0000000..8e6c033
--- /dev/null
+++ b/third_party/nix/pkgs/qemu/static_build_crc32c_duplicate_definition.patch
@@ -0,0 +1,117 @@
+commit 0ba0f342e2f3cb1d271d324d999d80d5c2834f2b
+Author: Guillaume Girol <symphorien+git@xlumurb.eu>
+Date: Sun Aug 11 12:00:00 2024 +0000
+
+ rename crc32c to a less generic name
+
+ when compiling qemu statically, this symbol clashes to one in libblkid.
+
+diff --git a/block/vhdx.c b/block/vhdx.c
+index 5aa1a13506..0dc9df217d 100644
+--- a/block/vhdx.c
++++ b/block/vhdx.c
+@@ -157,7 +157,7 @@ uint32_t vhdx_update_checksum(uint8_t *buf, size_t size, int crc_offset)
+ assert(size > (crc_offset + sizeof(crc)));
+
+ memset(buf + crc_offset, 0, sizeof(crc));
+- crc = crc32c(0xffffffff, buf, size);
++ crc = qemu_crc32c(0xffffffff, buf, size);
+ crc = cpu_to_le32(crc);
+ memcpy(buf + crc_offset, &crc, sizeof(crc));
+
+@@ -176,7 +176,7 @@ uint32_t vhdx_checksum_calc(uint32_t crc, uint8_t *buf, size_t size,
+ memset(buf + crc_offset, 0, sizeof(crc_orig));
+ }
+
+- crc_new = crc32c(crc, buf, size);
++ crc_new = qemu_crc32c(crc, buf, size);
+ if (crc_offset > 0) {
+ memcpy(buf + crc_offset, &crc_orig, sizeof(crc_orig));
+ }
+diff --git a/hw/net/net_rx_pkt.c b/hw/net/net_rx_pkt.c
+index 32e5f3f9cf..a53238e143 100644
+--- a/hw/net/net_rx_pkt.c
++++ b/hw/net/net_rx_pkt.c
+@@ -579,7 +579,7 @@ _net_rx_pkt_validate_sctp_sum(struct NetRxPkt *pkt)
+ return false;
+ }
+
+- calculated = crc32c(0xffffffff,
++ calculated = qemu_crc32c(0xffffffff,
+ (uint8_t *)vec->iov_base + off, vec->iov_len - off);
+ calculated = iov_crc32c(calculated ^ 0xffffffff, vec + 1, vec_len - 1);
+ valid = calculated == le32_to_cpu(original);
+diff --git a/include/qemu/crc32c.h b/include/qemu/crc32c.h
+index 88b4d2b3b3..b0f535c80e 100644
+--- a/include/qemu/crc32c.h
++++ b/include/qemu/crc32c.h
+@@ -29,7 +29,7 @@
+ #define QEMU_CRC32C_H
+
+
+-uint32_t crc32c(uint32_t crc, const uint8_t *data, unsigned int length);
++uint32_t qemu_crc32c(uint32_t crc, const uint8_t *data, unsigned int length);
+ uint32_t iov_crc32c(uint32_t crc, const struct iovec *iov, size_t iov_cnt);
+
+ #endif
+diff --git a/target/arm/helper.c b/target/arm/helper.c
+index 8fb4b474e8..cc5b2a8e99 100644
+--- a/target/arm/helper.c
++++ b/target/arm/helper.c
+@@ -12409,7 +12409,7 @@ uint32_t HELPER(crc32c)(uint32_t acc, uint32_t val, uint32_t bytes)
+ stl_le_p(buf, val);
+
+ /* Linux crc32c converts the output to one's complement. */
+- return crc32c(acc, buf, bytes) ^ 0xffffffff;
++ return qemu_crc32c(acc, buf, bytes) ^ 0xffffffff;
+ }
+
+ /*
+diff --git a/target/arm/tcg/helper-a64.c b/target/arm/tcg/helper-a64.c
+index c60d2a7ec9..d64912d4eb 100644
+--- a/target/arm/tcg/helper-a64.c
++++ b/target/arm/tcg/helper-a64.c
+@@ -514,7 +514,7 @@ uint64_t HELPER(crc32c_64)(uint64_t acc, uint64_t val, uint32_t bytes)
+ stq_le_p(buf, val);
+
+ /* Linux crc32c converts the output to one's complement. */
+- return crc32c(acc, buf, bytes) ^ 0xffffffff;
++ return qemu_crc32c(acc, buf, bytes) ^ 0xffffffff;
+ }
+
+ /*
+diff --git a/target/loongarch/tcg/op_helper.c b/target/loongarch/tcg/op_helper.c
+index fe79c62fa4..a90db6f4b9 100644
+--- a/target/loongarch/tcg/op_helper.c
++++ b/target/loongarch/tcg/op_helper.c
+@@ -77,7 +77,7 @@ target_ulong helper_crc32c(target_ulong val, target_ulong m, uint64_t sz)
+ target_ulong mask = ((sz * 8) == 64) ? -1ULL : ((1ULL << (sz * 8)) - 1);
+ m &= mask;
+ stq_le_p(buf, m);
+- return (int32_t) (crc32c(val, buf, sz) ^ 0xffffffff);
++ return (int32_t) (qemu_crc32c(val, buf, sz) ^ 0xffffffff);
+ }
+
+ target_ulong helper_cpucfg(CPULoongArchState *env, target_ulong rj)
+diff --git a/util/crc32c.c b/util/crc32c.c
+index ea7f345de8..2780a5c698 100644
+--- a/util/crc32c.c
++++ b/util/crc32c.c
+@@ -105,7 +105,7 @@ static const uint32_t crc32c_table[256] = {
+ };
+
+
+-uint32_t crc32c(uint32_t crc, const uint8_t *data, unsigned int length)
++uint32_t qemu_crc32c(uint32_t crc, const uint8_t *data, unsigned int length)
+ {
+ while (length--) {
+ crc = crc32c_table[(crc ^ *data++) & 0xFFL] ^ (crc >> 8);
+@@ -116,7 +116,7 @@ uint32_t crc32c(uint32_t crc, const uint8_t *data, unsigned int length)
+ uint32_t iov_crc32c(uint32_t crc, const struct iovec *iov, size_t iov_cnt)
+ {
+ while (iov_cnt--) {
+- crc = crc32c(crc, iov->iov_base, iov->iov_len) ^ 0xffffffff;
++ crc = qemu_crc32c(crc, iov->iov_base, iov->iov_len) ^ 0xffffffff;
+ iov++;
+ }
+ return crc ^ 0xffffffff;
diff --git a/third_party/nix/pkgs/util-linux/BUILD.bazel b/third_party/nix/pkgs/util-linux/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/nix/pkgs/util-linux/BUILD.bazel
diff --git a/third_party/nix/pkgs/util-linux/default.nix b/third_party/nix/pkgs/util-linux/default.nix
new file mode 100644
index 0000000..1935cd3
--- /dev/null
+++ b/third_party/nix/pkgs/util-linux/default.nix
@@ -0,0 +1,11 @@
+{ pkgs }: with pkgs;
+util-linux.override (old: {
+ pamSupport = false;
+ ncursesSupport = false;
+ capabilitiesSupport = false;
+ systemdSupport = false;
+ translateManpages = false;
+ nlsSupport = false;
+ shadowSupport = false;
+ writeSupport = false;
+})
diff --git a/third_party/nix/sources.json b/third_party/nix/sources.json
index 64f092e..cab06c9 100644
--- a/third_party/nix/sources.json
+++ b/third_party/nix/sources.json
@@ -5,10 +5,10 @@
"homepage": null,
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "265df80a8c6cfe3e9012788d8d7f95b98850267e",
- "sha256": "17p3nqh8bs66x1g9mdvixlsc23g0g7g1v9k94q7adn6n5ijps08m",
+ "rev": "ffdcefdde9a4e540d1c875767da0e382e1ccf460",
+ "sha256": "1ws459m6pb07cy4n5xj5zx6i2d9xjk3xfl369s5jjvrblzlyq6mf",
"type": "tarball",
- "url": "https://github.com/NixOS/nixpkgs/archive/265df80a8c6cfe3e9012788d8d7f95b98850267e.tar.gz",
+ "url": "https://github.com/NixOS/nixpkgs/archive/ffdcefdde9a4e540d1c875767da0e382e1ccf460.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}