lib, stdenv: Check meta.platforms against host platform and be open world

First, we need check against the host platform, not the build platform.
That's simple enough.

Second, we move away from exahustive finite case analysis (i.e.
exhaustively listing all platforms the package builds on). That only
work in a closed-world setting, where we know all platforms we might
build one. But with cross compilation, we may be building for arbitrary
platforms, So we need fancier filters. This is the closed world to open
world change.

The solution is instead of having a list of systems (strings in the form
"foo-bar"), we have a list of of systems or "patterns", i.e. attributes
that partially match the output of the parsers in `lib.systems.parse`.
The "check meta" logic treats the systems strings as an exact whitelist
just as before, but treats the patterns as a fuzzy whitelist,
intersecting the actual `hostPlatform` with the pattern and then
checking for equality. (This is done using `matchAttrs`).

The default convenience lists for `meta.platforms` are now changed to be
lists of patterns (usually a single pattern) in
`lib/systems/for-meta.nix` for maximum flexibility under this new
system.

Fixes #30902
This commit is contained in:
John Ericson 2018-01-31 00:11:03 -05:00
parent 4c52e34ca6
commit c26252af3e
6 changed files with 41 additions and 8 deletions

View File

@ -47,7 +47,7 @@ let
filesystem = callLibs ./filesystem.nix;
# back-compat aliases
platforms = systems.doubles;
platforms = systems.forMeta;
inherit (builtins) add addErrorContext attrNames
concatLists deepSeq elem elemAt filter genericClosure genList

View File

@ -3,6 +3,7 @@
rec {
doubles = import ./doubles.nix { inherit lib; };
forMeta = import ./for-meta.nix { inherit lib; };
parse = import ./parse.nix { inherit lib; };
inspect = import ./inspect.nix { inherit lib; };
platforms = import ./platforms.nix { inherit lib; };

View File

@ -30,14 +30,14 @@ in rec {
aarch64 = filterDoubles predicates.isAarch64;
x86 = filterDoubles predicates.isx86;
i686 = filterDoubles predicates.isi686;
mips = filterDoubles predicates.isMips;
x86_64 = filterDoubles predicates.isx86_64;
mips = filterDoubles predicates.isMips;
cygwin = filterDoubles predicates.isCygwin;
darwin = filterDoubles predicates.isDarwin;
freebsd = filterDoubles predicates.isFreeBSD;
# Should be better, but MinGW is unclear, and HURD is bit-rotted.
gnu = filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnu; });
gnu = filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnu; });
illumos = filterDoubles predicates.isSunOS;
linux = filterDoubles predicates.isLinux;
netbsd = filterDoubles predicates.isNetBSD;

27
lib/systems/for-meta.nix Normal file
View File

@ -0,0 +1,27 @@
{ lib }:
let
inherit (lib.systems) parse;
inherit (lib.systems.inspect) patterns;
in rec {
inherit (lib.systems.doubles) all mesaPlatforms;
none = [];
arm = [ patterns.Arm ];
aarch64 = [ patterns.Aarch64 ];
x86 = [ patterns.x86 ];
i686 = [ patterns.i686 ];
x86_64 = [ patterns.x86_64 ];
mips = [ patterns.Mips ];
cygwin = [ patterns.Cygwin ];
darwin = [ patterns.Darwin ];
freebsd = [ patterns.FreeBSD ];
# Should be better, but MinGW is unclear, and HURD is bit-rotted.
gnu = [ { kernel = parse.kernels.linux; abi = parse.abis.gnu; } ];
illumos = [ patterns.SunOS ];
linux = [ patterns.Linux ];
netbsd = [ patterns.NetBSD ];
openbsd = [ patterns.OpenBSD ];
unix = patterns.Unix; # Actually a list
}

View File

@ -1,7 +1,7 @@
# Checks derivation meta and attrs for problems (like brokenness,
# licenses, etc).
{ lib, config, system, meta }:
{ lib, config, hostPlatform, meta }:
let
# See discussion at https://github.com/NixOS/nixpkgs/pull/25304#issuecomment-298385426
@ -144,7 +144,7 @@ let
license = either (listOf lib.types.attrs) (either lib.types.attrs str);
maintainers = listOf str;
priority = int;
platforms = listOf str;
platforms = listOf (either str lib.systems.parsed.types.system);
hydraPlatforms = listOf str;
broken = bool;
@ -173,6 +173,11 @@ let
else "key '${k}' is unrecognized; expected one of: \n\t [${lib.concatMapStringsSep ", " (x: "'${x}'") (lib.attrNames metaTypes)}]";
checkMeta = meta: if shouldCheckMeta then lib.remove null (lib.mapAttrsToList checkMetaAttr meta) else [];
checkPlatform = attrs: let
raw = attrs.meta.platforms;
uniform = map (x: if builtins.isString x then { system = x; } else { parsed = x; }) raw;
in lib.any (pat: lib.matchAttrs pat hostPlatform) uniform;
# Check if a derivation is valid, that is whether it passes checks for
# e.g brokenness or license.
#
@ -186,8 +191,8 @@ let
{ valid = false; reason = "blacklisted"; errormsg = "has a blacklisted license (${showLicense attrs.meta.license})"; }
else if !allowBroken && attrs.meta.broken or false then
{ valid = false; reason = "broken"; errormsg = "is marked as broken"; }
else if !allowUnsupportedSystem && !allowBroken && attrs.meta.platforms or null != null && !lib.lists.elem system attrs.meta.platforms then
{ valid = false; reason = "broken"; errormsg = "is not supported on ${system}"; }
else if !allowUnsupportedSystem && !allowBroken && attrs.meta.platforms or null != null && !(checkPlatform attrs) then
{ valid = false; reason = "broken"; errormsg = "is not supported on ${hostPlatform.config}"; }
else if !(hasAllowedInsecure attrs) then
{ valid = false; reason = "insecure"; errormsg = "is marked as insecure"; }
else let res = checkMeta (attrs.meta or {}); in if res != [] then

View File

@ -207,7 +207,7 @@ rec {
inherit lib config meta;
# Nix itself uses the `system` field of a derivation to decide where
# to build it. This is a bit confusing for cross compilation.
inherit (stdenv) system;
inherit (stdenv) hostPlatform;
} attrs;
# The meta attribute is passed in the resulting attribute set,