<gchristensen>
I've mentioned the idea of a bash linker for nixpkgs, taking a .sh and converting all the things which will be exec()'d in to absolute paths to avoid PATH munging. I'm remindend yet again why I want this -- to verify that all the things I call are actually callable
<samueldr>
why limit this to bash? :)
<gchristensen>
yeah, doing it for more than just bash would be great too of course
<samueldr>
in any case, it's a hard problem
<gchristensen>
start with an LD_PRELOAD which restricts exec() permission to a defined subset, passed in through a sidechannel ignoring PATH
<samueldr>
>> converting all the things which will be exec()'d
<samueldr>
how do you get "all" the things?
<samueldr>
read tmp; $tmp
<samueldr>
just finished building
<samueldr>
it boots
<gchristensen>
nice
<gchristensen>
nice!!
<gchristensen>
well that is the hard part
<gchristensen>
"all" thethings
<gchristensen>
you'd have to parse the script to do it, and possibly have special notation for things like xargs
<samueldr>
though it would be nice having a "bash but with implicit exec disabled"
<samueldr>
so that you need to do something like `spawn something` to run that something
<samueldr>
and as a next step, only through full path names
<gchristensen>
yea
<samueldr>
oops, I was done with the VM and powered it off, but powered done the host... but I don't need the host anyway and was about to tell you you can destroy it
<gchristensen>
haha
<gchristensen>
cool
<gchristensen>
you have it all working, though? looks good and all that jazz?
<gchristensen>
how exciting
<samueldr>
the same VM which worked on other hosts, so nothing ready for hydra inclusion, but we know that this VM boots on that hardware
<samueldr>
compared to previous tries
<gchristensen>
great
<gchristensen>
next step, then, is packaging up the cross-compiled VM in to a Nix expression like a cross between aarch64 & macOS builders
<samueldr>
yep
<samueldr>
another tangential thing may be to add a jobset for the required cross-compilation subset on hydra
* colemickens
is curious what you two are doing, if you're feeling chatty or have a link
<samueldr>
*in a previous #nixos-aarch64 episode*
<samueldr>
setting up an aarch64 machine to build native armv7l through virtualization
<samueldr>
this was attempted even before that, but had issues with what we were trying on that hardware
t184256 has left #nixos-aarch64 ["Disconnected: Replaced by new connection"]
t184256 has joined #nixos-aarch64
lovesegfault has joined #nixos-aarch64
<rajivr___>
We are trying to bring up NixOS on a new platform, which we hope we can eventually upstream. Just wanted to get a sense of where the correct starting point would be.
<lovesegfault>
rajivr___: talk to gchristensen, samueldr
<lovesegfault>
Both are asleep right now though; the former is in US TZ, IIRC; and the latter in EU, AFAIK
<rajivr___>
Thanks. Will wait for pointers from them.
<thefloweringash>
might I ask which platform you're targetting?
<lovesegfault>
Please say Power rajivr___
<rajivr___>
No. :-) Its Xilinx ZynqMP
<lovesegfault>
rajivr___: Isn't that ARMv7?
<lovesegfault>
Or some ARM
<rajivr___>
Its ARMv8-A
<lovesegfault>
rajivr___: Can't you use aarch64?
<DigitalKiwi>
did samueldr move or vaca? both of them are in NA
<rajivr___>
Yes, we can.
<lovesegfault>
Or do you want the ARMv7-A compat mode?
<lovesegfault>
Oh, nice, then you're in luck; aarch64 is upstream, and in the binary cache, etc; you'll only need a small amount (I hope) of board-specific pks
<lovesegfault>
*pkgs
<rajivr___>
Yes. The only hard part is going to be Nix as I am relatively new to it.
<rajivr___>
In anycase, I wanted to understand the difference between `cross-system` and `nixos-on-arm`
<lovesegfault>
rajivr___: As a preliminary test, is there some vanilla distro you can set up on it? e.g. Debian, Ubuntu
<lovesegfault>
You might want to do that, and then install Nix on those and play around
<rajivr___>
Yes, ZynqMP is fairly well supported on other OSes.
<rajivr___>
Especially Yocto.
<lovesegfault>
Yocto is neat :)
<thefloweringash>
disclaimer: I'm not either of the authors, but: "cross-system" is a very small set of tweaks around upstream nixos to make it possible to build via cross compilation, mostly disabling things that don't build. "nixos-on-arm" is a lot of extra effort to make that nicer by supporting specific devices and various image types.
<thefloweringash>
if you have the appropriate uboot you might be able to put a completely standard image on an sdcard and have it just work
<rajivr___>
Thanks for the pointer. I did manage to get `nixos-on-arm` working on raspberry pi, then discovered `cross-system`. I'll try to get `cross-system` working and understand the pattern that samueldr is following.
<sphalerite>
lovesegfault: samueldr is in Canada :)
<sphalerite>
rajivr___: since it's aarch64, I'd recommend keeping away from cross-building and sticking to native stuff. It's a lot easier and also doesn't involve building everything yourself.
<lovesegfault>
sphalerite: I stand corrected :)
<rajivr___>
I understand. But we will need a working `cross-system` too - maybe not all packages, but a small subset is fine.
zupo has joined #nixos-aarch64
zupo has quit [Client Quit]
<sphalerite>
samueldr: which nixpkgs revision have you been doing mobile-nixos stuff on? On current nixos-unstable, glibc fails to cross-build
<thefloweringash>
is staging still not merged?
zupo has joined #nixos-aarch64
<lovesegfault>
thefloweringash: I think it isn't, the queue has been very empty