diff --git a/nix-meson-build-support/common/meson.build b/nix-meson-build-support/common/meson.build index 179268d80..b9140256a 100644 --- a/nix-meson-build-support/common/meson.build +++ b/nix-meson-build-support/common/meson.build @@ -10,6 +10,7 @@ add_project_arguments( '-Werror=suggest-override', '-Werror=switch', '-Werror=switch-enum', + '-Werror=undef', '-Werror=unused-result', '-Werror=sign-compare', '-Wignored-qualifiers', diff --git a/src/build-remote/build-remote.cc b/src/build-remote/build-remote.cc index b4eaa389b..60247b735 100644 --- a/src/build-remote/build-remote.cc +++ b/src/build-remote/build-remote.cc @@ -5,7 +5,7 @@ #include #include #include -#if __APPLE__ +#ifdef __APPLE__ #include #endif @@ -225,7 +225,7 @@ static int main_build_remote(int argc, char * * argv) break; } -#if __APPLE__ +#ifdef __APPLE__ futimes(bestSlotLock.get(), NULL); #else futimens(bestSlotLock.get(), NULL); diff --git a/src/libexpr-tests/main.cc b/src/libexpr-tests/main.cc index 6fdaa9178..52cca53c4 100644 --- a/src/libexpr-tests/main.cc +++ b/src/libexpr-tests/main.cc @@ -14,7 +14,7 @@ int main (int argc, char **argv) { // Disable build hook. We won't be testing remote builds in these unit tests. If we do, fix the above build hook. settings.buildHook = {}; - #if __linux__ // should match the conditional around sandboxBuildDir declaration. + #ifdef __linux__ // should match the conditional around sandboxBuildDir declaration. // When building and testing nix within the host's Nix sandbox, our store dir will be located in the host's sandboxBuildDir, e.g.: // Host @@ -27,7 +27,7 @@ int main (int argc, char **argv) { settings.sandboxBuildDir = "/test-build-dir-instead-of-usual-build-dir"; #endif - #if __APPLE__ + #ifdef __APPLE__ // Avoid this error, when already running in a sandbox: // sandbox-exec: sandbox_apply: Operation not permitted settings.sandboxMode = smDisabled; diff --git a/src/libexpr/eval-gc.cc b/src/libexpr/eval-gc.cc index 6fc5ac334..bec668001 100644 --- a/src/libexpr/eval-gc.cc +++ b/src/libexpr/eval-gc.cc @@ -10,7 +10,7 @@ #if NIX_USE_BOEHMGC # include -# if __FreeBSD__ +# ifdef __FreeBSD__ # include # endif diff --git a/src/libexpr/expr-config.hh b/src/libexpr/expr-config.hh new file mode 100644 index 000000000..e28b461c0 --- /dev/null +++ b/src/libexpr/expr-config.hh @@ -0,0 +1,3 @@ +// TODO: Remove this damn file while keeping public config headers working +#error \ + "This file is a placeholder. It only exists so that meson accepts the symbolic link include/nix/expr/config.hh to this file, but we expect meson to overwrite it with the real file. Apparently that did not happen. I deeply apologize for this mess." diff --git a/src/libexpr/include/nix/expr/config.hh b/src/libexpr/include/nix/expr/config.hh new file mode 120000 index 000000000..45d3ca29d --- /dev/null +++ b/src/libexpr/include/nix/expr/config.hh @@ -0,0 +1 @@ +../../../expr-config.hh \ No newline at end of file diff --git a/src/libexpr/include/nix/expr/meson.build b/src/libexpr/include/nix/expr/meson.build index 01275e52e..3eb80de68 100644 --- a/src/libexpr/include/nix/expr/meson.build +++ b/src/libexpr/include/nix/expr/meson.build @@ -10,6 +10,7 @@ config_pub_h = configure_file( headers = [config_pub_h] + files( 'attr-path.hh', 'attr-set.hh', + 'config.hh', 'eval-cache.hh', 'eval-error.hh', 'eval-gc.hh', diff --git a/src/libexpr/meson.build b/src/libexpr/meson.build index 2e773938d..402bca0e1 100644 --- a/src/libexpr/meson.build +++ b/src/libexpr/meson.build @@ -79,6 +79,11 @@ config_priv_h = configure_file( output : 'expr-config-private.hh', ) +config_pub_h = configure_file( + configuration : configdata_pub, + output : 'expr-config.hh', +) + subdir('nix-meson-build-support/common') parser_tab = custom_target( @@ -163,6 +168,8 @@ subdir('primops') subdir('nix-meson-build-support/export-all-symbols') subdir('nix-meson-build-support/windows-version') +headers += [config_pub_h] + this_library = library( 'nixexpr', sources, @@ -181,4 +188,8 @@ install_headers(headers, subdir : 'nix/expr', preserve_path : true) libraries_private = [] +nixexpr_dep = declare_dependency( + include_directories : include_directories('.'), + link_with : this_library, +) subdir('nix-meson-build-support/export') diff --git a/src/libmain/meson.build b/src/libmain/meson.build index 414fc679f..4f78d265b 100644 --- a/src/libmain/meson.build +++ b/src/libmain/meson.build @@ -17,6 +17,8 @@ subdir('nix-meson-build-support/deps-lists') configdata = configuration_data() deps_private_maybe_subproject = [ + # This dependency may be very limited; was introduced for NIX_USE_BOEHMGC macro dependency + dependency('nix-expr'), ] deps_public_maybe_subproject = [ dependency('nix-util'), diff --git a/src/libmain/package.nix b/src/libmain/package.nix index 949603464..7b0a4dee7 100644 --- a/src/libmain/package.nix +++ b/src/libmain/package.nix @@ -6,6 +6,7 @@ nix-util, nix-store, + nix-expr, # Configuration Options @@ -33,6 +34,10 @@ mkMesonLibrary (finalAttrs: { ]; propagatedBuildInputs = [ + # FIXME: This is only here for the NIX_USE_BOEHMGC macro dependency + # Removing nix-expr will make the build more concurrent and is + # architecturally nice, perhaps. + nix-expr nix-util nix-store openssl diff --git a/src/libmain/shared.cc b/src/libmain/shared.cc index 65bfcfbd5..7ff93f6d9 100644 --- a/src/libmain/shared.cc +++ b/src/libmain/shared.cc @@ -26,7 +26,7 @@ #include "nix/util/strings.hh" #include "main-config-private.hh" - +#include "nix/expr/config.hh" namespace nix { @@ -144,7 +144,7 @@ void initNix(bool loadConfig) if (sigaction(SIGUSR1, &act, 0)) throw SysError("handling SIGUSR1"); #endif -#if __APPLE__ +#ifdef __APPLE__ /* HACK: on darwin, we need can’t use sigprocmask with SIGWINCH. * Instead, add a dummy sigaction handler, and signalHandlerThread * can handle the rest. */ diff --git a/src/libstore-tests/meson.build b/src/libstore-tests/meson.build index 1822a3520..eb3d14530 100644 --- a/src/libstore-tests/meson.build +++ b/src/libstore-tests/meson.build @@ -40,6 +40,9 @@ deps_private += gtest configdata = configuration_data() configdata.set_quoted('PACKAGE_VERSION', meson.project_version()) +aws_s3 = dependency('aws-cpp-sdk-s3', required : false) +configdata.set('ENABLE_S3', aws_s3.found().to_int()) + config_priv_h = configure_file( configuration : configdata, output : 'store-tests-config.hh', diff --git a/src/libstore-tests/s3-binary-cache-store.cc b/src/libstore-tests/s3-binary-cache-store.cc index be338084f..dbb414f2b 100644 --- a/src/libstore-tests/s3-binary-cache-store.cc +++ b/src/libstore-tests/s3-binary-cache-store.cc @@ -1,3 +1,4 @@ +#include "store-tests-config.hh" #if ENABLE_S3 # include diff --git a/src/libstore/filetransfer.cc b/src/libstore/filetransfer.cc index bf58cb2b3..6de458823 100644 --- a/src/libstore/filetransfer.cc +++ b/src/libstore/filetransfer.cc @@ -8,11 +8,12 @@ #include "nix/util/callback.hh" #include "nix/util/signals.hh" +#include "store-config-private.hh" #if ENABLE_S3 #include #endif -#if __linux__ +#ifdef __linux__ # include "nix/util/namespaces.hh" #endif @@ -621,7 +622,7 @@ struct curlFileTransfer : public FileTransfer }); #endif - #if __linux__ + #ifdef __linux__ try { tryUnshareFilesystem(); } catch (nix::Error & e) { diff --git a/src/libstore/gc.cc b/src/libstore/gc.cc index 5e56be7f3..db91e5213 100644 --- a/src/libstore/gc.cc +++ b/src/libstore/gc.cc @@ -335,7 +335,7 @@ static std::string quoteRegexChars(const std::string & raw) return std::regex_replace(raw, specialRegex, R"(\$&)"); } -#if __linux__ +#ifdef __linux__ static void readFileRoots(const std::filesystem::path & path, UncheckedRoots & roots) { try { @@ -427,7 +427,7 @@ void LocalStore::findRuntimeRoots(Roots & roots, bool censor) } #endif -#if __linux__ +#ifdef __linux__ readFileRoots("/proc/sys/kernel/modprobe", unchecked); readFileRoots("/proc/sys/kernel/fbsplash", unchecked); readFileRoots("/proc/sys/kernel/poweroff_cmd", unchecked); diff --git a/src/libstore/globals.cc b/src/libstore/globals.cc index a3633b084..1df0a846e 100644 --- a/src/libstore/globals.cc +++ b/src/libstore/globals.cc @@ -25,7 +25,7 @@ # include #endif -#if __APPLE__ +#ifdef __APPLE__ # include "nix/util/processes.hh" #endif @@ -90,7 +90,7 @@ Settings::Settings() #endif /* chroot-like behavior from Apple's sandbox */ -#if __APPLE__ +#ifdef __APPLE__ sandboxPaths = tokenizeString("/System/Library/Frameworks /System/Library/PrivateFrameworks /bin/sh /bin/bash /private/tmp /private/var/tmp /usr/lib"); allowedImpureHostPrefixes = tokenizeString("/System/Library /usr/lib /dev /bin/sh"); #endif @@ -151,7 +151,7 @@ unsigned int Settings::getDefaultCores() return concurrency; } -#if __APPLE__ +#ifdef __APPLE__ static bool hasVirt() { int hasVMM; @@ -181,16 +181,16 @@ StringSet Settings::getDefaultSystemFeatures() actually require anything special on the machines. */ StringSet features{"nixos-test", "benchmark", "big-parallel"}; - #if __linux__ + #ifdef __linux__ features.insert("uid-range"); #endif - #if __linux__ + #ifdef __linux__ if (access("/dev/kvm", R_OK | W_OK) == 0) features.insert("kvm"); #endif - #if __APPLE__ + #ifdef __APPLE__ if (hasVirt()) features.insert("apple-virt"); #endif @@ -205,7 +205,7 @@ StringSet Settings::getDefaultExtraPlatforms() if (std::string{NIX_LOCAL_SYSTEM} == "x86_64-linux" && !isWSL1()) extraPlatforms.insert("i686-linux"); -#if __linux__ +#ifdef __linux__ StringSet levels = computeLevels(); for (auto iter = levels.begin(); iter != levels.end(); ++iter) extraPlatforms.insert(*iter + "-linux"); @@ -224,7 +224,7 @@ StringSet Settings::getDefaultExtraPlatforms() bool Settings::isWSL1() { -#if __linux__ +#ifdef __linux__ struct utsname utsbuf; uname(&utsbuf); // WSL1 uses -Microsoft suffix @@ -374,7 +374,7 @@ void initLibStore(bool loadConfig) { [1] https://github.com/apple-oss-distributions/objc4/blob/01edf1705fbc3ff78a423cd21e03dfc21eb4d780/runtime/objc-initialize.mm#L614-L636 */ curl_global_init(CURL_GLOBAL_ALL); -#if __APPLE__ +#ifdef __APPLE__ /* On macOS, don't use the per-session TMPDIR (as set e.g. by sshd). This breaks build users because they don't have access to the TMPDIR, in particular in ‘nix-store --serve’. */ diff --git a/src/libstore/include/nix/store/globals.hh b/src/libstore/include/nix/store/globals.hh index 4c4395e05..82211d8dc 100644 --- a/src/libstore/include/nix/store/globals.hh +++ b/src/libstore/include/nix/store/globals.hh @@ -34,7 +34,7 @@ struct MaxBuildJobsSetting : public BaseSetting }; const uint32_t maxIdsPerBuild = - #if __linux__ + #ifdef __linux__ 1 << 16 #else 1 @@ -467,7 +467,7 @@ public: )", {}, true, Xp::AutoAllocateUids}; Setting startId{this, - #if __linux__ + #ifdef __linux__ 0x34000000, #else 56930, @@ -476,7 +476,7 @@ public: "The first UID and GID to use for dynamic ID allocation."}; Setting uidCount{this, - #if __linux__ + #ifdef __linux__ maxIdsPerBuild * 128, #else 128, @@ -484,7 +484,7 @@ public: "id-count", "The number of UIDs/GIDs to use for dynamic ID allocation."}; - #if __linux__ + #ifdef __linux__ Setting useCgroups{ this, false, "use-cgroups", R"( @@ -596,7 +596,7 @@ public: Setting sandboxMode{ this, - #if __linux__ + #ifdef __linux__ smEnabled #else smDisabled @@ -671,7 +671,7 @@ public: )"}; #endif -#if __linux__ +#ifdef __linux__ Setting sandboxShmSize{ this, "50%", "sandbox-dev-shm-size", R"( @@ -708,7 +708,7 @@ public: Setting allowedImpureHostPrefixes{this, {}, "allowed-impure-host-deps", "Which prefixes to allow derivations to ask for access to (primarily for Darwin)."}; -#if __APPLE__ +#ifdef __APPLE__ Setting darwinLogSandboxViolations{this, false, "darwin-log-sandbox-violations", "Whether to log Darwin sandbox access violations to the system log."}; #endif @@ -1066,7 +1066,7 @@ public: // Don't document the machine-specific default value false}; -#if __linux__ +#ifdef __linux__ Setting filterSyscalls{ this, true, "filter-syscalls", R"( diff --git a/src/libstore/include/nix/store/s3.hh b/src/libstore/include/nix/store/s3.hh index c49fa3fb8..5ac5b9a9f 100644 --- a/src/libstore/include/nix/store/s3.hh +++ b/src/libstore/include/nix/store/s3.hh @@ -1,6 +1,6 @@ #pragma once ///@file - +#include "store-config-private.hh" #if ENABLE_S3 #include "nix/util/ref.hh" diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc index b26fdeed8..fff0b35bf 100644 --- a/src/libstore/local-store.cc +++ b/src/libstore/local-store.cc @@ -38,7 +38,7 @@ # include #endif -#if __linux__ +#ifdef __linux__ # include # include # include @@ -571,7 +571,7 @@ void LocalStore::upgradeDBSchema(State & state) bind mount. So make the Nix store writable for this process. */ void LocalStore::makeStoreWritable() { -#if __linux__ +#ifdef __linux__ if (!isRootUser()) return; /* Check if /nix/store is on a read-only mount. */ struct statvfs stat; diff --git a/src/libstore/meson.build b/src/libstore/meson.build index 2f16bf66f..e9f817482 100644 --- a/src/libstore/meson.build +++ b/src/libstore/meson.build @@ -158,6 +158,7 @@ if get_option('embedded-sandbox-shell') # The path to busybox is passed as a -D flag when compiling this_library. # This solution is inherited from the old make buildsystem # TODO: do this differently? + # TODO: at least define it unconditionally, so we get checking from -Wundef configdata_priv.set('HAVE_EMBEDDED_SANDBOX_SHELL', 1) hexdump = find_program('hexdump', native : true) embedded_sandbox_shell_gen = custom_target( @@ -181,6 +182,11 @@ config_priv_h = configure_file( output : 'store-config-private.hh', ) +config_pub_h = configure_file( + configuration : configdata_pub, + output : 'store-config.hh', +) + subdir('nix-meson-build-support/common') sources = files( @@ -363,7 +369,7 @@ this_library = library( install : true, ) -install_headers(headers, subdir : 'nix/store', preserve_path : true) +install_headers(headers + [ config_pub_h ], subdir : 'nix/store', preserve_path : true) libraries_private = [] diff --git a/src/libstore/optimise-store.cc b/src/libstore/optimise-store.cc index 17e13758b..277795053 100644 --- a/src/libstore/optimise-store.cc +++ b/src/libstore/optimise-store.cc @@ -13,6 +13,7 @@ #include #include +#include "store-config-private.hh" namespace nix { @@ -96,7 +97,7 @@ void LocalStore::optimisePath_(Activity * act, OptimiseStats & stats, auto st = lstat(path); -#if __APPLE__ +#ifdef __APPLE__ /* HFS/macOS has some undocumented security feature disabling hardlinking for special files within .app dirs. Known affected paths include *.app/Contents/{PkgInfo,Resources/\*.lproj,_CodeSignature} and .DS_Store. diff --git a/src/libstore/posix-fs-canonicalise.cc b/src/libstore/posix-fs-canonicalise.cc index df51ba307..aeb35eab5 100644 --- a/src/libstore/posix-fs-canonicalise.cc +++ b/src/libstore/posix-fs-canonicalise.cc @@ -58,7 +58,7 @@ static void canonicalisePathMetaData_( { checkInterrupt(); -#if __APPLE__ +#ifdef __APPLE__ /* Remove flags, in particular UF_IMMUTABLE which would prevent the file from being garbage-collected. FIXME: Use setattrlist() to remove other attributes as well. */ diff --git a/src/libstore/s3-binary-cache-store.cc b/src/libstore/s3-binary-cache-store.cc index e76a508ba..4e51e728a 100644 --- a/src/libstore/s3-binary-cache-store.cc +++ b/src/libstore/s3-binary-cache-store.cc @@ -1,3 +1,4 @@ +#include "store-config-private.hh" #if ENABLE_S3 #include diff --git a/src/libstore/store-api.cc b/src/libstore/store-api.cc index 6721a6f2d..9e606d0ab 100644 --- a/src/libstore/store-api.cc +++ b/src/libstore/store-api.cc @@ -1328,7 +1328,7 @@ ref openStore(StoreReference && storeURI) return std::make_shared(params); else if (pathExists(settings.nixDaemonSocketFile)) return std::make_shared(params); - #if __linux__ + #ifdef __linux__ else if (!pathExists(stateDir) && params.empty() && !isRootUser() diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc index 5616b605b..185c98bb6 100644 --- a/src/libstore/unix/build/local-derivation-goal.cc +++ b/src/libstore/unix/build/local-derivation-goal.cc @@ -42,7 +42,7 @@ #endif /* Includes required for chroot support. */ -#if __linux__ +#ifdef __linux__ # include "nix/store/fchmodat2-compat.hh" # include # include @@ -61,7 +61,7 @@ # include "nix/store/personality.hh" #endif -#if __APPLE__ +#ifdef __APPLE__ #include #include #include @@ -77,6 +77,8 @@ extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, #include "nix/util/strings.hh" #include "nix/util/signals.hh" +#include "store-config-private.hh" + namespace nix { struct LocalDerivationGoal : DerivationGoal, RestrictionContext @@ -416,7 +418,7 @@ LocalDerivationGoal::~LocalDerivationGoal() inline bool LocalDerivationGoal::needsHashRewrite() { -#if __linux__ +#ifdef __linux__ return !useChroot; #else /* Darwin requires hash rewriting even when sandboxing is enabled. */ @@ -457,7 +459,7 @@ void LocalDerivationGoal::killChild() void LocalDerivationGoal::killSandbox(bool getStats) { if (cgroup) { - #if __linux__ + #ifdef __linux__ auto stats = destroyCgroup(*cgroup); if (getStats) { buildResult.cpuUser = stats.cpuUser; @@ -496,7 +498,7 @@ Goal::Co LocalDerivationGoal::tryLocalBuild() if (drvOptions->noChroot) throw Error("derivation '%s' has '__noChroot' set, " "but that's not allowed when 'sandbox' is 'true'", worker.store.printStorePath(drvPath)); -#if __APPLE__ +#ifdef __APPLE__ if (drvOptions->additionalSandboxProfile != "") throw Error("derivation '%s' specifies a sandbox profile, " "but this is only allowed when 'sandbox' is 'relaxed'", worker.store.printStorePath(drvPath)); @@ -511,14 +513,14 @@ Goal::Co LocalDerivationGoal::tryLocalBuild() auto & localStore = getLocalStore(); if (localStore.storeDir != localStore.realStoreDir.get()) { - #if __linux__ + #ifdef __linux__ useChroot = true; #else throw Error("building using a diverted store is not supported on this platform"); #endif } - #if __linux__ + #ifdef __linux__ if (useChroot) { if (!mountAndPidNamespacesSupported()) { if (!settings.sandboxFallback) @@ -745,7 +747,7 @@ bool LocalDerivationGoal::cleanupDecideWhetherDiskFull() } -#if __linux__ +#ifdef __linux__ static void doBind(const Path & source, const Path & target, bool optional = false) { debug("bind mounting '%1%' to '%2%'", source, target); @@ -818,12 +820,12 @@ static void handleChildException(bool sendException) void LocalDerivationGoal::startBuilder() { if ((buildUser && buildUser->getUIDCount() != 1) - #if __linux__ + #ifdef __linux__ || settings.useCgroups #endif ) { - #if __linux__ + #ifdef __linux__ experimentalFeatureSettings.require(Xp::Cgroups); /* If we're running from the daemon, then this will return the @@ -890,7 +892,7 @@ void LocalDerivationGoal::startBuilder() /* Create a temporary directory where the build will take place. */ topTmpDir = createTempDir(settings.buildDir.get().value_or(""), "nix-build-" + std::string(drvPath.name()), false, false, 0700); -#if __APPLE__ +#ifdef __APPLE__ if (false) { #else if (useChroot) { @@ -1069,7 +1071,7 @@ void LocalDerivationGoal::startBuilder() pathsInChroot[i] = {i, true}; } -#if __linux__ +#ifdef __linux__ /* Create a temporary directory in which we set up the chroot environment using bind-mounts. We put it in the Nix store so that the build outputs can be moved efficiently from the @@ -1168,7 +1170,7 @@ void LocalDerivationGoal::startBuilder() #else if (drvOptions->useUidRange(*drv)) throw Error("feature 'uid-range' is not supported on this platform"); - #if __APPLE__ + #ifdef __APPLE__ /* We don't really have any parent prep work to do (yet?) All work happens in the child, instead. */ #else @@ -1248,7 +1250,7 @@ void LocalDerivationGoal::startBuilder() if (chown(slaveName.c_str(), buildUser->getUID(), 0)) throw SysError("changing owner of pseudoterminal slave"); } -#if __APPLE__ +#ifdef __APPLE__ else { if (grantpt(builderOut.get())) throw SysError("granting access to pseudoterminal slave"); @@ -1283,7 +1285,7 @@ void LocalDerivationGoal::startBuilder() /* Fork a child to build the package. */ -#if __linux__ +#ifdef __linux__ if (useChroot) { /* Set up private namespaces for the build: @@ -1480,7 +1482,7 @@ void LocalDerivationGoal::initTmpDir() { /* In a sandbox, for determinism, always use the same temporary directory. */ -#if __linux__ +#ifdef __linux__ tmpDirInSandbox = useChroot ? settings.sandboxBuildDir : tmpDir; #else tmpDirInSandbox = tmpDir; @@ -1726,7 +1728,7 @@ void LocalDerivationGoal::addDependency(const StorePath & path) debug("materialising '%s' in the sandbox", worker.store.printStorePath(path)); - #if __linux__ + #ifdef __linux__ Path source = worker.store.Store::toRealPath(path); Path target = chrootRootDir + worker.store.printStorePath(path); @@ -1776,7 +1778,7 @@ void LocalDerivationGoal::chownToBuilder(const Path & path) void setupSeccomp() { -#if __linux__ +#ifdef __linux__ if (!settings.filterSyscalls) return; #if HAVE_SECCOMP scmp_filter_ctx ctx; @@ -1896,7 +1898,7 @@ void LocalDerivationGoal::runChild() } catch (SystemError &) { } } -#if __linux__ +#ifdef __linux__ if (useChroot) { userNamespaceSync.writeSide = -1; @@ -2015,7 +2017,7 @@ void LocalDerivationGoal::runChild() for (auto & i : pathsInChroot) { if (i.second.source == "/proc") continue; // backwards compatibility - #if HAVE_EMBEDDED_SANDBOX_SHELL + #ifdef HAVE_EMBEDDED_SANDBOX_SHELL if (i.second.source == "__embedded_sandbox_shell__") { static unsigned char sh[] = { #include "embedded-sandbox-shell.gen.hh" @@ -2130,7 +2132,7 @@ void LocalDerivationGoal::runChild() /* Close all other file descriptors. */ unix::closeExtraFDs(); -#if __linux__ +#ifdef __linux__ linux::setPersonality(drv->platform); #endif @@ -2169,7 +2171,7 @@ void LocalDerivationGoal::runChild() throw SysError("setuid failed"); } -#if __APPLE__ +#ifdef __APPLE__ /* This has to appear before import statements. */ std::string sandboxProfile = "(version 1)\n"; @@ -2340,7 +2342,7 @@ void LocalDerivationGoal::runChild() for (auto & i : drv->args) args.push_back(rewriteStrings(i, inputRewrites)); -#if __APPLE__ +#ifdef __APPLE__ posix_spawnattr_t attrp; if (posix_spawnattr_init(&attrp)) diff --git a/src/libstore/unix/user-lock.cc b/src/libstore/unix/user-lock.cc index 770b00e2d..eb0bac887 100644 --- a/src/libstore/unix/user-lock.cc +++ b/src/libstore/unix/user-lock.cc @@ -10,7 +10,7 @@ namespace nix { -#if __linux__ +#ifdef __linux__ static std::vector get_group_list(const char *username, gid_t group_id) { @@ -94,7 +94,7 @@ struct SimpleUserLock : UserLock if (lock->uid == getuid() || lock->uid == geteuid()) throw Error("the Nix user should not be a member of '%s'", settings.buildUsersGroup); - #if __linux__ + #ifdef __linux__ /* Get the list of supplementary groups of this user. This is * usually either empty or contains a group such as "kvm". */ @@ -193,7 +193,7 @@ std::unique_ptr acquireUserLock(uid_t nrIds, bool useUserNamespace) bool useBuildUsers() { - #if __linux__ + #ifdef __linux__ static bool b = (settings.buildUsersGroup != "" || settings.autoAllocateUids) && isRootUser(); return b; #elif __APPLE__ diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index 143d01085..487873ce6 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -17,7 +17,7 @@ namespace nix { struct ArchiveSettings : Config { Setting useCaseHack{this, - #if __APPLE__ + #ifdef __APPLE__ true, #else false, diff --git a/src/libutil/current-process.cc b/src/libutil/current-process.cc index 4103c0515..8aef47146 100644 --- a/src/libutil/current-process.cc +++ b/src/libutil/current-process.cc @@ -13,7 +13,7 @@ # include #endif -#if __linux__ +#ifdef __linux__ # include # include "nix/util/cgroup.hh" # include "nix/util/namespaces.hh" @@ -23,7 +23,7 @@ namespace nix { unsigned int getMaxCPU() { - #if __linux__ + #ifdef __linux__ try { auto cgroupFS = getCgroupFS(); if (!cgroupFS) return 0; @@ -82,7 +82,7 @@ void restoreProcessContext(bool restoreMounts) unix::restoreSignals(); #endif if (restoreMounts) { - #if __linux__ + #ifdef __linux__ restoreMountNamespace(); #endif } @@ -106,7 +106,7 @@ std::optional getSelfExe() { static auto cached = []() -> std::optional { - #if __linux__ || __GNU__ + #if defined(__linux__) || defined(__GNU__) return readLink("/proc/self/exe"); #elif __APPLE__ char buf[1024]; diff --git a/src/libutil/file-descriptor.cc b/src/libutil/file-descriptor.cc index 042edbf55..9e0827442 100644 --- a/src/libutil/file-descriptor.cc +++ b/src/libutil/file-descriptor.cc @@ -98,7 +98,7 @@ void AutoCloseFD::fsync() const result = #ifdef _WIN32 ::FlushFileBuffers(fd) -#elif __APPLE__ +#elif defined(__APPLE__) ::fcntl(fd, F_FULLFSYNC) #else ::fsync(fd) @@ -113,7 +113,7 @@ void AutoCloseFD::fsync() const void AutoCloseFD::startFsync() const { -#if __linux__ +#ifdef __linux__ if (fd != -1) { /* Ignore failure, since fsync must be run later anyway. This is just a performance optimization. */ ::sync_file_range(fd, 0, 0, SYNC_FILE_RANGE_WRITE); diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc index 769c477ed..39b03268d 100644 --- a/src/libutil/file-system.cc +++ b/src/libutil/file-system.cc @@ -576,7 +576,7 @@ Path createTempDir(const Path & tmpRoot, const Path & prefix, , mode #endif ) == 0) { -#if __FreeBSD__ +#ifdef __FreeBSD__ /* Explicitly set the group of the directory. This is to work around around problems caused by BSD's group ownership semantics (directories inherit the group of diff --git a/src/libutil/fs-sink.cc b/src/libutil/fs-sink.cc index aa46b3cd2..7b8fc3b2a 100644 --- a/src/libutil/fs-sink.cc +++ b/src/libutil/fs-sink.cc @@ -4,7 +4,7 @@ #include "nix/util/config-global.hh" #include "nix/util/fs-sink.hh" -#if _WIN32 +#ifdef _WIN32 # include # include "nix/util/file-path.hh" # include "nix/util/windows-error.hh" diff --git a/src/libutil/include/nix/util/file-descriptor.hh b/src/libutil/include/nix/util/file-descriptor.hh index 2e8b4ce10..4f13a9a8f 100644 --- a/src/libutil/include/nix/util/file-descriptor.hh +++ b/src/libutil/include/nix/util/file-descriptor.hh @@ -18,7 +18,7 @@ struct Source; * Operating System capability */ using Descriptor = -#if _WIN32 +#ifdef _WIN32 HANDLE #else int @@ -26,7 +26,7 @@ using Descriptor = ; const Descriptor INVALID_DESCRIPTOR = -#if _WIN32 +#ifdef _WIN32 INVALID_HANDLE_VALUE #else -1 diff --git a/src/libutil/terminal.cc b/src/libutil/terminal.cc index 77766fae1..fa0f7e871 100644 --- a/src/libutil/terminal.cc +++ b/src/libutil/terminal.cc @@ -2,7 +2,7 @@ #include "nix/util/environment-variables.hh" #include "nix/util/sync.hh" -#if _WIN32 +#ifdef _WIN32 # include # define WIN32_LEAN_AND_MEAN # include diff --git a/src/libutil/unix/file-descriptor.cc b/src/libutil/unix/file-descriptor.cc index 6ce307252..73ee49982 100644 --- a/src/libutil/unix/file-descriptor.cc +++ b/src/libutil/unix/file-descriptor.cc @@ -163,7 +163,7 @@ void Pipe::create() ////////////////////////////////////////////////////////////////////// -#if __linux__ || __FreeBSD__ +#if defined(__linux__) || defined(__FreeBSD__) static int unix_close_range(unsigned int first, unsigned int last, int flags) { #if !HAVE_CLOSE_RANGE @@ -179,7 +179,7 @@ void unix::closeExtraFDs() constexpr int MAX_KEPT_FD = 2; static_assert(std::max({STDIN_FILENO, STDOUT_FILENO, STDERR_FILENO}) == MAX_KEPT_FD); -#if __linux__ || __FreeBSD__ +#if defined(__linux__) || defined(__FreeBSD__) // first try to close_range everything we don't care about. if this // returns an error with these parameters we're running on a kernel // that does not implement close_range (i.e. pre 5.9) and fall back @@ -189,7 +189,7 @@ void unix::closeExtraFDs() } #endif -#if __linux__ +#ifdef __linux__ try { for (auto & s : std::filesystem::directory_iterator{"/proc/self/fd"}) { checkInterrupt(); diff --git a/src/libutil/unix/processes.cc b/src/libutil/unix/processes.cc index c436076ee..198243c20 100644 --- a/src/libutil/unix/processes.cc +++ b/src/libutil/unix/processes.cc @@ -78,7 +78,7 @@ int Pid::kill() /* On BSDs, killing a process group will return EPERM if all processes in the group are zombies (or something like that). So try to detect and ignore that situation. */ -#if __FreeBSD__ || __APPLE__ +#if defined(__FreeBSD__) || defined(__APPLE__) if (errno != EPERM || ::kill(pid, 0) != 0) #endif logError(SysError("killing process %d", pid).info()); @@ -190,7 +190,7 @@ static pid_t doFork(bool allowVfork, ChildWrapperFunction & fun) } -#if __linux__ +#ifdef __linux__ static int childEntry(void * arg) { auto & fun = *reinterpret_cast(arg); @@ -213,7 +213,7 @@ pid_t startProcess(std::function fun, const ProcessOptions & options) logger = makeSimpleLogger(); } try { -#if __linux__ +#ifdef __linux__ if (options.dieWithParent && prctl(PR_SET_PDEATHSIG, SIGKILL) == -1) throw SysError("setting death signal"); #endif diff --git a/src/libutil/unix/signals.cc b/src/libutil/unix/signals.cc index f1cb28527..665b9b096 100644 --- a/src/libutil/unix/signals.cc +++ b/src/libutil/unix/signals.cc @@ -105,7 +105,7 @@ void unix::setChildSignalMask(sigset_t * sigs) { assert(sigs); // C style function, but think of sigs as a reference -#if _POSIX_C_SOURCE >= 1 || _XOPEN_SOURCE || _POSIX_SOURCE +#if (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 1) || (defined(_XOPEN_SOURCE) && _XOPEN_SOURCE) || (defined(_POSIX_SOURCE) && _POSIX_SOURCE) sigemptyset(&savedSignalMask); // There's no "assign" or "copy" function, so we rely on (math) idempotence // of the or operator: a or a = a. diff --git a/src/nix/crash-handler.cc b/src/nix/crash-handler.cc index 17d346ecc..d65773fa0 100644 --- a/src/nix/crash-handler.cc +++ b/src/nix/crash-handler.cc @@ -8,7 +8,7 @@ #include // Darwin and FreeBSD stdenv do not define _GNU_SOURCE but do have _Unwind_Backtrace. -#if __APPLE__ || __FreeBSD__ +#if defined(__APPLE__) || defined(__FreeBSD__) # define BOOST_STACKTRACE_GNU_SOURCE_NOT_REQUIRED #endif diff --git a/src/nix/main.cc b/src/nix/main.cc index 6470213a2..a2c9dcf68 100644 --- a/src/nix/main.cc +++ b/src/nix/main.cc @@ -36,7 +36,7 @@ # include #endif -#if __linux__ +#ifdef __linux__ # include "nix/util/namespaces.hh" #endif @@ -384,7 +384,7 @@ void mainWrapped(int argc, char * * argv) "__build-remote", }); - #if __linux__ + #ifdef __linux__ if (isRootUser()) { try { saveMountNamespace(); diff --git a/src/nix/run.cc b/src/nix/run.cc index 64eab3ff3..146ae9ec9 100644 --- a/src/nix/run.cc +++ b/src/nix/run.cc @@ -12,7 +12,7 @@ #include "nix/expr/eval.hh" #include -#if __linux__ +#ifdef __linux__ # include # include "nix/store/personality.hh" #endif @@ -59,7 +59,7 @@ void execProgramInStore(ref store, throw SysError("could not execute chroot helper"); } -#if __linux__ +#ifdef __linux__ if (system) linux::setPersonality(*system); #endif @@ -153,7 +153,7 @@ void chrootHelper(int argc, char * * argv) while (p < argc) args.push_back(argv[p++]); -#if __linux__ +#ifdef __linux__ uid_t uid = getuid(); uid_t gid = getgid(); @@ -212,7 +212,7 @@ void chrootHelper(int argc, char * * argv) writeFile(fs::path{"/proc/self/uid_map"}, fmt("%d %d %d", uid, uid, 1)); writeFile(fs::path{"/proc/self/gid_map"}, fmt("%d %d %d", gid, gid, 1)); -#if __linux__ +#ifdef __linux__ if (system != "") linux::setPersonality(system); #endif diff --git a/src/nix/unix/daemon.cc b/src/nix/unix/daemon.cc index 4e60ba102..607a7bb01 100644 --- a/src/nix/unix/daemon.cc +++ b/src/nix/unix/daemon.cc @@ -34,11 +34,11 @@ #include #include -#if __linux__ +#ifdef __linux__ #include "nix/util/cgroup.hh" #endif -#if __APPLE__ || __FreeBSD__ +#if defined(__APPLE__) || defined(__FreeBSD__) #include #endif @@ -317,7 +317,7 @@ static void daemonLoop(std::optional forceTrustClientOpt) // Get rid of children automatically; don't let them become zombies. setSigChldAction(true); - #if __linux__ + #ifdef __linux__ if (settings.useCgroups) { experimentalFeatureSettings.require(Xp::Cgroups);