Following legacy packing conventions, `isArm` was defined just for
32-bit ARM instruction set. This is confusing to non packagers though,
because Aarch64 is an ARM instruction set.
The official ARM overview for ARMv8[1] is surprisingly not confusing,
given the overall state of affairs for ARM naming conventions, and
offers us a solution. It divides the nomenclature into three levels:
```
ISA: ARMv8 {-A, -R, -M}
/ \
Mode: Aarch32 Aarch64
| / \
Encoding: A64 A32 T32
```
At the top is the overall v8 instruction set archicture. Second are the
two modes, defined by bitwidth but differing in other semantics too, and
buttom are the encodings, (hopefully?) isomorphic if they encode the
same mode.
The 32 bit encodings are mostly backwards compatible with previous
non-Thumb and Thumb encodings, and if so we can pun the mode names to
instead mean "sets of compatable or isomorphic encodings", and then
voilà we have nice names for 32-bit and 64-bit arm instruction sets
which do not use the word ARM so as to not confused either laymen or
experienced ARM packages.
[1]: https://developer.arm.com/products/architecture/a-profile
The package was originally broken as reported in #38940 and
facebook/osquery#4257. The latest version (3.x) contains several
important fixes for GCC 7, so now we can compile without a much less
complicated patches.
The following changes were needed to fix the derivation:
* Upgrade `osquery/third-party` to the latest rev to be compliant with
osquery 3.
* Keep using an override for the AWS SDK (for a lower closure size and
less compile time), but make the `ec2` API available.
* Added the dependencies `fpm`, `zstd`, `rdkafka`, `rapidjson` to the
build. `linenoise-ng` is obsolete as it's directly bundled with
`osquery/third-party`.
* Fixed the linking issue with `gflags` as recommended in the mailing
list: https://groups.google.com/d/msg/nix-devel/l1blj-mWxtI/J3CwPATBCAAJ
* Dropped the obsolete dependencies `cpp-netlib`, `lz4`, `apt` and
`devicemapper` (thanks @Infinisil).
* Override `OSQUERY_PLATFORM` to provide `nixos:version`
for sandbox and non-NixOS based builds. The `platform-nixos.patch`
file is now obsolete (thanks @flokli).
The patch was rebased against the 3.x branch of `osquery` and contains
mostly old changes. Additionally several testing targets were skipped as
they broke the build.
The functionality has been testing using the following command:
```
mkdir /tmp/osq.log/
./result/bin/osqueryd --pidfile /tmp/osq.pid \
--database_path /tmp/test.db --logger_path /tmp/osq.log
```
With the daemon running the database can be queried easily using
`./result/bin/osqueryi`.
Fixes ticket #38940
See ticket #36453
Further reference can be gathered from the affected Hydra logs for
the master branch: https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.osquery.x86_64-linux
Semi-automatic update. These checks were done:
- built on NixOS
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/optimize_local_ssd -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/optimize_local_ssd --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/optimize_local_ssd help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -V` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -v` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue --version` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue version` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue -h` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue --help` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/set_multiqueue help` and found version 20180129
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_accounts_daemon-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_accounts_daemon-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_accounts_daemon -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_accounts_daemon --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_instance_setup-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_instance_setup-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_instance_setup -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_instance_setup --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_network_setup-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_network_setup-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_network_setup -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_network_setup --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_ip_forwarding_daemon-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_ip_forwarding_daemon-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_ip_forwarding_daemon-wrapped help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_ip_forwarding_daemon -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_ip_forwarding_daemon --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_ip_forwarding_daemon help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_clock_skew_daemon-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_clock_skew_daemon-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_clock_skew_daemon-wrapped help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_clock_skew_daemon -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_clock_skew_daemon --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_clock_skew_daemon help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_metadata_script_runner-wrapped -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/.google_metadata_script_runner-wrapped --help` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_metadata_script_runner -h` got 0 exit code
- ran `/nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129/bin/google_metadata_script_runner --help` got 0 exit code
- found 20180129 with grep in /nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129
- found 20180129 in filename of file in /nix/store/xxf54yjdmhkmsy5h0rrh985lygpi3sjv-google-compute-engine-20180129
only build on Linux
When using diskrsync over SSH, on the remote machine it calls an executable
equal to argv0. Typically, this is just diskrsync but now that diskrsync is
wrapped, the wrapper uses absolute path to diskrsync and that path doesn't most
likely work on the remote machine. Thus, we need to force argv0 to "diskrsync"
so that it works on the remote machine.
aka 5.01+coreboot-001+
The version maintained by coreboot project is superior to Debian, it
integrates all the Debian patches and fixes a bunch more bugs.
In particular, it fixes SMP freezes and apparent memory errors when
running under coreboot ROM.
With hardening enabled it reports errors on known-good memory modules
on my Thinkpad X230 (Ivy Bridge). It's the same bug as reported in
https://bugs.launchpad.net/ubuntu/+source/memtest86+/+bug/1071209 but
memtest86+ fails on test #9 instead of test #7 (because #7 in 4.20
became #9 in 5.01) and with all the addresses multiplied by 2 (I guess
the bug was reported for i686, and I test on x86_64, it was 2012 after
all).
Update to current vulnix which features greatly improved whitelist
handling among others.
- Temporarly disable flake8 until #39206 is solved.
- Split docs into own output.