summary refs log tree commit diff
path: root/pkgs
diff options
context:
space:
mode:
authorRicardo M. Correia <rcorreia@wizy.org>2014-04-25 03:58:33 +0200
committerRicardo M. Correia <rcorreia@wizy.org>2014-05-15 13:25:51 +0200
commit8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c (patch)
treed4ae674c788ccb51b6ad7bff4785793907978a31 /pkgs
parent255d86ea99d26e8880f3b7cca73bc3b5486d7bf4 (diff)
downloadnixlib-8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c.tar
nixlib-8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c.tar.gz
nixlib-8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c.tar.bz2
nixlib-8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c.tar.lz
nixlib-8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c.tar.xz
nixlib-8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c.tar.zst
nixlib-8d54dc6d13ac3b42e45d95a2cfb971e7c01ad39c.zip
chromium: Add support for grsecurity
Diffstat (limited to 'pkgs')
-rw-r--r--pkgs/applications/networking/browsers/chromium/browser.nix4


-rw-r--r--pkgs/applications/networking/browsers/chromium/common.nix32


-rw-r--r--pkgs/applications/networking/browsers/chromium/default.nix15


3 files changed, 32 insertions, 19 deletions
diff --git a/pkgs/applications/networking/browsers/chromium/browser.nix b/pkgs/applications/networking/browsers/chromium/browser.nix
index a4b99bc58023..2a88ed8db659 100644
--- a/pkgs/applications/networking/browsers/chromium/browser.nix
+++ b/pkgs/applications/networking/browsers/chromium/browser.nix
@@ -1,11 +1,11 @@
-{ stdenv, mkChromiumDerivation }:
+{ stdenv, mkChromiumDerivation, arch }:
 
 with stdenv.lib;
 
 mkChromiumDerivation (base: rec {
   name = "chromium-browser";
   packageName = "chromium";
-  buildTargets = [ "chrome" ];
+  buildTargets = [ "mksnapshot.${arch}" "chrome" ];
 
   installPhase = ''
     ensureDir "$libExecPath"
diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix
index 69e54e25c374..301950e3f44b 100644
--- a/pkgs/applications/networking/browsers/chromium/common.nix
+++ b/pkgs/applications/networking/browsers/chromium/common.nix
@@ -30,6 +30,7 @@
 
 , source
 , plugins
+, archInfo
 }:
 
 buildFun:
@@ -172,13 +173,7 @@ let
       # enable support for the H.264 codec
       proprietary_codecs = true;
       ffmpeg_branding = "Chrome";
-    } // optionalAttrs (stdenv.system == "x86_64-linux") {
-      target_arch = "x64";
-      python_arch = "x86-64";
-    } // optionalAttrs (stdenv.system == "i686-linux") {
-      target_arch = "ia32";
-      python_arch = "ia32";
-    } // (extraAttrs.gypFlags or {}));
+    } // archInfo // (extraAttrs.gypFlags or {}));
 
     configurePhase = ''
       # This is to ensure expansion of $out.
@@ -190,14 +185,21 @@ let
     buildPhase = let
       CC = "${gcc}/bin/gcc";
       CXX = "${gcc}/bin/g++";
-    in ''
-      CC="${CC}" CC_host="${CC}"     \
-      CXX="${CXX}" CXX_host="${CXX}" \
-      LINK_host="${CXX}"             \
-        "${ninja}/bin/ninja" -C "${buildPath}"  \
-          -j$NIX_BUILD_CORES -l$NIX_BUILD_CORES \
-          ${concatStringsSep " " (extraAttrs.buildTargets or [])}
-    '';
+      buildCommand = target: ''
+        CC="${CC}" CC_host="${CC}"     \
+        CXX="${CXX}" CXX_host="${CXX}" \
+        LINK_host="${CXX}"             \
+          "${ninja}/bin/ninja" -C "${buildPath}"  \
+            -j$NIX_BUILD_CORES -l$NIX_BUILD_CORES \
+            ${target}
+
+        if [[ "${target}" == mksnapshot.* || "${target}" == "chrome" ]]; then
+          paxmark m "${buildPath}/${target}"
+        fi
+      '';
+      targets = extraAttrs.buildTargets or [];
+      commands = map buildCommand targets;
+    in concatStringsSep "\n" commands;
   };
 
 # Remove some extraAttrs we supplied to the base attributes already.
diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix
index 44fd3c69e537..efb0a95e9db2 100644
--- a/pkgs/applications/networking/browsers/chromium/default.nix
+++ b/pkgs/applications/networking/browsers/chromium/default.nix
@@ -15,6 +15,14 @@
 }:
 
 let
+  archInfo = with stdenv.lib; optionalAttrs (stdenv.system == "i686-linux") {
+    target_arch = "ia32";
+    python_arch = "ia32";
+  } // optionalAttrs (stdenv.system == "x86_64-linux") {
+    target_arch = "x64";
+    python_arch = "x86-64";
+  };
+
   callPackage = newScope chromium;
 
   chromium = {
@@ -27,10 +35,13 @@ let
     mkChromiumDerivation = callPackage ./common.nix {
       inherit enableSELinux enableNaCl useOpenSSL gnomeSupport
               gnomeKeyringSupport proprietaryCodecs cupsSupport
-              pulseSupport;
+              pulseSupport archInfo;
+    };
+
+    browser = callPackage ./browser.nix {
+      arch = archInfo.target_arch;
     };
 
-    browser = callPackage ./browser.nix { };
     sandbox = callPackage ./sandbox.nix { };
 
     plugins = callPackage ./plugins.nix {

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-06 08:29:44 +0000