Unverified Commit c21d10ba authored by Sandro Jäckel's avatar Sandro Jäckel Committed by GitHub
Browse files

Merge pull request #263375 from lorenzleutgeb/benchexec 

benchexec: init at 3.21
parents c7829cdc 9f2f6359

nixos/doc/manual/release-notes/rl-2405.section.md

+5 −0
Original line number Diff line number Diff line
@@ -92,6 +92,11 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi 


- [Handheld Daemon](https://github.com/hhd-dev/hhd), support for gaming handhelds like the Legion Go, ROG Ally, and GPD Win. Available as [services.handheld-daemon](#opt-services.handheld-daemon.enable).



- [BenchExec](https://github.com/sosy-lab/benchexec), a framework for reliable benchmarking and resource measurement, available as [programs.benchexec](#opt-programs.benchexec.enable),

  As well as related programs

  [CPU Energy Meter](https://github.com/sosy-lab/cpu-energy-meter), available as [programs.cpu-energy-meter](#opt-programs.cpu-energy-meter.enable), and

  [PQoS Wrapper](https://gitlab.com/sosy-lab/software/pqos-wrapper), available as [programs.pqos-wrapper](#opt-programs.pqos-wrapper.enable).



- [Guix](https://guix.gnu.org), a functional package manager inspired by Nix. Available as [services.guix](#opt-services.guix.enable).



- [PhotonVision](https://photonvision.org/), a free, fast, and easy-to-use computer vision solution for the FIRST® Robotics Competition.

nixos/modules/module-list.nix

+3 −0
Original line number Diff line number Diff line
@@ -158,6 +158,7 @@ 
  ./programs/bash/ls-colors.nix

  ./programs/bash/undistract-me.nix

  ./programs/bcc.nix

  ./programs/benchexec.nix

  ./programs/browserpass.nix

  ./programs/calls.nix

  ./programs/captive-browser.nix
@@ -167,6 +168,7 @@ 
  ./programs/chromium.nix

  ./programs/clash-verge.nix

  ./programs/cnping.nix

  ./programs/cpu-energy-meter.nix

  ./programs/command-not-found/command-not-found.nix

  ./programs/coolercontrol.nix

  ./programs/criu.nix
@@ -250,6 +252,7 @@ 
  ./programs/pantheon-tweaks.nix

  ./programs/partition-manager.nix

  ./programs/plotinus.nix

  ./programs/pqos-wrapper.nix

  ./programs/projecteur.nix

  ./programs/proxychains.nix

  ./programs/qdmr.nix

nixos/modules/programs/benchexec.nix

0 → 100644
+98 −0
Original line number Diff line number Diff line 
{ lib

, pkgs

, config

, options

, ...

}:

let

  cfg = config.programs.benchexec;

  opt = options.programs.benchexec;



  filterUsers = x:

    if builtins.isString x then config.users.users ? ${x} else

    if builtins.isInt    x then x                         else

    throw "filterUsers expects string (username) or int (UID)";



  uid = x:

    if builtins.isString x then config.users.users.${x}.uid else

    if builtins.isInt    x then x                           else

    throw "uid expects string (username) or int (UID)";

in

{

  options.programs.benchexec = {

    enable = lib.mkEnableOption "BenchExec";

    package = lib.options.mkPackageOption pkgs "benchexec" { };



    users = lib.options.mkOption {

      type = with lib.types; listOf (either str int);

      description = ''

        Users that intend to use BenchExec.

        Provide usernames of users that are configured via {option}`${options.users.users}` as string,

        and UIDs of "mutable users" as integers.

        Control group delegation will be configured via systemd.

        For more information, see <https://github.com/sosy-lab/benchexec/blob/3.18/doc/INSTALL.md#setting-up-cgroups>.

      '';

      default = [ ];

      example = lib.literalExpression ''

        [

          "alice" # username of a user configured via ${options.users.users}

          1007    # UID of a mutable user

        ]

      '';

    };

  };



  config = lib.mkIf cfg.enable {

    assertions = (map

      (user: {

        assertion = config.users.users ? ${user};

        message = ''

          The user '${user}' intends to use BenchExec (via `${opt.users}`), but is not configured via `${options.users.users}`.

        '';

      })

      (builtins.filter builtins.isString cfg.users)

    ) ++ (map

      (id: {

        assertion = config.users.mutableUsers;

        message = ''

          The user with UID '${id}' intends to use BenchExec (via `${opt.users}`), but mutable users are disabled via `${options.users.mutableUsers}`.

        '';

      })

      (builtins.filter builtins.isInt cfg.users)

    ) ++ [

      {

        assertion = config.systemd.enableUnifiedCgroupHierarchy == true;

        message = ''

          The BenchExec module `${opt.enable}` only supports control groups 2 (`${options.systemd.enableUnifiedCgroupHierarchy} = true`).

        '';

      }

    ];



    environment.systemPackages = [ cfg.package ];



    # See <https://github.com/sosy-lab/benchexec/blob/3.18/doc/INSTALL.md#setting-up-cgroups>.

    systemd.services = builtins.listToAttrs (map

      (user: {

        name = "user@${builtins.toString (uid user)}";

        value = {

          serviceConfig.Delegate = "yes";

          overrideStrategy = "asDropin";

        };

      })

      (builtins.filter filterUsers cfg.users));



    # See <https://github.com/sosy-lab/benchexec/blob/3.18/doc/INSTALL.md#requirements>.

    virtualisation.lxc.lxcfs.enable = lib.mkDefault true;



    # See <https://github.com/sosy-lab/benchexec/blob/3.18/doc/INSTALL.md#requirements>.

    programs = {

      cpu-energy-meter.enable = lib.mkDefault true;

      pqos-wrapper.enable = lib.mkDefault true;

    };



    # See <https://github.com/sosy-lab/benchexec/blob/3.18/doc/INSTALL.md#kernel-requirements>.

    security.unprivilegedUsernsClone = true;

  };



  meta.maintainers = with lib.maintainers; [ lorenzleutgeb ];

}

nixos/modules/programs/cpu-energy-meter.nix

0 → 100644
+27 −0
Original line number Diff line number Diff line 
{ config

, lib

, pkgs

, ...

}: {

  options.programs.cpu-energy-meter = {

    enable = lib.mkEnableOption "CPU Energy Meter";

    package = lib.mkPackageOption pkgs "cpu-energy-meter" { };

  };



  config =

    let

      cfg = config.programs.cpu-energy-meter;

    in

    lib.mkIf cfg.enable {

      hardware.cpu.x86.msr.enable = true;



      security.wrappers.${cfg.package.meta.mainProgram} = {

        owner = "nobody";

        group = config.hardware.cpu.x86.msr.group;

        source = lib.getExe cfg.package;

        capabilities = "cap_sys_rawio=ep";

      };

    };



  meta.maintainers = with lib.maintainers; [ lorenzleutgeb ];

}

nixos/modules/programs/pqos-wrapper.nix

0 → 100644
+27 −0
Original line number Diff line number Diff line 
{ config

, lib

, pkgs

, ...

}:

let

  cfg = config.programs.pqos-wrapper;

in

{

  options.programs.pqos-wrapper = {

    enable = lib.mkEnableOption "PQoS Wrapper for BenchExec";

    package = lib.mkPackageOption pkgs "pqos-wrapper" { };

  };



  config = lib.mkIf cfg.enable {

    hardware.cpu.x86.msr.enable = true;



    security.wrappers.${cfg.package.meta.mainProgram} = {

      owner = "nobody";

      group = config.hardware.cpu.x86.msr.group;

      source = lib.getExe cfg.package;

      capabilities = "cap_sys_rawio=eip";

    };

  };



  meta.maintainers = with lib.maintainers; [ lorenzleutgeb ];

}