From 7e26d25066a8e84e626ba9ae5c3ba49432227478 Mon Sep 17 00:00:00 2001
From: Antoine Viallon <antoine@lesviallon.fr>
Date: Thu, 7 Apr 2022 09:22:44 +0200
Subject: [PATCH] [Boot+Refactoring] Add a cmdline config option for cleaner
 boot option config

---
 boot.nix         | 24 ++++++++++++++++++++----
 desktop.nix      |  9 +++++----
 general.nix      | 10 ++++++----
 hardening.nix    |  4 ++--
 hardware/amd.nix | 10 ++++++----
 laptop.nix       |  8 ++++----
 6 files changed, 43 insertions(+), 22 deletions(-)

diff --git a/boot.nix b/boot.nix
index c5626a0..b6fd3d3 100644
--- a/boot.nix
+++ b/boot.nix
@@ -22,6 +22,13 @@ let
         '';
       };
   };
+
+  toCmdlineValue = v: if (isBool v) then (if v then "y" else "n")
+                      else if (isInt v || isString v) then (toString v)
+                      else throw "Invalid value for kernel cmdline parameter";
+
+  toCmdlineList = set: mapAttrsToList (key: value: "${key}=${toCmdlineValue value}") set;
+  
   cfg = config.aviallon.boot;
   generalCfg = config.aviallon.general;
   allowUnfree = (types.isType types.attrs config.nixpkgs.config)
@@ -58,6 +65,13 @@ in
       example = null;
       type = types.int;
     };
+
+    cmdline = mkOption {
+      description = "Kernel params as attributes (instead of list)";
+      default = { };
+      example = { "i915.fastboot" = true; };
+      type = types.attrsOf (types.oneOf [ types.bool types.int types.str ]);
+    };
   };
 
   config = mkIf cfg.enable {
@@ -65,14 +79,16 @@ in
     hardware.enableAllFirmware = allowUnfree;
     hardware.enableRedistributableFirmware = true;
 
+    aviallon.boot.cmdline = {
+      "syscall.x32" = cfg.x32abi.enable;
+    };
+
     boot = {
       initrd.kernelModules = [ ];
       initrd.availableKernelModules = [ "ehci_pci" ];
 
-      kernelParams = concatLists [
-        (optional cfg.x32abi.enable "syscall.x32=y")
-      ];
-
+      kernelParams = toCmdlineList cfg.cmdline;
+      
       kernelPatches = concatLists [
         (optional cfg.x32abi.enable customKernelPatches.enableX32ABI)
       ];
diff --git a/desktop.nix b/desktop.nix
index a1d7ecc..aadd37d 100644
--- a/desktop.nix
+++ b/desktop.nix
@@ -70,10 +70,11 @@ in {
 
 
     boot.plymouth.enable = mkDefault true;
-    boot.kernelParams = concatLists [
-      (optionals (!generalCfg.debug) [ "splash" "udev.log_level=3" ])
-      ["preempt=full"]
-    ];
+    aviallon.boot.cmdline = {
+      splash = mkIf (!generalCfg.debug) true;
+      "udev.log_level" = mkIf (!generalCfg.debug) 3;
+      preempt = "full";
+    };
     boot.initrd.verbose = generalCfg.debug;
     boot.consoleLogLevel = mkIf (!generalCfg.debug) 1;
 
diff --git a/general.nix b/general.nix
index 6d4e962..c2b4d24 100644
--- a/general.nix
+++ b/general.nix
@@ -94,10 +94,12 @@ in
       font = "Lat2-Terminus16";
     };
 
-    boot.kernelParams = concatLists [
-      (optional cfg.unsafeOptimizations "mitigations=off")
-      (optionals cfg.unsafeOptimizations [ "i915.mitigations=off" "i915.enable_dc=4" "i915.fastboot=1" ] )
-    ];
+    aviallon.boot.cmdline = mkIf cfg.unsafeOptimizations {
+      mitigations = "off";
+      "i915.mitigations" = "off";
+      "i915.enable_dc" = 4;
+      "i915.fastboot" = 1;
+    };
 
     powerManagement.cpuFreqGovernor = mkDefault "schedutil";
 
diff --git a/hardening.nix b/hardening.nix
index 45e097d..4fbd838 100644
--- a/hardening.nix
+++ b/hardening.nix
@@ -53,7 +53,7 @@ in
     services.dbus.apparmor = "enabled";
 
 
-    boot.kernelParams = concatLists [
+    boot.kernelParams = mkAfter (concatLists [
       # Slab/slub sanity checks, redzoning, and poisoning
       (optional cfg.expensive "slub_debug=FZP")
 
@@ -65,7 +65,7 @@ in
 
       # Apparmor https://wiki.archlinux.org/title/AppArmor#Installation
       (optional cfg.expensive "lsm=landlock,lockdown,yama,apparmor,bpf")
-    ];
+    ]);
 
     boot.kernel.sysctl = {
     "kernel.yama.ptrace_scope" = mkOverride 500 1;
diff --git a/hardware/amd.nix b/hardware/amd.nix
index 7a10223..2a60458 100644
--- a/hardware/amd.nix
+++ b/hardware/amd.nix
@@ -7,12 +7,14 @@ in
   config = mkIf (hardwareCfg.gpuVendor == "amd") {
     boot.initrd.kernelModules = [ "amdgpu" ];
 
-    boot.kernelParams = concatLists [
+    aviallon.boot.cmdline = {}
       # for Southern Islands (SI ie. GCN 1) cards
-      [ "radeon.si_support=0" "amdgpu.si_support=1" ]
+      // { "radeon.si_support" = 0;
+      "amdgpu.si_support" = 1; }
       # for Sea Islands (CIK ie. GCN 2) cards
-      [ "radeon.cik_support=0" "amdgpu.cik_support=1" ]
-    ];
+      // { "radeon.cik_support" = 0;
+       "amdgpu.cik_support" = 1; }
+    ;
 
     hardware.opengl.extraPackages = with pkgs; [
       rocm-opencl-icd
diff --git a/laptop.nix b/laptop.nix
index 726390b..2f292a5 100644
--- a/laptop.nix
+++ b/laptop.nix
@@ -24,10 +24,10 @@ in {
 
     hardware.sensor.iio.enable = mkDefault true;
 
-    boot.kernelParams = [
-      "i915.enable_fbc=1"
-      "i915.enable_gvt=1"
-    ];
+    aviallon.boot.cmdline = {
+      "i915.enable_fbc" = 1;
+      "i915.enable_gvt" = 1;
+    };
 
     services.tlp.enable = (cfg.power-manager == "tlp");
     services.power-profiles-daemon.enable = (cfg.power-manager == "power-profiles-daemon");