From 91c5ba1e69bd25112ea696d3166757b0e150770b Mon Sep 17 00:00:00 2001
From: Antoine Viallon <antoine@lesviallon.fr>
Date: Wed, 9 Nov 2022 17:26:18 +0100
Subject: [PATCH] [Boot] Add kernel config option to aviallon namespace

Allows advanced patching / overriding of the kernel while still allowing
to set the kernel in other modules.
---
 boot.nix      | 14 +++++++++++---
 desktop.nix   |  2 +-
 hardening.nix |  2 +-
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/boot.nix b/boot.nix
index 3285eba..5a196b3 100644
--- a/boot.nix
+++ b/boot.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ config, pkgs, lib, options, ... }:
 with lib;
 let
   customKernelPatches = {
@@ -81,8 +81,7 @@ let
   allowUnfree = (types.isType types.attrs config.nixpkgs.config)
                 && (hasAttr "allowUnfree" config.nixpkgs.config)
                 && (getAttr "allowUnfree" config.nixpkgs.config);
-in
-{
+in {
 
   options.aviallon.boot = {
     enable = mkOption {
@@ -130,6 +129,13 @@ in
       example = { "i915.fastboot" = true; };
       type = types.attrsOf (types.oneOf [ types.bool types.int types.str (types.listOf types.str) ]);
     };
+
+    kernel = mkOption {
+      description = "Linux kernel to use";
+      default = options.boot.kernelPackages.default.kernel;
+      example = "pkgs.kernel";
+      type = types.package;
+    };
   };
 
   config = {
@@ -158,6 +164,8 @@ in
       initrd.kernelModules = [ ];
       initrd.availableKernelModules = [ "ehci_pci" ];
 
+      kernelPackages = pkgs.linuxPackagesFor cfg.kernel;
+
       kernelPatches = []
         ++ optional cfg.x32abi.enable customKernelPatches.enableX32ABI
         ++ optional cfg.rtGroupSched.enable customKernelPatches.enableRTGroupSched
diff --git a/desktop.nix b/desktop.nix
index 89471a1..70df13c 100644
--- a/desktop.nix
+++ b/desktop.nix
@@ -62,7 +62,7 @@ in {
 
     aviallon.network.backend = mkDefault "NetworkManager";
 
-    boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod;
+    aviallon.boot.kernel = pkgs.linuxKernel.kernels.linux_xanmod;
 
     # Enable the X11 windowing system.
     services.xserver.enable = true;
diff --git a/hardening.nix b/hardening.nix
index 47e19dc..c9101e5 100644
--- a/hardening.nix
+++ b/hardening.nix
@@ -41,7 +41,7 @@ in
   #  imports = [
   #     (modulesPath + "/profiles/hardened.nix")
   #  ];
-    boot.kernelPackages = mkIf cfg.hardcore pkgs.linuxPackages_hardened;
+    aviallon.boot.kernel = mkIf cfg.hardcore pkgs.linuxKernel.kernels.linux_hardened;
     security.lockKernelModules = mkIf cfg.hardcore (mkOverride 500 true);
     # security.protectKernelImage = mkIf cfg.hardcore (mkOverride 500 false); # needed for kexec