aviallon/nixos-lib
1
0
Fork 0
mirror of https://github.com/aviallon/nixos-lib.git synced 2026-04-06 01:38:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[Boot] Add kernel config option to aviallon namespace

Browse source 
Allows advanced patching / overriding of the kernel while still allowing
to set the kernel in other modules.
This commit is contained in:
Antoine Viallon 2022-11-09 17:26:18 +01:00
parent 3f22bcff49
commit 91c5ba1e69
Signed by: aviallon
GPG key ID: 186FC35EDEB25716
3 changed files with 13 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

14
boot.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, options, ... }:
with lib; with lib;
let let
customKernelPatches = { customKernelPatches = {
@ -81,8 +81,7 @@ let
allowUnfree = (types.isType types.attrs config.nixpkgs.config) allowUnfree = (types.isType types.attrs config.nixpkgs.config)
&& (hasAttr "allowUnfree" config.nixpkgs.config) && (hasAttr "allowUnfree" config.nixpkgs.config)
&& (getAttr "allowUnfree" config.nixpkgs.config); && (getAttr "allowUnfree" config.nixpkgs.config);
in in {
{
options.aviallon.boot = { options.aviallon.boot = {
enable = mkOption { enable = mkOption {
@ -130,6 +129,13 @@ in
example = { "i915.fastboot" = true; }; example = { "i915.fastboot" = true; };
type = types.attrsOf (types.oneOf [ types.bool types.int types.str (types.listOf types.str) ]); type = types.attrsOf (types.oneOf [ types.bool types.int types.str (types.listOf types.str) ]);
}; };
kernel = mkOption {
description = "Linux kernel to use";
default = options.boot.kernelPackages.default.kernel;
example = "pkgs.kernel";
type = types.package;
};
}; };
config = { config = {
@ -158,6 +164,8 @@ in
initrd.kernelModules = [ ]; initrd.kernelModules = [ ];
initrd.availableKernelModules = [ "ehci_pci" ]; initrd.availableKernelModules = [ "ehci_pci" ];
kernelPackages = pkgs.linuxPackagesFor cfg.kernel;
kernelPatches = [] kernelPatches = []
++ optional cfg.x32abi.enable customKernelPatches.enableX32ABI ++ optional cfg.x32abi.enable customKernelPatches.enableX32ABI
++ optional cfg.rtGroupSched.enable customKernelPatches.enableRTGroupSched ++ optional cfg.rtGroupSched.enable customKernelPatches.enableRTGroupSched

2
desktop.nix
View file

@ -62,7 +62,7 @@ in {
aviallon.network.backend = mkDefault "NetworkManager"; aviallon.network.backend = mkDefault "NetworkManager";
boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod; aviallon.boot.kernel = pkgs.linuxKernel.kernels.linux_xanmod;
# Enable the X11 windowing system. # Enable the X11 windowing system.
services.xserver.enable = true; services.xserver.enable = true;

2
hardening.nix
View file

@ -41,7 +41,7 @@ in
# imports = [ # imports = [
# (modulesPath + "/profiles/hardened.nix") # (modulesPath + "/profiles/hardened.nix")
# ]; # ];
boot.kernelPackages = mkIf cfg.hardcore pkgs.linuxPackages_hardened; aviallon.boot.kernel = mkIf cfg.hardcore pkgs.linuxKernel.kernels.linux_hardened;
security.lockKernelModules = mkIf cfg.hardcore (mkOverride 500 true); security.lockKernelModules = mkIf cfg.hardcore (mkOverride 500 true);
# security.protectKernelImage = mkIf cfg.hardcore (mkOverride 500 false); # needed for kexec # security.protectKernelImage = mkIf cfg.hardcore (mkOverride 500 false); # needed for kexec