diff options
| author | Alyssa Ross <hi@alyssa.is> | 2019-02-07 15:19:21 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2019-02-07 23:35:47 +0000 |
| commit | e5013c05a2f845255debf94318ab38ecef1c186b (patch) | |
| tree | bec11a0bd31d3432a16899e5539f1098f1c168a4 /nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix | |
| parent | 4fc07c92ec07cafcf6d56143ea7334693143ef88 (diff) | |
| parent | 2d2f10475138b7206572dc3ec288184df2be022e (diff) | |
| download | nixlib-e5013c05a2f845255debf94318ab38ecef1c186b.tar nixlib-e5013c05a2f845255debf94318ab38ecef1c186b.tar.gz nixlib-e5013c05a2f845255debf94318ab38ecef1c186b.tar.bz2 nixlib-e5013c05a2f845255debf94318ab38ecef1c186b.tar.lz nixlib-e5013c05a2f845255debf94318ab38ecef1c186b.tar.xz nixlib-e5013c05a2f845255debf94318ab38ecef1c186b.tar.zst nixlib-e5013c05a2f845255debf94318ab38ecef1c186b.zip | |
Merge commit '2d2f10475138b7206572dc3ec288184df2be022e'
Diffstat (limited to 'nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix')
| -rw-r--r-- | nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix | 83 |
1 files changed, 41 insertions, 42 deletions
diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix b/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix index c098571bb606..1a56e68fa4bf 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/common-config.nix @@ -12,23 +12,12 @@ # Configuration { stdenv, version -# to let user override values, aka converting modules to included and vice-versa -, mkValueOverride ? null - -# new extraConfig as a flattened set -, structuredExtraConfig ? {} - -# legacy extraConfig as string -, extraConfig ? "" - , features ? { grsecurity = false; xen_dom0 = false; } }: -assert (mkValueOverride == null) || (builtins.isFunction mkValueOverride); - with stdenv.lib; -with import ../../../../lib/kernel.nix { inherit (stdenv) lib; inherit version; }; + with import ../../../../lib/kernel.nix { inherit (stdenv) lib; inherit version; }; let @@ -46,7 +35,7 @@ let DEBUG_NX_TEST = whenOlder "4.11" no; CPU_NOTIFIER_ERROR_INJECT = whenOlder "4.4" (option no); DEBUG_STACK_USAGE = no; - DEBUG_STACKOVERFLOW = when (!features.grsecurity) no; + DEBUG_STACKOVERFLOW = mkIf (!features.grsecurity) no; RCU_TORTURE_TEST = no; SCHEDSTATS = no; DETECT_HUNG_TASK = yes; @@ -88,9 +77,9 @@ let # Include the CFQ I/O scheduler in the kernel, rather than as a # module, so that the initrd gets a good I/O scheduler. scheduler = { - IOSCHED_CFQ = yes; + IOSCHED_CFQ = whenOlder "5.0" yes; # Removed in 5.0-RC1 BLK_CGROUP = yes; # required by CFQ" - IOSCHED_DEADLINE = yes; + IOSCHED_DEADLINE = whenOlder "5.0" yes; # Removed in 5.0-RC1 MQ_IOSCHED_DEADLINE = whenAtLeast "4.11" yes; BFQ_GROUP_IOSCHED = whenAtLeast "4.12" yes; MQ_IOSCHED_KYBER = whenAtLeast "4.12" yes; @@ -114,7 +103,7 @@ let IP_DCCP_CCID3 = no; # experimental CLS_U32_PERF = yes; CLS_U32_MARK = yes; - BPF_JIT = when (stdenv.hostPlatform.system == "x86_64-linux") yes; + BPF_JIT = mkIf (stdenv.hostPlatform.system == "x86_64-linux") yes; WAN = yes; # Required by systemd per-cgroup firewalling CGROUP_BPF = option yes; @@ -184,7 +173,7 @@ let FB_VESA = yes; FRAMEBUFFER_CONSOLE = yes; FRAMEBUFFER_CONSOLE_ROTATION = yes; - FB_GEODE = when (stdenv.hostPlatform.system == "i686-linux") yes; + FB_GEODE = mkIf (stdenv.hostPlatform.system == "i686-linux") yes; }; video = { @@ -239,7 +228,7 @@ let }; usb = { - USB_DEBUG = option (whenOlder "4.18" no); + USB_DEBUG = { optional = true; tristate = whenOlder "4.18" "n";}; USB_EHCI_ROOT_HUB_TT = yes; # Root Hub Transaction Translators USB_EHCI_TT_NEWSCHED = yes; # Improved transaction translator scheduling }; @@ -250,7 +239,7 @@ let FANOTIFY = yes; TMPFS = yes; TMPFS_POSIX_ACL = yes; - FS_ENCRYPTION = option (whenAtLeast "4.9" module); + FS_ENCRYPTION = { optional = true; tristate = whenAtLeast "4.9" "m"; }; EXT2_FS_XATTR = yes; EXT2_FS_POSIX_ACL = yes; @@ -262,7 +251,7 @@ let EXT4_FS_POSIX_ACL = yes; EXT4_FS_SECURITY = yes; - EXT4_ENCRYPTION = option ((if (versionOlder version "4.8") then module else yes)); + EXT4_ENCRYPTION = { optional = true; tristate = if (versionOlder version "4.8") then "m" else "y"; }; REISERFS_FS_XATTR = option yes; REISERFS_FS_POSIX_ACL = option yes; @@ -320,10 +309,11 @@ let SQUASHFS_LZO = yes; SQUASHFS_XZ = yes; SQUASHFS_LZ4 = yes; + SQUASHFS_ZSTD = whenAtLeast "4.14" yes; # Native Language Support modules, needed by some filesystems NLS = yes; - NLS_DEFAULT = "utf8"; + NLS_DEFAULT = freeform "utf8"; NLS_UTF8 = module; NLS_CODEPAGE_437 = module; # VFAT default for the codepage= mount option NLS_ISO8859_1 = module; # VFAT default for the iocharset= mount option @@ -333,13 +323,13 @@ let security = { # Detect writes to read-only module pages - DEBUG_SET_MODULE_RONX = option (whenOlder "4.11" yes); + DEBUG_SET_MODULE_RONX = { optional = true; tristate = whenOlder "4.11" "y"; }; RANDOMIZE_BASE = option yes; STRICT_DEVMEM = option yes; # Filter access to /dev/mem - SECURITY_SELINUX_BOOTPARAM_VALUE = "0"; # Disable SELinux by default + SECURITY_SELINUX_BOOTPARAM_VALUE = freeform "0"; # Disable SELinux by default # Prevent processes from ptracing non-children processes SECURITY_YAMA = option yes; - DEVKMEM = when (!features.grsecurity) no; # Disable /dev/kmem + DEVKMEM = mkIf (!features.grsecurity) no; # Disable /dev/kmem USER_NS = yes; # Support for user namespaces @@ -349,7 +339,7 @@ let } // optionalAttrs (!stdenv.hostPlatform.isAarch32) { # Detect buffer overflows on the stack - CC_STACKPROTECTOR_REGULAR = option (whenOlder "4.18" yes); + CC_STACKPROTECTOR_REGULAR = {optional = true; tristate = whenOlder "4.18" "y";}; }; microcode = { @@ -365,7 +355,7 @@ let # https://lwn.net/Articles/682582/ # https://bugzilla.kernel.org/show_bug.cgi?id=12309#c655 BLK_WBT = yes; - BLK_WBT_SQ = yes; + BLK_WBT_SQ = whenOlder "5.0" yes; # Removed in 5.0-RC1 BLK_WBT_MQ = yes; }; @@ -382,7 +372,7 @@ let DEVPTS_MULTIPLE_INSTANCES = whenOlder "4.7" yes; BLK_DEV_THROTTLING = yes; - CFQ_GROUP_IOSCHED = yes; + CFQ_GROUP_IOSCHED = whenOlder "5.0" yes; # Removed in 5.0-RC1 CGROUP_PIDS = whenAtLeast "4.3" yes; }; @@ -406,8 +396,8 @@ let FTRACE_SYSCALLS = yes; SCHED_TRACER = yes; STACK_TRACER = yes; - UPROBE_EVENT = option (whenOlder "4.11" yes); - UPROBE_EVENTS = option (whenAtLeast "4.11" yes); + UPROBE_EVENT = { optional = true; tristate = whenOlder "4.11" "y";}; + UPROBE_EVENTS = { optional = true; tristate = whenAtLeast "4.11" "y";}; BPF_SYSCALL = whenAtLeast "4.4" yes; BPF_EVENTS = whenAtLeast "4.4" yes; FUNCTION_PROFILER = yes; @@ -417,23 +407,23 @@ let virtualisation = { PARAVIRT = option yes; - HYPERVISOR_GUEST = when (!features.grsecurity) yes; + HYPERVISOR_GUEST = mkIf (!features.grsecurity) yes; PARAVIRT_SPINLOCKS = option yes; KVM_APIC_ARCHITECTURE = whenOlder "4.8" yes; KVM_ASYNC_PF = yes; - KVM_COMPAT = option (whenBetween "4.0" "4.12" yes); - KVM_DEVICE_ASSIGNMENT = option (whenBetween "3.10" "4.12" yes); + KVM_COMPAT = { optional = true; tristate = whenBetween "4.0" "4.12" "y"; }; + KVM_DEVICE_ASSIGNMENT = { optional = true; tristate = whenBetween "3.10" "4.12" "y"; }; KVM_GENERIC_DIRTYLOG_READ_PROTECT = whenAtLeast "4.0" yes; - KVM_GUEST = when (!features.grsecurity) yes; + KVM_GUEST = mkIf (!features.grsecurity) yes; KVM_MMIO = yes; KVM_VFIO = yes; KSM = yes; VIRT_DRIVERS = yes; # We nneed 64 GB (PAE) support for Xen guest support - HIGHMEM64G = option (when (!stdenv.is64bit) yes); + HIGHMEM64G = { optional = true; tristate = mkIf (!stdenv.is64bit) "y";}; - VFIO_PCI_VGA = when stdenv.is64bit yes; + VFIO_PCI_VGA = mkIf stdenv.is64bit yes; } // optionalAttrs (stdenv.isx86_64 || stdenv.isi686) ({ XEN = option yes; @@ -466,7 +456,7 @@ let MEDIA_DIGITAL_TV_SUPPORT = yes; MEDIA_CAMERA_SUPPORT = yes; MEDIA_RC_SUPPORT = whenOlder "4.14" yes; - MEDIA_CONTROLLER = yes; + MEDIA_CONTROLLER = yes; MEDIA_PCI_SUPPORT = yes; MEDIA_USB_SUPPORT = yes; MEDIA_ANALOG_TV_SUPPORT = yes; @@ -541,8 +531,8 @@ let CRYPTO_TEST = option no; EFI_TEST = option no; GLOB_SELFTEST = option no; - DRM_DEBUG_MM_SELFTEST = option (whenOlder "4.18" no); - LNET_SELFTEST = option (whenOlder "4.18" no); + DRM_DEBUG_MM_SELFTEST = { optional = true; tristate = whenOlder "4.18" "n";}; + LNET_SELFTEST = { optional = true; tristate = whenOlder "4.18" "n";}; LOCK_TORTURE_TEST = option no; MTD_TESTS = option no; NOTIFIER_ERROR_INJECTION = option no; @@ -597,7 +587,7 @@ let AIC79XX_DEBUG_ENABLE = no; AIC7XXX_DEBUG_ENABLE = no; AIC94XX_DEBUG = no; - B43_PCMCIA = option (whenOlder "4.4" yes); + B43_PCMCIA = { optional=true; tristate = whenOlder "4.4" "y";}; BLK_DEV_INTEGRITY = yes; @@ -650,7 +640,7 @@ let # GPIO on Intel Bay Trail, for some Chromebook internal eMMC disks PINCTRL_BAYTRAIL = yes; # 8 is default. Modern gpt tables on eMMC may go far beyond 8. - MMC_BLOCK_MINORS = "32"; + MMC_BLOCK_MINORS = freeform "32"; REGULATOR = yes; # Voltage and Current Regulator Support RC_DEVICES = option yes; # Enable IR devices @@ -687,9 +677,18 @@ let HOTPLUG_PCI_PCIE = yes; # PCI-Expresscard hotplug support } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { + # Enable memory hotplug support + # Allows you to dynamically add & remove memory to a VM client running NixOS without requiring a reboot + ACPI_HOTPLUG_MEMORY = yes; + MEMORY_HOTPLUG = yes; + MEMORY_HOTREMOVE = yes; + MIGRATION = yes; + SPARSEMEM = yes; + # Bump the maximum number of CPUs to support systems like EC2 x1.* # instances and Xeon Phi. - NR_CPUS = "384"; + NR_CPUS = freeform "384"; }; }; -in (generateNixKConf ((flattenKConf options) // structuredExtraConfig) mkValueOverride) + extraConfig +in + flattenKConf options |