diff options
Diffstat (limited to 'nixpkgs/nixos/modules/virtualisation')
14 files changed, 202 insertions, 254 deletions
diff --git a/nixpkgs/nixos/modules/virtualisation/docker-rootless.nix b/nixpkgs/nixos/modules/virtualisation/docker-rootless.nix index f4e4bdc0963a..1cdb98b704ce 100644 --- a/nixpkgs/nixos/modules/virtualisation/docker-rootless.nix +++ b/nixpkgs/nixos/modules/virtualisation/docker-rootless.nix @@ -47,14 +47,7 @@ in ''; }; - package = mkOption { - default = pkgs.docker; - defaultText = literalExpression "pkgs.docker"; - type = types.package; - description = lib.mdDoc '' - Docker package to be used in the module. - ''; - }; + package = mkPackageOption pkgs "docker" { }; }; ###### implementation diff --git a/nixpkgs/nixos/modules/virtualisation/docker.nix b/nixpkgs/nixos/modules/virtualisation/docker.nix index 6fe460316091..b0d61ee06091 100644 --- a/nixpkgs/nixos/modules/virtualisation/docker.nix +++ b/nixpkgs/nixos/modules/virtualisation/docker.nix @@ -150,14 +150,7 @@ in }; }; - package = mkOption { - default = pkgs.docker; - defaultText = literalExpression "pkgs.docker"; - type = types.package; - description = lib.mdDoc '' - Docker package to be used in the module. - ''; - }; + package = mkPackageOption pkgs "docker" { }; extraPackages = mkOption { type = types.listOf types.package; diff --git a/nixpkgs/nixos/modules/virtualisation/ecs-agent.nix b/nixpkgs/nixos/modules/virtualisation/ecs-agent.nix index dd87df9a2780..76bdccca9872 100644 --- a/nixpkgs/nixos/modules/virtualisation/ecs-agent.nix +++ b/nixpkgs/nixos/modules/virtualisation/ecs-agent.nix @@ -8,12 +8,7 @@ in { options.services.ecs-agent = { enable = mkEnableOption (lib.mdDoc "Amazon ECS agent"); - package = mkOption { - type = types.path; - description = lib.mdDoc "The ECS agent package to use"; - default = pkgs.ecs-agent; - defaultText = literalExpression "pkgs.ecs-agent"; - }; + package = mkPackageOption pkgs "ecs-agent" { }; extra-environment = mkOption { type = types.attrsOf types.str; diff --git a/nixpkgs/nixos/modules/virtualisation/incus.nix b/nixpkgs/nixos/modules/virtualisation/incus.nix index 3a4f0d7157a0..47a5e462262d 100644 --- a/nixpkgs/nixos/modules/virtualisation/incus.nix +++ b/nixpkgs/nixos/modules/virtualisation/incus.nix @@ -17,9 +17,9 @@ in {command}`incus` command line tool, among others. ''); - package = lib.mkPackageOptionMD pkgs "incus" { }; + package = lib.mkPackageOption pkgs "incus" { }; - lxcPackage = lib.mkPackageOptionMD pkgs "lxc" { }; + lxcPackage = lib.mkPackageOption pkgs "lxc" { }; preseed = lib.mkOption { type = lib.types.nullOr ( diff --git a/nixpkgs/nixos/modules/virtualisation/libvirtd.nix b/nixpkgs/nixos/modules/virtualisation/libvirtd.nix index 708c577ec1ed..e195ff937d68 100644 --- a/nixpkgs/nixos/modules/virtualisation/libvirtd.nix +++ b/nixpkgs/nixos/modules/virtualisation/libvirtd.nix @@ -64,25 +64,14 @@ let ''; }; - package = mkOption { - type = types.package; - default = pkgs.swtpm; - defaultText = literalExpression "pkgs.swtpm"; - description = lib.mdDoc '' - swtpm package to use. - ''; - }; + package = mkPackageOption pkgs "swtpm" { }; }; }; qemuModule = types.submodule { options = { - package = mkOption { - type = types.package; - default = pkgs.qemu; - defaultText = literalExpression "pkgs.qemu"; - description = lib.mdDoc '' - Qemu package to use with libvirt. + package = mkPackageOption pkgs "qemu" { + extraDescription = '' `pkgs.qemu` can emulate alien architectures (e.g. aarch64 on x86) `pkgs.qemu_kvm` saves disk space allowing to emulate only host architectures. ''; @@ -183,6 +172,31 @@ let }; }; }; + + nssModule = types.submodule { + options = { + enable = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + This option enables the older libvirt NSS module. This method uses + DHCP server records, therefore is dependent on the hostname provided + by the guest. + Please see https://libvirt.org/nss.html for more information. + ''; + }; + + enableGuest = mkOption { + type = types.bool; + default = false; + description = lib.mdDoc '' + This option enables the newer libvirt_guest NSS module. This module + uses the libvirt guest name instead of the hostname of the guest. + Please see https://libvirt.org/nss.html for more information. + ''; + }; + }; + }; in { @@ -224,14 +238,7 @@ in ''; }; - package = mkOption { - type = types.package; - default = pkgs.libvirt; - defaultText = literalExpression "pkgs.libvirt"; - description = lib.mdDoc '' - libvirt package to use. - ''; - }; + package = mkPackageOption pkgs "libvirt" { }; extraConfig = mkOption { type = types.lines; @@ -308,6 +315,14 @@ in Hooks related options. ''; }; + + nss = mkOption { + type = nssModule; + default = { }; + description = lib.mdDoc '' + libvirt NSS module options. + ''; + }; }; @@ -434,7 +449,7 @@ in ] ++ cfg.extraOptions ); - path = [ cfg.qemu.package ] # libvirtd requires qemu-img to manage disk images + path = [ cfg.qemu.package pkgs.netcat ] # libvirtd requires qemu-img to manage disk images ++ optional vswitch.enable vswitch.package ++ optional cfg.qemu.swtpm.enable cfg.qemu.swtpm.package; @@ -498,5 +513,11 @@ in }); ''; }; + + system.nssModules = optional (cfg.nss.enable or cfg.nss.enableGuest) cfg.package; + system.nssDatabases.hosts = builtins.concatLists [ + (optional cfg.nss.enable "libvirt") + (optional cfg.nss.enableGuest "libvirt_guest") + ]; }; } diff --git a/nixpkgs/nixos/modules/virtualisation/lxc-container.nix b/nixpkgs/nixos/modules/virtualisation/lxc-container.nix index 61d7c4cb73fe..4db4df02fe8c 100644 --- a/nixpkgs/nixos/modules/virtualisation/lxc-container.nix +++ b/nixpkgs/nixos/modules/virtualisation/lxc-container.nix @@ -1,26 +1,16 @@ { lib, config, pkgs, ... }: -let - cfg = config.virtualisation.lxc; -in { +{ + meta.maintainers = with lib.maintainers; [ adamcstephens ]; + imports = [ ./lxc-instance-common.nix + + (lib.mkRemovedOptionModule [ "virtualisation" "lxc" "nestedContainer" ] "") + (lib.mkRemovedOptionModule [ "virtualisation" "lxc" "privilegedContainer" ] "") ]; - options = { - virtualisation.lxc = { - nestedContainer = lib.mkEnableOption (lib.mdDoc '' - Whether this container is configured as a nested container. On LXD containers this is recommended - for all containers and is enabled with `security.nesting = true`. - ''); - - privilegedContainer = lib.mkEnableOption (lib.mdDoc '' - Whether this LXC container will be running as a privileged container or not. If set to `true` then - additional configuration will be applied to the `systemd` instance running within the container as - recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). - ''); - }; - }; + options = { }; config = { boot.isContainer = true; @@ -85,34 +75,10 @@ in { ${pkgs.coreutils}/bin/ln -fs "$1/init" /sbin/init ''; - systemd.additionalUpstreamSystemUnits = lib.mkIf cfg.nestedContainer ["systemd-udev-trigger.service"]; - - # Add the overrides from lxd distrobuilder - # https://github.com/lxc/distrobuilder/blob/05978d0d5a72718154f1525c7d043e090ba7c3e0/distrobuilder/main.go#L630 - systemd.packages = [ - (pkgs.writeTextFile { - name = "systemd-lxc-service-overrides"; - destination = "/etc/systemd/system/service.d/zzz-lxc-service.conf"; - text = '' - [Service] - ProcSubset=all - ProtectProc=default - ProtectControlGroups=no - ProtectKernelTunables=no - NoNewPrivileges=no - LoadCredential= - '' + lib.optionalString cfg.privilegedContainer '' - # Additional settings for privileged containers - ProtectHome=no - ProtectSystem=no - PrivateDevices=no - PrivateTmp=no - ProtectKernelLogs=no - ProtectKernelModules=no - ReadWritePaths= - ''; - }) - ]; + # networkd depends on this, but systemd module disables this for containers + systemd.additionalUpstreamSystemUnits = ["systemd-udev-trigger.service"]; + + systemd.packages = [ pkgs.distrobuilder.generator ]; system.activationScripts.installInitScript = lib.mkForce '' ln -fs $systemConfig/init /sbin/init diff --git a/nixpkgs/nixos/modules/virtualisation/multipass.nix b/nixpkgs/nixos/modules/virtualisation/multipass.nix index b331b3be7ea5..5aae48e21386 100644 --- a/nixpkgs/nixos/modules/virtualisation/multipass.nix +++ b/nixpkgs/nixos/modules/virtualisation/multipass.nix @@ -22,7 +22,7 @@ in ''; }; - package = lib.mkPackageOptionMD pkgs "multipass" { }; + package = lib.mkPackageOption pkgs "multipass" { }; }; }; diff --git a/nixpkgs/nixos/modules/virtualisation/nixos-containers.nix b/nixpkgs/nixos/modules/virtualisation/nixos-containers.nix index 6fdb177b968b..d4fa707b2dd5 100644 --- a/nixpkgs/nixos/modules/virtualisation/nixos-containers.nix +++ b/nixpkgs/nixos/modules/virtualisation/nixos-containers.nix @@ -771,141 +771,147 @@ in }; - config = mkIf (config.boot.enableContainers) (let + config = mkMerge [ + { + warnings = optional (!config.boot.enableContainers && config.containers != {}) + "containers.<name> is used, but boot.enableContainers is false. To use containers.<name>, set boot.enableContainers to true."; + } - unit = { - description = "Container '%i'"; + (mkIf (config.boot.enableContainers) (let + unit = { + description = "Container '%i'"; - unitConfig.RequiresMountsFor = "${stateDirectory}/%i"; + unitConfig.RequiresMountsFor = "${stateDirectory}/%i"; - path = [ pkgs.iproute2 ]; + path = [ pkgs.iproute2 ]; - environment = { - root = "${stateDirectory}/%i"; - INSTANCE = "%i"; - }; + environment = { + root = "${stateDirectory}/%i"; + INSTANCE = "%i"; + }; - preStart = preStartScript dummyConfig; + preStart = preStartScript dummyConfig; - script = startScript dummyConfig; + script = startScript dummyConfig; - postStart = postStartScript dummyConfig; + postStart = postStartScript dummyConfig; - restartIfChanged = false; + restartIfChanged = false; - serviceConfig = serviceDirectives dummyConfig; - }; - in { - warnings = - (optional (config.virtualisation.containers.enable && versionOlder config.system.stateVersion "22.05") '' - Enabling both boot.enableContainers & virtualisation.containers on system.stateVersion < 22.05 is unsupported. - ''); - - systemd.targets.multi-user.wants = [ "machines.target" ]; - - systemd.services = listToAttrs (filter (x: x.value != null) ( - # The generic container template used by imperative containers - [{ name = "container@"; value = unit; }] - # declarative containers - ++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let - containerConfig = cfg // ( - optionalAttrs cfg.enableTun - { - allowedDevices = cfg.allowedDevices - ++ [ { node = "/dev/net/tun"; modifier = "rw"; } ]; - additionalCapabilities = cfg.additionalCapabilities - ++ [ "CAP_NET_ADMIN" ]; - } - ); - in - recursiveUpdate unit { - preStart = preStartScript containerConfig; - script = startScript containerConfig; - postStart = postStartScript containerConfig; - serviceConfig = serviceDirectives containerConfig; - unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "${stateDirectory}/%i"; - environment.root = if containerConfig.ephemeral then "/run/nixos-containers/%i" else "${stateDirectory}/%i"; - } // ( - optionalAttrs containerConfig.autoStart - { - wantedBy = [ "machines.target" ]; - wants = [ "network.target" ]; - after = [ "network.target" ]; - restartTriggers = [ - containerConfig.path - config.environment.etc."${configurationDirectoryName}/${name}.conf".source - ]; - restartIfChanged = containerConfig.restartIfChanged; - } - ) - )) config.containers) - )); - - # Generate a configuration file in /etc/nixos-containers for each - # container so that container@.target can get the container - # configuration. - environment.etc = - let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort); - in mapAttrs' (name: cfg: nameValuePair "${configurationDirectoryName}/${name}.conf" - { text = - '' - SYSTEM_PATH=${cfg.path} - ${optionalString cfg.privateNetwork '' - PRIVATE_NETWORK=1 - ${optionalString (cfg.hostBridge != null) '' - HOST_BRIDGE=${cfg.hostBridge} - ''} - ${optionalString (length cfg.forwardPorts > 0) '' - HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)} - ''} - ${optionalString (cfg.hostAddress != null) '' - HOST_ADDRESS=${cfg.hostAddress} - ''} - ${optionalString (cfg.hostAddress6 != null) '' - HOST_ADDRESS6=${cfg.hostAddress6} - ''} - ${optionalString (cfg.localAddress != null) '' - LOCAL_ADDRESS=${cfg.localAddress} + serviceConfig = serviceDirectives dummyConfig; + }; + in { + warnings = + (optional (config.virtualisation.containers.enable && versionOlder config.system.stateVersion "22.05") '' + Enabling both boot.enableContainers & virtualisation.containers on system.stateVersion < 22.05 is unsupported. + ''); + + systemd.targets.multi-user.wants = [ "machines.target" ]; + + systemd.services = listToAttrs (filter (x: x.value != null) ( + # The generic container template used by imperative containers + [{ name = "container@"; value = unit; }] + # declarative containers + ++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let + containerConfig = cfg // ( + optionalAttrs cfg.enableTun + { + allowedDevices = cfg.allowedDevices + ++ [ { node = "/dev/net/tun"; modifier = "rw"; } ]; + additionalCapabilities = cfg.additionalCapabilities + ++ [ "CAP_NET_ADMIN" ]; + } + ); + in + recursiveUpdate unit { + preStart = preStartScript containerConfig; + script = startScript containerConfig; + postStart = postStartScript containerConfig; + serviceConfig = serviceDirectives containerConfig; + unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "${stateDirectory}/%i"; + environment.root = if containerConfig.ephemeral then "/run/nixos-containers/%i" else "${stateDirectory}/%i"; + } // ( + optionalAttrs containerConfig.autoStart + { + wantedBy = [ "machines.target" ]; + wants = [ "network.target" ]; + after = [ "network.target" ]; + restartTriggers = [ + containerConfig.path + config.environment.etc."${configurationDirectoryName}/${name}.conf".source + ]; + restartIfChanged = containerConfig.restartIfChanged; + } + ) + )) config.containers) + )); + + # Generate a configuration file in /etc/nixos-containers for each + # container so that container@.target can get the container + # configuration. + environment.etc = + let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort); + in mapAttrs' (name: cfg: nameValuePair "${configurationDirectoryName}/${name}.conf" + { text = + '' + SYSTEM_PATH=${cfg.path} + ${optionalString cfg.privateNetwork '' + PRIVATE_NETWORK=1 + ${optionalString (cfg.hostBridge != null) '' + HOST_BRIDGE=${cfg.hostBridge} + ''} + ${optionalString (length cfg.forwardPorts > 0) '' + HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)} + ''} + ${optionalString (cfg.hostAddress != null) '' + HOST_ADDRESS=${cfg.hostAddress} + ''} + ${optionalString (cfg.hostAddress6 != null) '' + HOST_ADDRESS6=${cfg.hostAddress6} + ''} + ${optionalString (cfg.localAddress != null) '' + LOCAL_ADDRESS=${cfg.localAddress} + ''} + ${optionalString (cfg.localAddress6 != null) '' + LOCAL_ADDRESS6=${cfg.localAddress6} + ''} ''} - ${optionalString (cfg.localAddress6 != null) '' - LOCAL_ADDRESS6=${cfg.localAddress6} + INTERFACES="${toString cfg.interfaces}" + MACVLANS="${toString cfg.macvlans}" + ${optionalString cfg.autoStart '' + AUTO_START=1 ''} - ''} - INTERFACES="${toString cfg.interfaces}" - MACVLANS="${toString cfg.macvlans}" - ${optionalString cfg.autoStart '' - AUTO_START=1 - ''} - EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts + - optionalString (cfg.extraFlags != []) - (" " + concatStringsSep " " cfg.extraFlags)}" - ''; - }) config.containers; - - # Generate /etc/hosts entries for the containers. - networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null) - '' - ${head (splitString "/" cfg.localAddress)} ${name}.containers - '') config.containers); + EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts + + optionalString (cfg.extraFlags != []) + (" " + concatStringsSep " " cfg.extraFlags)}" + ''; + }) config.containers; + + # Generate /etc/hosts entries for the containers. + networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null) + '' + ${head (splitString "/" cfg.localAddress)} ${name}.containers + '') config.containers); - networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ]; + networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ]; - services.udev.extraRules = optionalString config.networking.networkmanager.enable '' - # Don't manage interfaces created by nixos-container. - ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1" - ''; + services.udev.extraRules = optionalString config.networking.networkmanager.enable '' + # Don't manage interfaces created by nixos-container. + ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1" + ''; - environment.systemPackages = [ - nixos-container - ]; - - boot.kernelModules = [ - "bridge" - "macvlan" - "tap" - "tun" - ]; - }); + environment.systemPackages = [ + nixos-container + ]; + + boot.kernelModules = [ + "bridge" + "macvlan" + "tap" + "tun" + ]; + })) + ]; meta.buildDocsInSandbox = false; } diff --git a/nixpkgs/nixos/modules/virtualisation/openvswitch.nix b/nixpkgs/nixos/modules/virtualisation/openvswitch.nix index 32646f60f8e0..a968c732f8f7 100644 --- a/nixpkgs/nixos/modules/virtualisation/openvswitch.nix +++ b/nixpkgs/nixos/modules/virtualisation/openvswitch.nix @@ -28,14 +28,7 @@ in { ''; }; - package = mkOption { - type = types.package; - default = pkgs.openvswitch; - defaultText = literalExpression "pkgs.openvswitch"; - description = lib.mdDoc '' - Open vSwitch package to use. - ''; - }; + package = mkPackageOption pkgs "openvswitch" { }; }; config = mkIf cfg.enable (let diff --git a/nixpkgs/nixos/modules/virtualisation/qemu-guest-agent.nix b/nixpkgs/nixos/modules/virtualisation/qemu-guest-agent.nix index 650fb2419160..aeab0ceac3cc 100644 --- a/nixpkgs/nixos/modules/virtualisation/qemu-guest-agent.nix +++ b/nixpkgs/nixos/modules/virtualisation/qemu-guest-agent.nix @@ -12,12 +12,7 @@ in { default = false; description = lib.mdDoc "Whether to enable the qemu guest agent."; }; - package = mkOption { - type = types.package; - default = pkgs.qemu_kvm.ga; - defaultText = literalExpression "pkgs.qemu_kvm.ga"; - description = lib.mdDoc "The QEMU guest agent package."; - }; + package = mkPackageOption pkgs [ "qemu_kvm" "ga" ] { }; }; config = mkIf cfg.enable ( diff --git a/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix b/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix index 6f275baf60dc..d92fd48a6103 100644 --- a/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix @@ -899,7 +899,7 @@ in virtualisation.tpm = { enable = mkEnableOption "a TPM device in the virtual machine with a driver, using swtpm."; - package = mkPackageOptionMD cfg.host.pkgs "swtpm" { }; + package = mkPackageOption cfg.host.pkgs "swtpm" { }; deviceModel = mkOption { type = types.str; diff --git a/nixpkgs/nixos/modules/virtualisation/virtualbox-host.nix b/nixpkgs/nixos/modules/virtualisation/virtualbox-host.nix index 9741ea090f79..50a8f8189590 100644 --- a/nixpkgs/nixos/modules/virtualisation/virtualbox-host.nix +++ b/nixpkgs/nixos/modules/virtualisation/virtualbox-host.nix @@ -40,14 +40,7 @@ in ''; }; - package = mkOption { - type = types.package; - default = pkgs.virtualbox; - defaultText = literalExpression "pkgs.virtualbox"; - description = lib.mdDoc '' - Which VirtualBox package to use. - ''; - }; + package = mkPackageOption pkgs "virtualbox" { }; addNetworkInterface = mkOption { type = types.bool; diff --git a/nixpkgs/nixos/modules/virtualisation/vmware-host.nix b/nixpkgs/nixos/modules/virtualisation/vmware-host.nix index 4b2dc28aeac7..1eaa896fe096 100644 --- a/nixpkgs/nixos/modules/virtualisation/vmware-host.nix +++ b/nixpkgs/nixos/modules/virtualisation/vmware-host.nix @@ -37,12 +37,7 @@ in ::: ''; }; - package = mkOption { - type = types.package; - default = pkgs.vmware-workstation; - defaultText = literalExpression "pkgs.vmware-workstation"; - description = lib.mdDoc "VMware host virtualisation package to use"; - }; + package = mkPackageOption pkgs "vmware-workstation" { }; extraPackages = mkOption { type = with types; listOf package; default = with pkgs; [ ]; diff --git a/nixpkgs/nixos/modules/virtualisation/waydroid.nix b/nixpkgs/nixos/modules/virtualisation/waydroid.nix index 46e5f901015d..b0e85b685083 100644 --- a/nixpkgs/nixos/modules/virtualisation/waydroid.nix +++ b/nixpkgs/nixos/modules/virtualisation/waydroid.nix @@ -1,10 +1,8 @@ { config, lib, pkgs, ... }: -with lib; - let - cfg = config.virtualisation.waydroid; + kCfg = config.lib.kernelConfig; kernelPackages = config.boot.kernelPackages; waydroidGbinderConf = pkgs.writeText "waydroid.conf" '' [Protocol] @@ -22,19 +20,19 @@ in { options.virtualisation.waydroid = { - enable = mkEnableOption (lib.mdDoc "Waydroid"); + enable = lib.mkEnableOption (lib.mdDoc "Waydroid"); }; - config = mkIf cfg.enable { - assertions = singleton { - assertion = versionAtLeast (getVersion config.boot.kernelPackages.kernel) "4.18"; + config = lib.mkIf cfg.enable { + assertions = lib.singleton { + assertion = lib.versionAtLeast (lib.getVersion config.boot.kernelPackages.kernel) "4.18"; message = "Waydroid needs user namespace support to work properly"; }; - system.requiredKernelConfig = with config.lib.kernelConfig; [ - (isEnabled "ANDROID_BINDER_IPC") - (isEnabled "ANDROID_BINDERFS") - (isEnabled "ASHMEM") # FIXME Needs memfd support instead on Linux 5.18 and waydroid 1.2.1 + system.requiredKernelConfig = [ + (kCfg.isEnabled "ANDROID_BINDER_IPC") + (kCfg.isEnabled "ANDROID_BINDERFS") + (kCfg.isEnabled "ASHMEM") # FIXME Needs memfd support instead on Linux 5.18 and waydroid 1.2.1 ]; /* NOTE: we always enable this flag even if CONFIG_PSI_DEFAULT_DISABLED is not on |