3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

136 commits

Author SHA1 Message Date
Bjørn Forsman 2077385421 kernel: enable CONFIG_DYNAMIC_DEBUG (like Fedora and Ubuntu)
It was useful in tracking down CIFS + DFS issue, and it's apparently
enabled by default in two major distros.
2016-12-10 00:01:21 +02:00
Bjørn Forsman d429520b13 kernel: add CONFIG_CIFS_* like Fedora, Ubuntu
The plan is to fix mounting DFS shares on NixOS (for which some of these
options are needed), but I figured it might be a good idea to enable all
CONFIG_CIFS_* like Fedora 24 and Ubuntu 16.04 while at it. Ubuntu even
has CONFIG_CIFS_SMB311, but as Fedora do not, I left it out.

Mounting DFS shares still doesn't work; need to configure cifs.upcall
and /etc/request-key.conf. Until then, using GVFS as a workaround.
2016-12-10 00:01:21 +02:00
Tim Steinbach eecf76eaa2
linux: 4.9-rc6 -> 4.9-rc7 2016-11-27 19:48:24 -05:00
Franz Pletz 7974d7493a
linux: compress kernel image with xz 2016-11-23 02:24:13 +01:00
Tuomas Tynkkynen 74ecbbe4e3 kernel config: Ensure SECCOMP_FILTER is enabled
As noted in a97db109a2, SECCOMP_FILTER must be enabled or systemd gets
very unhappy.
2016-11-11 02:10:20 +02:00
Peter Hoeg cb93b34999 SMB2 support for CIFS
[tuomas: removed unneeded kernel version check]
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
2016-11-11 02:10:20 +02:00
Tim Steinbach 70c8de0536 Merge pull request #19652 from NeQuissimus/linux_4_9_rc1
linux_testing: 4.8-rc6 -> 4.9-rc1
2016-10-19 14:35:21 -04:00
Tuomas Tynkkynen 59f12d9394 kernel config: Add some filesystem options
Enable encryption support for both F2FS and ext4. For ext4 this is a bit
tricky, since pre-4.8 the way to enable it as a module was just
"EXT4_ENCRYPTION=m" but after that it changed to "FS_ENCRYPTION=m &&
EXT4_ENCRYPTION=y".

Also make sure UDF is enabled.
2016-10-19 16:44:08 +03:00
Tim Steinbach 51c9c2f851
linux_testing: 4.8-rc6 -> 4.9-rc1 2016-10-18 11:19:46 -04:00
Aneesh Agrawal f0602d2d36 kernel: Make SECURITY_YAMA optional
It's highly recommended, but not required to run NixOS.
2016-10-08 17:46:33 +02:00
Aneesh Agrawal a000ed181c linux config: enable the Yama LSM (#14392)
The Yama Linux Security Module restricts the use of ptrace so that
processes cannot ptrace processes that are not their children. This
prevents attackers from compromising one user-level processes and
snooping on the memory and runtime state of other processes owned
by the same user.
2016-10-08 16:40:12 +02:00
Alexander Ried 96fbdf8594 kernel: Disable RT_GROUP_SCHED
Follow systemd recommendation
fd74fa791f/README (L96-L103)
2016-10-05 12:52:45 +02:00
Tim Steinbach 77e1be36b9
kernel-common: Add ZBUD, move ZSMALLOC into module space 2016-09-16 15:31:51 +00:00
Tuomas Tynkkynen 0c0188c5d2 kernel config: Explicitly enable some NLS-related things
Doesn't affect x86, but ARM can't mount VFAT filesystems without this on
a 3.18 kernel.
2016-09-13 17:06:13 +03:00
aszlig 42e1ec215e
linux/kernel: Remove MLX4_EN_VXLAN for 4.8
This option is no longer needed and has been removed in upstream commit
torvalds/linux@a831274a13.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
aszlig 0bce188ec1
linux/kernel: Remove KVM_APIC_ARCHITECTURE for 4.8
The option is no longer needed and has been removed upstream in
torvalds/linux@557abc40d1.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-08-29 20:52:19 +02:00
Joachim Fasting fcf5a24d8c
kernel config: set DEBUG_STACKOVERFLOW regardless of features.grsecurity
features.grsecurity has actually been unset for a long time, with no
ill effect on grsec kernel builds so this conditional looks useless.
2016-08-29 04:08:39 +02:00
Tuomas Tynkkynen c004c6e14d kernel config: Explicitly enable some stuff not enabled by 'make alldefconfig'
List of what to enable taken from https://lwn.net/Articles/672587/.
This doesn't change the resulting x86 configs, but is more useful for
other architectures. For instance, POSIX_MQUEUE is currently missing
on ARM.
2016-08-29 03:07:11 +03:00
Gabriel Ebner 7b01df18a2 kernel: config: enable DRM_AMD_POWERPLAY 2016-08-26 08:45:49 +02:00
Tuomas Tynkkynen bd68309643 kernel config: Enable SECCOMP
This is used by systemd >= 231 and is not enabled in the ARM
multiplatform defconfig.
2016-08-18 16:33:46 +03:00
Tuomas Tynkkynen 088bcf4ec4 kernel config: Fix 3.10, 3.12, 3.14 builds 2016-08-06 17:06:45 +03:00
Michal Rus 7281740c2e
linux: enable DRM_GMA600 and DRM_GMA3600
Adds basic support for Intel GMA3600/3650 (Intel Cedar Trail) platforms
and support for GMA600 (Intel Moorestown/Oaktrail) platforms with LVDS
ports via the gma500_gfx module.

Resolves #14727 Closes #17519
2016-08-05 19:07:40 +02:00
Franz Pletz 2d6b7aa545 linux: enable some useful networking options
All options are enabled by default on Debian and some other
distributions, so these should be safe.
2016-08-05 04:07:31 +02:00
obadz 927a984de6 kernel: make KEXEC_FILE & KEXEC_JUMP optional to fix i686 build
cc @edolstra @dezgeg @domenkozar
2016-07-13 12:49:18 +02:00
Eelco Dolstra ecc26d7a40 linux: Disable the old IDE subsystem
This has long been deprecated in favour of the new ATA support
(CONFIG_ATA).
2016-07-11 15:05:21 +02:00
Eelco Dolstra 7b9c493d60 linux: Enable some kernel features
This enables a few features that should be useful and safe (they're
all used by the default Ubuntu kernel config), in particular zswap,
wakelocks, kernel load address randomization, userfaultfd (useful for
QEMU), paravirtualized spinlocks and automatic process group
scheduling.

Also removes some configuration conditional on kernel versions that we
no longer support.
2016-07-11 15:04:56 +02:00
Eelco Dolstra 1cd7dbc00b linux: Bump NR_CPUS
The default limit (64) is too low for systems like EC2 x1.* instances
or Xeon Phis, so let's increase it.
2016-07-11 14:32:18 +02:00
aszlig 566c990f33
linux-testing: 4.6-rc6 -> 4.7-rc6
The config option DEVPTS_MULTIPLE_INSTANCES now no longer exists since
torvalds/linux@eedf265aa0.

Built successfully on my Hydra instance:

https://headcounter.org/hydra/log/r4n6sv0zld0aj65r7l494757s2r8w8sr-linux-4.7-rc6.drv

Verified unpacked tarball with GnuPG:

ABAF 11C6 5A29 70B1 30AB  E3C4 79BE 3E43 0041 1886

gpg: Signature made Mon 04 Jul 2016 08:13:05 AM CEST
gpg:                using RSA key 79BE3E4300411886
gpg: Good signature from "Linus Torvalds <torvalds@linux-foundation.org>"

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-07-04 10:46:48 +02:00
Joachim Fasting 4ae5eb97f1
kernel: set virtualization options regardless of grsec
Per my own testing, the NixOS grsecurity kernel works both as a
KVM-based virtualisation host and guest; there appears to be no good
reason to making these conditional on `features.grsecurity`.

More generally, it's unclear what `features.grsecurity` *means*. If
someone configures a grsecurity kernel in such a fashion that it breaks
KVM support, they should know to disable KVM themselves.
2016-06-10 19:27:59 +02:00
Joachim Fasting d8e4432fe2
kernel: unconditionally disable /dev/kmem
This was presumably set for grsecurity compatibility, but now appears
redundant.  Grsecurity does not expect nor require /dev/kmem to be
present and so it makes little sense to continue making its inclusion in
the standard kernel dependent on grsecurity.

More generally, given the large number of possible grsecurity
configurations, it is unclear what `features.grsecurity` even
*means* and its use should be discouraged.
2016-06-10 19:27:41 +02:00
Alexander Kjeldaas 4c99d22f19 kernel: set nx bit on module ro segments
Fixes #4757.
2016-06-03 15:41:47 +02:00
Tuomas Tynkkynen 7276417870 kernel config: Enable BINFMT_MISC
This is enabled in x86 builds but lacking on ARM.
2016-04-28 20:46:34 +03:00
Eelco Dolstra 4907fc9e8d Merge pull request #14509 from ragnard/bpf-tracing-kernel-config
linux: kernel config for extended BPF support
2016-04-07 11:01:34 +02:00
Ragnar Dahlén 961d1e847c linux: kernel config for extended BPF support
- Enable BPF_SYSCALL and BPF_EVENTS
- Build modules for NET_CLS_BPF and NET_ACT_BPF

With these config options we can leverage the full potential of BPF for
tracing and instrumenting Linux systems, for example using
libraries/tools like those provided by the bcc project.
2016-04-07 08:14:41 +01:00
Louis Taylor 695c2e4ee4 kernel-config: do not use NFSD_PNFS on >=4.6 2016-03-27 03:09:30 +01:00
Al Zohali 9d03355bed ChromiumOS kernel option fixup 2016-03-08 01:19:42 +03:00
Marko Poikonen ede005ad3f Enabling Media PCI adapters (needed for PCI DVB cards) 2016-03-01 20:57:46 +01:00
Tuomas Tynkkynen 0e1319f03f linux-3.10: fixup config by a slightly hacky way
For explanation see:
https://github.com/NixOS/nixpkgs/pull/13405#issuecomment-188357637
2016-02-25 23:07:47 +01:00
Eelco Dolstra 48f51f1185 linux: Compress kernel modules
This reduces the kernel package from 185 to 62 MiB, for a neglible
boot time cost.
2016-02-01 18:19:23 +01:00
Lluís Batlle i Rossell b2dc647c1e linux: adding PCI Expresscard Hotplug support 2016-02-01 11:07:08 +01:00
Nikolay Amiantov 29785c5b7a Merge pull request #12309 from zohl/chromiumos-kernel
Add ChromiumOS kernels
2016-01-23 13:13:59 +03:00
Al Zohali ee9e7b7224 linux_chromiumos_3_18: init at 3.18.0
Co-authored-by: Nikolay Amiantov <ab@fmap.me>
2016-01-13 22:43:19 +03:00
Lluís Batlle i Rossell 1792ca5810 Increasing mmc possible partitions from 8 to 32.
In kernel common config. I have a modern tablet with 18 gpt partitions
on eMMC (Android+Win10 dualboot).
2016-01-11 09:27:58 +01:00
Lluís Batlle i Rossell be9ad574f7 Adding framebuffer console rotation to kernels.
This helps in some weird screens that otherwise show the console 90° turned.
2016-01-07 16:48:46 +01:00
Eelco Dolstra e4b4e9b986 linux: Make Unix domain sockets builtin
This hopefully fixes intermittent initrd failures where udevd cannot
create a Unix domain socket:

  machine# running udev...
  machine# error getting socket: Address family not supported by protocol
  machine# error initializing udev control socket
  machine# error getting socket: Address family not supported by protocol

The "unix" kernel module is supposed to be loaded automatically, and
clearly that works most of the time, but maybe there is a race
somewhere. In any case, no sane person would run a kernel without Unix
domain sockets, so we may as well make it builtin.

http://hydra.nixos.org/build/30001448
2016-01-07 13:20:53 +01:00
William A. Kennington III 893179e9c1 linux-testing: Bump to 4.4-rc1 2015-11-17 17:21:25 -08:00
Brian McKenna 6668058a62 linux: add config options needed for a Bay Trail Chromebook
Close #10416.
Got /dev/mmcblk0 on a live CD with these options:

    X86_INTEL_LPSS y
    PINCTRL_BAYTRAIL y
2015-11-11 15:33:42 +01:00
Shea Levy 3c14c32975 Really disable the firmware loader user helper fallback 2015-10-30 13:31:51 -04:00
Shea Levy a7157fa2f0 Remove firmware loader fallback.
Systemd dropped support in 207 (would be nice if configure failed with a bad flag),
so all this does is add an annoying delay if firmware can't be found by the kernel
2015-10-30 10:29:56 -04:00
Eelco Dolstra d2918797bb linux: Fix i686 build 2015-10-28 11:09:59 +01:00