3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

3 commits

Author SHA1 Message Date
Eelco Dolstra f2f00c56e4 linux: Enable stack protector
This may prevent exploitation of buffer overflows.
2013-08-01 01:40:41 +02:00
Eelco Dolstra bc8186be1e linux: Disable /dev/kmem
See e.g.
  https://wiki.ubuntu.com/Security/Features#A.2BAC8-dev.2BAC8-kmem_disabled
2013-08-01 01:40:40 +02:00
Eelco Dolstra 7ce325f3e0 Unify the Linux kernel configurations
Having N different copies of the NixOS kernel configuration is bad
because these copies tend to diverge.  For instance, our 3.10 config
lacked some modules that were enabled in older configs, probably
because the 3.10 config had been copied off an earlier version of some
older kernel config.

So now there is a single kernel config in common-config.nix.  It has a
few conditionals to deal with new/removed kernel options, but
otherwise it's pretty straightforward.

Also, a lot of cut&paste boilerplate between the kernel Nix
expressions is gone (such as preConfigure).
2013-08-01 01:40:40 +02:00