forked from mirrors/nixpkgs
e5c3a52afc
Previously, features.grsecurity wasn't actually set due to a bug in the grsec builder. We now rely on the generic kernel builder to set features from kernelPatches.
33 lines
685 B
Nix
33 lines
685 B
Nix
{ stdenv
|
|
, overrideDerivation
|
|
|
|
# required for gcc plugins
|
|
, gmp, libmpc, mpfr
|
|
|
|
# the base kernel
|
|
, kernel
|
|
|
|
, grsecPatch
|
|
, kernelPatches ? []
|
|
|
|
, localver ? "-grsec"
|
|
, modDirVersion ? "${kernel.version}${localver}"
|
|
, extraConfig ? ""
|
|
, ...
|
|
} @ args:
|
|
|
|
assert (kernel.version == grsecPatch.kver);
|
|
|
|
overrideDerivation (kernel.override {
|
|
inherit modDirVersion;
|
|
kernelPatches = [ grsecPatch ] ++ kernelPatches ++ (kernel.kernelPatches or []);
|
|
inherit extraConfig;
|
|
ignoreConfigErrors = true;
|
|
}) (attrs: {
|
|
nativeBuildInputs = [ gmp libmpc mpfr ] ++ (attrs.nativeBuildInputs or []);
|
|
preConfigure = ''
|
|
echo ${localver} >localversion-grsec
|
|
${attrs.preConfigure or ""}
|
|
'';
|
|
})
|