summary refs log tree commit diff
path: root/pkgs/os-specific/linux/kernel/common-config.nix
diff options
context:
space:
mode:
authorRicardo M. Correia <rcorreia@wizy.org>2020-05-26 14:09:20 +0200
committerRicardo M. Correia <rcorreia@wizy.org>2020-06-10 13:17:17 +0200
commit9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca (patch)
tree99babf9f3473e949c9eda240b54f2a44fa0b42d4 /pkgs/os-specific/linux/kernel/common-config.nix
parent6e9bb30566a617613e607a3641fe12d040de3afb (diff)
downloadnixpkgs-9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca.tar
nixpkgs-9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca.tar.gz
nixpkgs-9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca.tar.bz2
nixpkgs-9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca.tar.lz
nixpkgs-9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca.tar.xz
nixpkgs-9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca.tar.zst
nixpkgs-9dd9bc7bcc2a54f7dc0cb23cef701439dfb9d0ca.zip
linux: fix kernel config options
Some of the options didn't have correct kernel version constraints,
others had been removed or made optional unnecessarily in #84032.
Diffstat (limited to 'pkgs/os-specific/linux/kernel/common-config.nix')
-rw-r--r--pkgs/os-specific/linux/kernel/common-config.nix31
1 files changed, 19 insertions, 12 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index d239455ad34..59056ef338c 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -63,7 +63,7 @@ let
       PM_WAKELOCKS                     = yes;
       # Power-capping framework and support for INTEL RAPL
       POWERCAP                         = yes;
-      INTEL_RAPL                       = module;
+      INTEL_RAPL                       = whenAtLeast "5.3" module;
     };
 
     external-firmware = {
@@ -120,7 +120,7 @@ let
       HAVE_EBPF_JIT      = whenPlatformHasEBPFJit yes;
       BPF_STREAM_PARSER  = whenAtLeast "4.19" yes;
       XDP_SOCKETS        = whenAtLeast "4.19" yes;
-      XDP_SOCKETS_DIAG   = whenAtLeast "4.19" yes;
+      XDP_SOCKETS_DIAG   = whenAtLeast "5.1" yes;
       WAN                = yes;
       TCP_CONG_CUBIC     = yes; # This is the default congestion control algorithm since 2.6.19
       # Required by systemd per-cgroup firewalling
@@ -167,13 +167,18 @@ let
       NF_CONNTRACK_TIMEOUT        = yes;
       NF_CONNTRACK_TIMESTAMP      = yes;
       NETFILTER_NETLINK_GLUE_CT   = yes;
-      NF_TABLES_INET              = whenAtLeast "4.19" yes;
-      NF_TABLES_NETDEV            = whenAtLeast "4.19" yes;
+      NF_TABLES_INET              = mkMerge [ (whenOlder "4.17" module)
+                                              (whenAtLeast "4.17" yes) ];
+      NF_TABLES_NETDEV            = mkMerge [ (whenOlder "4.17" module)
+                                              (whenAtLeast "4.17" yes) ];
       # IP: Netfilter Configuration
-      NF_TABLES_IPV4              = yes;
-      NF_TABLES_ARP               = whenAtLeast "4.19" yes;
+      NF_TABLES_IPV4              = mkMerge [ (whenOlder "4.17" module)
+                                              (whenAtLeast "4.17" yes) ];
+      NF_TABLES_ARP               = mkMerge [ (whenOlder "4.17" module)
+                                              (whenAtLeast "4.17" yes) ];
       # IPv6: Netfilter Configuration
-      NF_TABLES_IPV6              = yes;
+      NF_TABLES_IPV6              = mkMerge [ (whenOlder "4.17" module)
+                                              (whenAtLeast "4.17" yes) ];
       # Bridge Netfilter Configuration
       NF_TABLES_BRIDGE            = mkMerge [ (whenBetween "4.19" "5.3" yes)
                                               (whenAtLeast "5.3" module) ];
@@ -183,7 +188,8 @@ let
       NET_DROP_MONITOR = yes;
 
       # needed for ss
-      INET_DIAG         = yes;
+      INET_DIAG         = module;
+      INET_TCP_DIAG     = module;
       INET_UDP_DIAG     = module;
       INET_RAW_DIAG     = whenAtLeast "4.14" module;
       INET_DIAG_DESTROY = whenAtLeast "4.9" yes;
@@ -364,7 +370,7 @@ let
       CIFS_STATS        = whenOlder "4.19" yes;
       CIFS_WEAK_PW_HASH = yes;
       CIFS_UPCALL       = yes;
-      CIFS_ACL          = option yes;
+      CIFS_ACL          = whenOlder "5.3" yes;
       CIFS_DFS_UPCALL   = yes;
       CIFS_SMB2         = whenOlder "4.13" yes;
 
@@ -395,7 +401,7 @@ let
       DEBUG_SET_MODULE_RONX            = { optional = true; tristate = whenOlder "4.11" "y"; };
       RANDOMIZE_BASE                   = option yes;
       STRICT_DEVMEM                    = option yes; # Filter access to /dev/mem
-      SECURITY_SELINUX_BOOTPARAM_VALUE = option (freeform "0"); # Disable SELinux by default
+      SECURITY_SELINUX_BOOTPARAM_VALUE = whenOlder "5.1" (freeform "0"); # Disable SELinux by default
       # Prevent processes from ptracing non-children processes
       SECURITY_YAMA                    = option yes;
       DEVKMEM                          = mkIf (!features.grsecurity) no; # Disable /dev/kmem
@@ -707,8 +713,9 @@ let
       KEXEC_FILE      = option yes;
       KEXEC_JUMP      = option yes;
 
+      PARTITION_ADVANCED    = yes; # Needed for LDM_PARTITION
       # Windows Logical Disk Manager (Dynamic Disk) support
-      LDM_PARTITION         = option yes;
+      LDM_PARTITION         = yes;
       LOGIRUMBLEPAD2_FF     = yes; # Logitech Rumblepad 2 force feedback
       LOGO                  = no; # not needed
       MEDIA_ATTACH          = yes;
@@ -793,7 +800,7 @@ let
       SUN8I_DE2_CCU = whenAtLeast "4.13" yes;
 
       # See comments on https://github.com/NixOS/nixpkgs/commit/9b67ea9106102d882f53d62890468071900b9647
-      CRYPTO_AEGIS128_SIMD = no;
+      CRYPTO_AEGIS128_SIMD = whenAtLeast "5.4" no;
     };
   };
 in
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-02 14:46:24 +0000