diff options
Diffstat (limited to 'pkgs/os-specific/linux/kernel/common-config.nix')
| -rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 40 |
1 files changed, 36 insertions, 4 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 54e6b7822f9..bd99a7979ee 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -27,8 +27,11 @@ with stdenv.lib; MODULE_COMPRESS_XZ y ''} + KERNEL_XZ y + # Debugging. DEBUG_KERNEL y + DYNAMIC_DEBUG y TIMER_STATS y BACKTRACE_SELF_TEST n CPU_NOTIFIER_ERROR_INJECT? n @@ -180,7 +183,7 @@ with stdenv.lib; VGA_SWITCHEROO y # Hybrid graphics support DRM_GMA600 y DRM_GMA3600 y - ${optionalString (versionAtLeast version "4.5") '' + ${optionalString (versionAtLeast version "4.5" && (versionOlder version "4.9")) '' DRM_AMD_POWERPLAY y # necessary for amdgpu polaris support ''} @@ -210,6 +213,7 @@ with stdenv.lib; # ACLs for all filesystems that support them. FANOTIFY y TMPFS y + FS_ENCRYPTION? m EXT2_FS_XATTR y EXT2_FS_POSIX_ACL y EXT2_FS_SECURITY y @@ -219,6 +223,7 @@ with stdenv.lib; EXT3_FS_POSIX_ACL y EXT3_FS_SECURITY y EXT4_FS_POSIX_ACL y + EXT4_ENCRYPTION? ${if versionOlder version "4.8" then "m" else "y"} EXT4_FS_SECURITY y REISERFS_FS_XATTR? y REISERFS_FS_POSIX_ACL? y @@ -231,6 +236,10 @@ with stdenv.lib; OCFS2_DEBUG_MASKLOG? n BTRFS_FS_POSIX_ACL y UBIFS_FS_ADVANCED_COMPR? y + F2FS_FS m + F2FS_FS_SECURITY? y + F2FS_FS_ENCRYPTION? y + UDF_FS m ${optionalString (versionAtLeast version "4.0" && versionOlder version "4.6") '' NFSD_PNFS y ''} @@ -252,6 +261,12 @@ with stdenv.lib; CIFS_XATTR y CIFS_POSIX y CIFS_FSCACHE y + CIFS_STATS y + CIFS_WEAK_PW_HASH y + CIFS_UPCALL y + CIFS_ACL y + CIFS_DFS_UPCALL y + CIFS_SMB2 y ${optionalString (versionAtLeast version "3.12") '' CEPH_FSCACHE y ''} @@ -270,6 +285,13 @@ with stdenv.lib; SQUASHFS_LZ4 y ''} + # Native Language Support modules, needed by some filesystems + NLS y + NLS_DEFAULT utf8 + NLS_UTF8 m + NLS_CODEPAGE_437 m # VFAT default for the codepage= mount option + NLS_ISO8859_1 m # VFAT default for the iocharset= mount option + # Runtime security tests DEBUG_SET_MODULE_RONX? y # Detect writes to read-only module pages @@ -277,6 +299,7 @@ with stdenv.lib; RANDOMIZE_BASE? y STRICT_DEVMEM y # Filter access to /dev/mem SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default + SECURITY_YAMA? y # Prevent processes from ptracing non-children processes DEVKMEM n # Disable /dev/kmem ${if versionOlder version "3.14" then '' CC_STACKPROTECTOR? y # Detect buffer overflows on the stack @@ -327,6 +350,7 @@ with stdenv.lib; CGROUPS y # used by systemd FHANDLE y # used by systemd SECCOMP y # used by systemd >= 231 + SECCOMP_FILTER y # ditto POSIX_MQUEUE y FRONTSWAP y FUSION y # Fusion MPT device support @@ -349,7 +373,9 @@ with stdenv.lib; ${optionalString (versionAtLeast version "3.15" && versionOlder version "4.8") '' MLX4_EN_VXLAN y ''} - MODVERSIONS y + ${optionalString (versionOlder version "4.9") '' + MODVERSIONS y + ''} MOUSE_PS2_ELANTECH y # Elantech PS/2 protocol extension MTRR_SANITIZER y NET_FC y # Fibre Channel driver support @@ -388,7 +414,7 @@ with stdenv.lib; # Linux containers. NAMESPACES? y # Required by 'unshare' used by 'nixos-install' - RT_GROUP_SCHED? y + RT_GROUP_SCHED n CGROUP_DEVICE? y MEMCG y MEMCG_SWAP y @@ -505,9 +531,15 @@ with stdenv.lib; TRANSPARENT_HUGEPAGE_MADVISE? y # zram support (e.g for in-memory compressed swap). - ZSMALLOC y ZRAM m ZSWAP? y + ZBUD? y + ${optionalString (versionOlder version "3.18") '' + ZSMALLOC y + ''} + ${optionalString (versionAtLeast version "3.18") '' + ZSMALLOC m + ''} # Enable PCIe and USB for the brcmfmac driver BRCMFMAC_USB? y |