linux_grsec_nixos: fix build
The grsec patch fails to apply cleanly when combined with the hiddev CVE patch
(added in dde259dfb5
). To fix this and future
problems, we set all our patches explicitly rather than inherit from the base
kernel.
This commit is contained in:
parent
9fc0347c93
commit
e228023b14
@ -11186,7 +11186,12 @@ in
|
||||
linux_grsec_nixos = callPackage ../build-support/grsecurity {
|
||||
inherit (lib) overrideDerivation;
|
||||
kernel = callPackage ../os-specific/linux/kernel/linux-grsecurity.nix {
|
||||
inherit (self.linux_4_5) kernelPatches;
|
||||
kernelPatches = with self.kernelPatches; [ bridge_stp_helper qat_common_Makefile ]
|
||||
++ lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
[ kernelPatches.mips_fpureg_emu
|
||||
kernelPatches.mips_fpu_sigill
|
||||
kernelPatches.mips_ext3_n32
|
||||
];
|
||||
};
|
||||
grsecPatch = self.kernelPatches.grsecurity_testing;
|
||||
kernelPatches = [ self.kernelPatches.grsecurity_nixos_kmod ];
|
||||
|
Loading…
Reference in New Issue
Block a user