diff options
| author | Maximilian Bosch <maximilian@mbosch.me> | 2021-08-16 11:31:42 +0200 |
|---|---|---|
| committer | Maximilian Bosch <maximilian@mbosch.me> | 2021-08-16 20:45:58 +0200 |
| commit | a5341beb789c66ed24a11396dda28f2a1303768e (patch) | |
| tree | 652d6ba91d047841949cb275e3e9266187230f49 /nixos/tests/kernel-generic.nix | |
| parent | c6dc09c9e927f25357a0bf59f28a3e6cbb65e4a4 (diff) | |
linux: drop `*_latest_hardened`-attributes in favor of versioned attributes
The problem behind this is that the hardened patchset[1]. Quite recently this led to a weird problem when Linux 5.12 was dropped (and thus had to be removed from `nixpkgs`), there were no patches for 5.13, so `linuxPackages_hardened_latest` had to be downgraded to 5.10 as base[2] which may be rather unintuitive and unexpected. To avoid these kind of "silent downgrades" in the future, it makes sense to drop the attribute entirely. If somebody wants to use a hardened kernel, it's better to explicitly pin it using the newly introduced versioned attributes, e.g. `linuxPackages_4_14_hardened`. [1] https://github.com/anthraxx/linux-hardened/ [2] https://github.com/NixOS/nixpkgs/pull/133587
Diffstat (limited to 'nixos/tests/kernel-generic.nix')
| -rw-r--r-- | nixos/tests/kernel-generic.nix | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/nixos/tests/kernel-generic.nix b/nixos/tests/kernel-generic.nix index 62d80db2915b1..5993d0e6ab784 100644 --- a/nixos/tests/kernel-generic.nix +++ b/nixos/tests/kernel-generic.nix @@ -33,5 +33,10 @@ with pkgs; { linux_5_10 = makeKernelTest "5.10" linuxPackages_5_10; linux_5_13 = makeKernelTest "5.13" linuxPackages_5_13; + linux_hardened_4_14 = makeKernelTest "4.14" linuxPackages_4_14_hardened; + linux_hardened_4_19 = makeKernelTest "4.19" linuxPackages_4_19_hardened; + linux_hardened_5_4 = makeKernelTest "5.4" linuxPackages_5_4_hardened; + linux_hardened_5_10 = makeKernelTest "5.10" linuxPackages_5_10_hardened; + linux_testing = makeKernelTest "testing" linuxPackages_testing; } |