diff options
author | Hubert Jasudowicz <hubert.jasudowicz@gmail.com> | 2022-02-13 13:08:35 +0100 |
---|---|---|
committer | Hubert Jasudowicz <hubert.jasudowicz@gmail.com> | 2022-11-10 15:26:53 +0100 |
commit | 4a7925fcc4bf81e70ed3d4fe0ecc7bd0300c586d (patch) | |
tree | 24c88afaaab6d5277576b79651c6e31c44a0790c /pkgs/os-specific/linux/lkrg | |
parent | bc5ad970780580ec272b3a6bc5f9bddf4e250d3c (diff) |
lkrg: init at 0.9.5
Diffstat (limited to 'pkgs/os-specific/linux/lkrg')
-rw-r--r-- | pkgs/os-specific/linux/lkrg/default.nix | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/lkrg/default.nix b/pkgs/os-specific/linux/lkrg/default.nix new file mode 100644 index 0000000000000..4d6118f8b9f8a --- /dev/null +++ b/pkgs/os-specific/linux/lkrg/default.nix @@ -0,0 +1,53 @@ +{ lib, stdenv, fetchpatch, fetchFromGitHub, kernel }: +let + isKernelRT = (kernel.structuredExtraConfig ? PREEMPT_RT) && (kernel.structuredExtraConfig.PREEMPT_RT == lib.kernel.yes); +in +stdenv.mkDerivation rec { + name = "${pname}-${version}-${kernel.version}"; + pname = "lkrg"; + version = "0.9.5"; + + src = fetchFromGitHub { + owner = "lkrg-org"; + repo = "lkrg"; + rev = "v${version}"; + sha256 = "sha256-+yIKkTvfVbLnFBoXSKGebB1A8KqpaRmsLh8SsNuI9Dc="; + }; + patches = [ + (fetchpatch { + name = "fix-aarch64.patch"; + url = "https://github.com/lkrg-org/lkrg/commit/a4e5c00f13f7081b346bc3736e4c035e3d17d3f7.patch"; + sha256 = "sha256-DPscqi+DySHwFxGuGe7P2itPkoyb3XGu5Xp2S/ezP4Y="; + }) + ]; + + hardeningDisable = [ "pic" ]; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + makeFlags = kernel.makeFlags ++ [ + "KERNEL=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + ]; + + dontConfigure = true; + + prePatch = '' + substituteInPlace Makefile --replace "KERNEL := " "KERNEL ?= " + ''; + + installPhase = '' + runHook preInstall + install -D lkrg.ko $out/lib/modules/${kernel.modDirVersion}/extra/lkrg.ko + runHook postInstall + ''; + + meta = with lib; { + description = "LKRG Linux Kernel module"; + longDescription = "LKRG performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel."; + homepage = "https://lkrg.org/"; + license = licenses.gpl2Only; + maintainers = with maintainers; [ chivay ]; + platforms = platforms.linux; + broken = kernel.kernelOlder "5.10" || kernel.kernelAtLeast "6.1" || isKernelRT; + }; +} |