diff options
Diffstat (limited to 'pkgs/os-specific/linux/kernel')
| -rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 224 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/generic.nix | 11 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/hardened/patches.json | 60 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/htmldocs.nix | 4 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/kernels-org.json | 36 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/linux-libre.nix | 4 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-5.10.nix | 6 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-5.15.nix | 6 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-5.4.nix | 6 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-6.1.nix | 6 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-6.6.nix | 6 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/manual-config.nix | 30 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/patches.nix | 9 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/perf/default.nix | 1 | ||||
| -rwxr-xr-x | pkgs/os-specific/linux/kernel/update-mainline.py | 7 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/xanmod-kernels.nix | 16 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/kernel/zen-kernels.nix | 10 |
17 files changed, 324 insertions, 118 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index cc9e7484c331d..0f1b314df6bd5 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -23,7 +23,7 @@ let # configuration items have to be part of a subattrs - flattenKConf = nested: mapAttrs (_: head) (zipAttrs (attrValues nested)); + flattenKConf = nested: mapAttrs (name: values: if length values == 1 then head values else throw "duplicate kernel configuration option: ${name}") (zipAttrs (attrValues nested)); whenPlatformHasEBPFJit = mkIf (stdenv.hostPlatform.isAarch32 || @@ -55,17 +55,33 @@ let DYNAMIC_DEBUG = yes; DEBUG_STACK_USAGE = no; RCU_TORTURE_TEST = no; - SCHEDSTATS = no; + SCHEDSTATS = yes; DETECT_HUNG_TASK = yes; CRASH_DUMP = option no; # Easier debugging of NFS issues. SUNRPC_DEBUG = yes; # Provide access to tunables like sched_migration_cost_ns SCHED_DEBUG = yes; + + # Count IRQ and steal CPU time separately + IRQ_TIME_ACCOUNTING = yes; + PARAVIRT_TIME_ACCOUNTING = yes; + + # Enable CPU lockup detection + LOCKUP_DETECTOR = yes; + SOFTLOCKUP_DETECTOR = yes; + HARDLOCKUP_DETECTOR = yes; + + # Enable streaming logs to a remote device over a network + NETCONSOLE = module; + NETCONSOLE_DYNAMIC = yes; + + # Export known printks in debugfs + PRINTK_INDEX = whenAtLeast "5.15" yes; }; power-management = { - CPU_FREQ_DEFAULT_GOV_PERFORMANCE = yes; + CPU_FREQ_DEFAULT_GOV_SCHEDUTIL = yes; CPU_FREQ_GOV_SCHEDUTIL = yes; PM_ADVANCED_DEBUG = yes; PM_WAKELOCKS = yes; @@ -85,6 +101,34 @@ let # depends on HAVE_VIRT_CPU_ACCOUNTING_GEN depends on 64BIT, # so we can't force-enable this RCU_LAZY = whenAtLeast "6.2" (option yes); + + # Auto suspend Bluetooth devices at idle + BT_HCIBTUSB_AUTOSUSPEND = yes; + + # Expose cpufreq stats in sysfs + CPU_FREQ_STAT = yes; + + # Enable CPU energy model for scheduling + ENERGY_MODEL = whenAtLeast "5.0" yes; + + # Enable thermal interface netlink API + THERMAL_NETLINK = whenAtLeast "5.9" yes; + + # Prefer power-efficient workqueue implementation to per-CPU workqueues, + # which is slightly slower, but improves battery life. + # This is opt-in per workqueue, and can be disabled globally with a kernel command line option. + WQ_POWER_EFFICIENT_DEFAULT = yes; + + # Default SATA link power management to "medium with device initiated PM" + # for some extra power savings. + SATA_MOBILE_LPM_POLICY = whenAtLeast "5.18" (freeform "3"); + + # GPIO power management + POWER_RESET_GPIO = option yes; + POWER_RESET_GPIO_RESTART = option yes; + + # Enable Pulse-Width-Modulation support, commonly used for fan and backlight. + PWM = yes; } // optionalAttrs (stdenv.hostPlatform.isx86) { INTEL_IDLE = yes; INTEL_RAPL = whenAtLeast "5.3" module; @@ -109,6 +153,9 @@ let CHT_DC_TI_PMIC_OPREGION = whenAtLeast "5.10" yes; MFD_TPS68470 = whenBetween "5.10" "5.13" yes; TPS68470_PMIC_OPREGION = whenAtLeast "5.10" yes; + + # Enable Intel thermal hardware feedback + INTEL_HFI_THERMAL = whenAtLeast "5.18" yes; }; external-firmware = { @@ -133,9 +180,19 @@ let DAMON_VADDR = whenAtLeast "5.15" yes; DAMON_PADDR = whenAtLeast "5.16" yes; DAMON_SYSFS = whenAtLeast "5.18" yes; - DAMON_DBGFS = whenAtLeast "5.15" yes; + DAMON_DBGFS = whenBetween "5.15" "6.9" yes; DAMON_RECLAIM = whenAtLeast "5.16" yes; DAMON_LRU_SORT = whenAtLeast "6.0" yes; + # Support recovering from memory failures on systems with ECC and MCA recovery. + MEMORY_FAILURE = yes; + + # Collect ECC errors and retire pages that fail too often + RAS_CEC = yes; + } // optionalAttrs (stdenv.is32bit) { + # Enable access to the full memory range (aka PAE) on 32-bit architectures + # This check isn't super accurate but it's close enough + HIGHMEM = option yes; + BOUNCE = option yes; }; memtest = { @@ -154,6 +211,9 @@ let BFQ_GROUP_IOSCHED = yes; MQ_IOSCHED_KYBER = yes; IOSCHED_BFQ = module; + # Enable CPU utilization clamping for RT tasks + UCLAMP_TASK = whenAtLeast "5.3" yes; + UCLAMP_TASK_GROUP = whenAtLeast "5.4" yes; }; @@ -166,6 +226,7 @@ let # Enable NUMA. numa = { NUMA = option yes; + NUMA_BALANCING = option yes; }; networking = { @@ -250,6 +311,9 @@ let # Bridge Netfilter Configuration NF_TABLES_BRIDGE = mkMerge [ (whenOlder "5.3" yes) (whenAtLeast "5.3" module) ]; + # Expose some debug info + NF_CONNTRACK_PROCFS = yes; + NF_FLOW_TABLE_PROCFS = whenAtLeast "6.0" yes; # needed for `dropwatch` # Builtin-only since https://github.com/torvalds/linux/commit/f4b6bcc7002f0e3a3428bac33cf1945abff95450 @@ -276,6 +340,10 @@ let INFINIBAND = module; INFINIBAND_IPOIB = module; INFINIBAND_IPOIB_CM = yes; + + # Enable debugfs for wireless drivers + CFG80211_DEBUGFS = yes; + MAC80211_DEBUGFS = yes; } // optionalAttrs (stdenv.hostPlatform.system == "aarch64-linux") { # Not enabled by default, hides modules behind it NET_VENDOR_MEDIATEK = yes; @@ -288,8 +356,8 @@ let CFG80211_WEXT = option yes; # Without it, ipw2200 drivers don't build IPW2100_MONITOR = option yes; # support promiscuous mode IPW2200_MONITOR = option yes; # support promiscuous mode - HOSTAP_FIRMWARE = option yes; # Support downloading firmware images with Host AP driver - HOSTAP_FIRMWARE_NVRAM = option yes; + HOSTAP_FIRMWARE = whenOlder "6.8" (option yes); # Support downloading firmware images with Host AP driver + HOSTAP_FIRMWARE_NVRAM = whenOlder "6.8" (option yes); MAC80211_MESH = option yes; # Enable 802.11s (mesh networking) support ATH9K_PCI = option yes; # Detect Atheros AR9xxx cards on PCI(e) bus ATH9K_AHB = option yes; # Ditto, AHB bus @@ -331,8 +399,8 @@ let FRAMEBUFFER_CONSOLE_ROTATION = yes; FRAMEBUFFER_CONSOLE_DETECT_PRIMARY = yes; FB_GEODE = mkIf (stdenv.hostPlatform.system == "i686-linux") yes; - # On 5.14 this conflicts with FB_SIMPLE. - DRM_SIMPLEDRM = whenAtLeast "5.14" no; + # Use simplefb on older kernels where we don't have simpledrm (enabled below) + FB_SIMPLE = whenOlder "5.15" yes; DRM_FBDEV_EMULATION = yes; }; @@ -345,10 +413,22 @@ let FONT_TER16x32 = whenAtLeast "5.0" yes; }; - video = { + video = let + whenHasDevicePrivate = mkIf (!stdenv.isx86_32 && versionAtLeast version "5.1"); + in { + # compile in DRM so simpledrm can load before initrd if necessary + AGP = yes; + DRM = yes; + DRM_LEGACY = whenOlder "6.8" no; + NOUVEAU_LEGACY_CTX_SUPPORT = whenBetween "5.2" "6.3" no; + # Enable simpledrm and use it for generic framebuffer + # Technically added in 5.14, but adding more complex configuration is not worth it + DRM_SIMPLEDRM = whenAtLeast "5.15" yes; + SYSFB_SIMPLEFB = whenAtLeast "5.15" yes; + # Allow specifying custom EDID on the kernel command line DRM_LOAD_EDID_FIRMWARE = yes; VGA_SWITCHEROO = yes; # Hybrid graphics support @@ -371,8 +451,26 @@ let DRM_AMD_DC_FP = whenAtLeast "6.4" yes; DRM_AMD_DC_HDCP = whenBetween "5.5" "6.4" yes; DRM_AMD_DC_SI = whenAtLeast "5.10" yes; + + # Enable AMD Audio Coprocessor support for HDMI outputs + DRM_AMD_ACP = yes; + + # Enable AMD secure display when available + DRM_AMD_SECURE_DISPLAY = whenAtLeast "5.13" yes; + # Enable new firmware (and by extension NVK) for compatible hardware on Nouveau DRM_NOUVEAU_GSP_DEFAULT = whenAtLeast "6.8" yes; + + # Enable Nouveau shared virtual memory (used by OpenCL) + DEVICE_PRIVATE = whenHasDevicePrivate yes; + DRM_NOUVEAU_SVM = whenHasDevicePrivate yes; + + # Enable HDMI-CEC receiver support + RC_CORE = yes; + MEDIA_CEC_RC = whenAtLeast "5.10" yes; + + # Enable CEC over DisplayPort + DRM_DP_CEC = yes; } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux") { # Intel GVT-g graphics virtualization supports 64-bit only DRM_I915_GVT = yes; @@ -397,6 +495,11 @@ let sound = { SND_DYNAMIC_MINORS = yes; SND_AC97_POWER_SAVE = yes; # AC97 Power-Saving Mode + # 10s for the idle timeout, Fedora does 1, Arch does 10. + # The kernel says we should do 10. + # Read: https://docs.kernel.org/sound/designs/powersave.html + SND_AC97_POWER_SAVE_DEFAULT = freeform "10"; + SND_HDA_POWER_SAVE_DEFAULT = freeform "10"; SND_HDA_INPUT_BEEP = yes; # Support digital beep via input layer SND_HDA_RECONFIG = yes; # Support reconfiguration of jack functions # Support configuring jack functions via fw mechanism at boot @@ -404,6 +507,7 @@ let SND_HDA_CODEC_CA0132_DSP = whenOlder "5.7" yes; # Enable DSP firmware loading on Creative Soundblaster Z/Zx/ZxR/Recon SND_OSSEMUL = yes; SND_USB_CAIAQ_INPUT = yes; + SND_USB_AUDIO_MIDI_V2 = whenAtLeast "6.5" yes; # Enable Sound Open Firmware support } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" && versionAtLeast version "5.5") { @@ -440,14 +544,23 @@ let SND_SOC_SOF_TIGERLAKE_SUPPORT = whenOlder "5.12" yes; }; - usb-serial = { - USB_SERIAL_GENERIC = yes; # USB Generic Serial Driver - }; - usb = { + USB = yes; # compile USB core into kernel, so we can use USB_SERIAL_CONSOLE before modules + USB_EHCI_ROOT_HUB_TT = yes; # Root Hub Transaction Translators USB_EHCI_TT_NEWSCHED = yes; # Improved transaction translator scheduling USB_HIDDEV = yes; # USB Raw HID Devices (like monitor controls and Uninterruptable Power Supplies) + + # default to dual role mode + USB_DWC2_DUAL_ROLE = yes; + USB_DWC3_DUAL_ROLE = yes; + }; + + usb-serial = { + USB_SERIAL = yes; + USB_SERIAL_GENERIC = yes; # USB Generic Serial Driver + USB_SERIAL_CONSOLE = yes; # Allow using USB serial adapter as console + U_SERIAL_CONSOLE = whenAtLeast "5.10" yes; # Allow using USB gadget as console }; # Filesystem options - in particular, enable extended attributes and @@ -471,7 +584,7 @@ let EXT4_FS_SECURITY = yes; EXT4_ENCRYPTION = whenOlder "5.1" yes; - NTFS_FS = whenAtLeast "5.15" no; + NTFS_FS = whenBetween "5.15" "6.9" no; NTFS3_LZX_XPRESS = whenAtLeast "5.15" yes; NTFS3_FS_POSIX_ACL = whenAtLeast "5.15" yes; @@ -502,8 +615,8 @@ let F2FS_FS_COMPRESSION = whenAtLeast "5.6" yes; UDF_FS = module; - NFSD_V2_ACL = whenOlder "6.1" yes; - NFSD_V3 = whenOlder "5.18" yes; + NFSD_V2_ACL = whenOlder "5.15" yes; + NFSD_V3 = whenOlder "5.15" yes; NFSD_V3_ACL = yes; NFSD_V4 = yes; NFSD_V4_SECURITY_LABEL = yes; @@ -528,6 +641,7 @@ let SQUASHFS_FILE_DIRECT = yes; SQUASHFS_DECOMP_MULTI_PERCPU = whenOlder "6.2" yes; + SQUASHFS_CHOICE_DECOMP_BY_MOUNT = whenAtLeast "6.2" yes; SQUASHFS_XATTR = yes; SQUASHFS_ZLIB = yes; SQUASHFS_LZO = yes; @@ -593,6 +707,16 @@ let CRYPTO_DRBG_HASH = yes; CRYPTO_DRBG_CTR = yes; + # Enable KFENCE + # See: https://docs.kernel.org/dev-tools/kfence.html + KFENCE = whenAtLeast "5.12" yes; + + # Enable support for page poisoning. Still needs to be enabled on the command line to actually work. + PAGE_POISONING = yes; + + # Enable stack smashing protections in schedule() + # See: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v4.8&id=0d9e26329b0c9263d4d9e0422d80a0e73268c52f + SCHED_STACK_END_CHECK = yes; } // optionalAttrs stdenv.hostPlatform.isx86_64 { # Enable Intel SGX X86_SGX = whenAtLeast "5.11" yes; @@ -609,6 +733,10 @@ let SEV_GUEST = whenAtLeast "5.19" module; # Shadow stacks X86_USER_SHADOW_STACK = whenAtLeast "6.6" yes; + + # Mitigate straight line speculation at the cost of some file size + SLS = whenBetween "5.17" "6.9" yes; + MITIGATION_SLS = whenAtLeast "6.9" yes; }; microcode = { @@ -743,11 +871,12 @@ let }; zram = { - ZRAM = module; - ZRAM_WRITEBACK = option yes; - ZSWAP = option yes; - ZPOOL = yes; - ZBUD = option yes; + ZRAM = module; + ZRAM_WRITEBACK = option yes; + ZRAM_MULTI_COMP = whenAtLeast "6.2" yes; + ZSWAP = option yes; + ZPOOL = yes; + ZBUD = option yes; }; brcmfmac = { @@ -776,7 +905,6 @@ let NOTIFIER_ERROR_INJECTION = option no; RCU_PERF_TEST = whenOlder "5.9" no; RCU_SCALE_TEST = whenAtLeast "5.10" no; - RCU_TORTURE_TEST = option no; TEST_ASYNC_DRIVER_PROBE = option no; WW_MUTEX_SELFTEST = option no; XZ_DEC_TEST = option no; @@ -786,6 +914,10 @@ let # Unconditionally enabled, because it is required for CRIU and # it provides the kcmp() system call that Mesa depends on. CHECKPOINT_RESTORE = yes; + + # Allows soft-dirty tracking on pages, used by CRIU. + # See https://docs.kernel.org/admin-guide/mm/soft-dirty.html + MEM_SOFT_DIRTY = mkIf (!stdenv.isx86_32) yes; }; misc = let @@ -800,6 +932,9 @@ let # enabled by default in x86_64 but not arm64, so we do that here HIDRAW = yes; + # Enable loading HID fixups as eBPF from userspace + HID_BPF = whenAtLeast "6.3" yes; + HID_ACRUX_FF = yes; DRAGONRISE_FF = yes; GREENASIA_FF = yes; @@ -827,7 +962,10 @@ let # Enable initrd support. BLK_DEV_INITRD = yes; - PM_TRACE_RTC = no; # Disable some expensive (?) features. + # Allows debugging systems that get stuck during suspend/resume + PM_TRACE = yes; + PM_TRACE_RTC = yes; + ACCESSIBILITY = yes; # Accessibility support AUXDISPLAY = yes; # Auxiliary Display support HIPPI = yes; @@ -852,6 +990,11 @@ let BLK_SED_OPAL = yes; + # Enable support for block layer inline encryption + BLK_INLINE_ENCRYPTION = whenAtLeast "5.8" yes; + # ...but fall back to CPU encryption if unavailable + BLK_INLINE_ENCRYPTION_FALLBACK = whenAtLeast "5.8" yes; + BSD_PROCESS_ACCT_V3 = yes; SERIAL_DEV_BUS = yes; # enables support for serial devices @@ -870,7 +1013,6 @@ let # Removed on 5.17 as it was unused # upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a4ee518185e902758191d968600399f3bc2be31 CLEANCACHE = whenOlder "5.17" (option yes); - CRASH_DUMP = option no; FSCACHE_STATS = yes; @@ -966,7 +1108,7 @@ let # Disable the firmware helper fallback, udev doesn't implement it any more FW_LOADER_USER_HELPER_FALLBACK = option no; - FW_LOADER_COMPRESS = option yes; + FW_LOADER_COMPRESS = whenAtLeast "5.3" yes; HOTPLUG_PCI_ACPI = yes; # PCI hotplug using ACPI HOTPLUG_PCI_PCIE = yes; # PCI-Expresscard hotplug support @@ -1013,6 +1155,13 @@ let # Set system time from RTC on startup and resume RTC_HCTOSYS = option yes; + + # Expose watchdog information in sysfs + WATCHDOG_SYSFS = yes; + + # Enable generic kernel watch queues + # See https://docs.kernel.org/core-api/watch_queue.html + WATCH_QUEUE = whenAtLeast "5.8" yes; } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") { # Enable CPU/memory hotplug support # Allows you to dynamically add & remove CPUs/memory to a VM client running NixOS without requiring a reboot @@ -1043,10 +1192,9 @@ let # https://github.com/torvalds/linux/blob/856deb866d16e29bd65952e0289066f6078af773/kernel/dma/contiguous.c#L35-L44 CMA_SIZE_MBYTES = freeform "32"; - # Many ARM SBCs hand off a pre-configured framebuffer. - # This always can can be replaced by the actual native driver. - # Keeping it a built-in ensures it will be used if possible. - FB_SIMPLE = yes; + # Add debug interfaces for CMA + CMA_DEBUGFS = yes; + CMA_SYSFS = yes; # https://docs.kernel.org/arch/arm/mem_alignment.html # tldr: @@ -1088,6 +1236,24 @@ let } // optionalAttrs (versionAtLeast version "5.4" && stdenv.hostPlatform.system == "x86_64-linux") { CHROMEOS_LAPTOP = module; CHROMEOS_PSTORE = module; + } // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux") { + # Enable x86 resource control + X86_CPU_RESCTRL = whenAtLeast "5.0" yes; + + # Enable TSX on CPUs where it's not vulnerable + X86_INTEL_TSX_MODE_AUTO = yes; + + # Enable AMD Wi-Fi RF band mitigations + # See https://cateee.net/lkddb/web-lkddb/AMD_WBRF.html + AMD_WBRF = whenAtLeast "6.8" yes; + + # Enable Intel Turbo Boost Max 3.0 + INTEL_TURBO_MAX_3 = yes; + }; + + accel = { + # Build DRM accelerator devices + DRM_ACCEL = whenAtLeast "6.2" yes; }; }; in diff --git a/pkgs/os-specific/linux/kernel/generic.nix b/pkgs/os-specific/linux/kernel/generic.nix index 14c863b459b1e..77c6ee031956d 100644 --- a/pkgs/os-specific/linux/kernel/generic.nix +++ b/pkgs/os-specific/linux/kernel/generic.nix @@ -12,8 +12,10 @@ , rustc , rustPlatform , rust-bindgen +, nixosTests +}@args': -, # The kernel source tarball. +lib.makeOverridable ({ # The kernel source tarball. src , # The kernel version. @@ -66,7 +68,10 @@ , preferBuiltin ? stdenv.hostPlatform.linux-kernel.preferBuiltin or false , kernelArch ? stdenv.hostPlatform.linuxArch , kernelTests ? [] -, nixosTests + +, stdenv ? args'.stdenv +, buildPackages ? args'.buildPackages + , ... }@args: @@ -239,4 +244,4 @@ kernel.overrideAttrs (finalAttrs: previousAttrs: { in [ (nixosTests.kernel-generic.passthru.testsForKernel overridableKernel) ] ++ kernelTests; }; -}) +})) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index cb825a1adbac8..21772b2e03eb0 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,52 +2,52 @@ "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.307-hardened1.patch", - "sha256": "01i15w3qzwag2v4r5r5bqyk337pidhmcfif228f286cnjnqz5d7h", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.307-hardened1/linux-hardened-4.19.307-hardened1.patch" + "name": "linux-hardened-4.19.309-hardened1.patch", + "sha256": "1hww72w5anmfr9czqbl31glzl70s34492k9qz9zax141zg1sf6sp", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.309-hardened1/linux-hardened-4.19.309-hardened1.patch" }, - "sha256": "0lp3fc7sqy48vpcl2g0n1bz7i1hp9k0nlz3i1xfh9l056ihzzvl3", - "version": "4.19.307" + "sha256": "1yc45kfiwdqsqa11sxafs82b0day6qvgjcll8rx9vipidsmagbcm", + "version": "4.19.309" }, "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.210-hardened1.patch", - "sha256": "1fdkkl303kvw9sg9lpzg83157xrl9jcl4jjli1gi2a4j0yz2479n", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.210-hardened1/linux-hardened-5.10.210-hardened1.patch" + "name": "linux-hardened-5.10.212-hardened1.patch", + "sha256": "0h04i94vshhcli5m4qpnqg4vsi5v1ifvdhhklk7c0bvkfk35cbml", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.212-hardened1/linux-hardened-5.10.212-hardened1.patch" }, - "sha256": "0vggj3a71awc1w803cdzrnkn88rxr7l1xh9mmdcw9hzxj1d3r9jf", - "version": "5.10.210" + "sha256": "14vll2bghd52wngjxy78hgglydcxka59yziji0w56dcdpmky9wqc", + "version": "5.10.212" }, "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.149-hardened1.patch", - "sha256": "1y56l5l50h673a4n2pb3i3wh494lpnlw9vvdfr6m0jr0vymldb57", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.149-hardened1/linux-hardened-5.15.149-hardened1.patch" + "name": "linux-hardened-5.15.151-hardened1.patch", + "sha256": "040jc5n9qsdz2wv5ksfvc28vd72nmya2i2f0ps0jiras6l2wlhjz", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.151-hardened1/linux-hardened-5.15.151-hardened1.patch" }, - "sha256": "1c01fnaghj55mkgsgddznq1zq4mswsa05rz00kmh1d3y6sd8115x", - "version": "5.15.149" + "sha256": "0jby224ncdardjwmf8c59s5j71inpvdlzah984ilf2b6y85pc7la", + "version": "5.15.151" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.269-hardened1.patch", - "sha256": "06vf0mlp822i4bkpsxbyk1xjlbzabqpncy8qw9zajpjajwv87d7x", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.269-hardened1/linux-hardened-5.4.269-hardened1.patch" + "name": "linux-hardened-5.4.271-hardened1.patch", + "sha256": "0rw5il7885d0d3k2hmh46541svib6rp32g00fcl5bw37ydmq3z8b", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.271-hardened1/linux-hardened-5.4.271-hardened1.patch" }, - "sha256": "1kqqm4hpif3jy2ycnb0dfjgzyn18vqhm1i5q7d7rkisks33bwm7z", - "version": "5.4.269" + "sha256": "0l2qv4xlhnry9crs90rkihsxyny6jz8kxw08bfad7nys9hrn3g6d", + "version": "5.4.271" }, "6.1": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.1.79-hardened1.patch", - "sha256": "0inip6pmlwrj75vwjimkjgvh4jn6ldrq5312r02xh1i95qb0sg3a", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.79-hardened1/linux-hardened-6.1.79-hardened1.patch" + "name": "linux-hardened-6.1.81-hardened1.patch", + "sha256": "0af9dxdsa858zyqc0vsrzg098afhg5vpb2wpr6gj2ykwc13iaf07", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.81-hardened1/linux-hardened-6.1.81-hardened1.patch" }, - "sha256": "16xkd0hcslqlcf55d4ivzhf1fkhfs5yy0m9arbax8pmm5yi9r97s", - "version": "6.1.79" + "sha256": "0arl96yrqplbmp2gjyqcfma1lgc30kbn95m0sflv0yyldwf8dg8f", + "version": "6.1.81" }, "6.5": { "patch": { @@ -62,12 +62,12 @@ "6.6": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.6.18-hardened1.patch", - "sha256": "0svlck53b7bd38b9b0hzgppmhm59d35r2vqv30ga85ghkvc61byn", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.6.18-hardened1/linux-hardened-6.6.18-hardened1.patch" + "name": "linux-hardened-6.6.21-hardened1.patch", + "sha256": "0k35s5pj92lvfp6kw3isg78zc3gijsg0xbzcyvxdkmhzaq8j6i1i", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.6.21-hardened1/linux-hardened-6.6.21-hardened1.patch" }, - "sha256": "07cv97l5jiakmmv35n0ganvqfr0590b02f3qb617qkx1zg2xhhsf", - "version": "6.6.18" + "sha256": "0mz420w99agr7jv1jgqfr4fjhzbv005xif086sqx556s900l62zf", + "version": "6.6.21" }, "6.7": { "patch": { diff --git a/pkgs/os-specific/linux/kernel/htmldocs.nix b/pkgs/os-specific/linux/kernel/htmldocs.nix index ba641347c839e..dad377db06abb 100644 --- a/pkgs/os-specific/linux/kernel/htmldocs.nix +++ b/pkgs/os-specific/linux/kernel/htmldocs.nix @@ -18,7 +18,8 @@ stdenv.mkDerivation { postPatch = '' patchShebangs \ Documentation/sphinx/parse-headers.pl \ - scripts/{get_abi.pl,get_feat.pl,kernel-doc,sphinx-pre-install} + scripts/{get_abi.pl,get_feat.pl,kernel-doc,sphinx-pre-install} \ + tools/net/ynl/ynl-gen-rst.py ''; FONTCONFIG_FILE = makeFontsConf { @@ -31,6 +32,7 @@ stdenv.mkDerivation { perl python3.pkgs.sphinx python3.pkgs.sphinx-rtd-theme + python3.pkgs.pyyaml which ]; diff --git a/pkgs/os-specific/linux/kernel/kernels-org.json b/pkgs/os-specific/linux/kernel/kernels-org.json index c838d6371b6ab..04e1fe87908b2 100644 --- a/pkgs/os-specific/linux/kernel/kernels-org.json +++ b/pkgs/os-specific/linux/kernel/kernels-org.json @@ -1,38 +1,34 @@ { "testing": { - "version": "6.8-rc7", - "hash": "sha256:0q9isgv6lxzrmb4idl0spxv2l7fsk3nn4cdq0vdw9c8lyzrh5yy0" + "version": "6.9-rc3", + "hash": "sha256:0xavyh3xg23il3bm2x6fjji3s26z05cyv1lry6h5yd7jjj3qm7cc" }, "6.1": { - "version": "6.1.81", - "hash": "sha256:0arl96yrqplbmp2gjyqcfma1lgc30kbn95m0sflv0yyldwf8dg8f" + "version": "6.1.86", + "hash": "sha256:0nqiwcaln36drkcaav96dymd2y8rv7wj6a5xjl58f2hg9z2cilyk" }, "5.15": { - "version": "5.15.151", - "hash": "sha256:0jby224ncdardjwmf8c59s5j71inpvdlzah984ilf2b6y85pc7la" + "version": "5.15.155", + "hash": "sha256:1r16j5asd8v5hr5b0sb8z2wmp6say928pgm13k4iyv9fdnw5jn68" }, "5.10": { - "version": "5.10.212", - "hash": "sha256:14vll2bghd52wngjxy78hgglydcxka59yziji0w56dcdpmky9wqc" + "version": "5.10.215", + "hash": "sha256:1af6h86flx96pszg006agpak2f9dkk2jqaazfykd7aafqdcs3747" }, "5.4": { - "version": "5.4.271", - "hash": "sha256:0l2qv4xlhnry9crs90rkihsxyny6jz8kxw08bfad7nys9hrn3g6d" + "version": "5.4.274", + "hash": "sha256:1m4yyyv48mfkzhqms88dv1jf39zsfp88az5zpqynmm1wlhhv9iza" }, "4.19": { - "version": "4.19.309", - "hash": "sha256:1yc45kfiwdqsqa11sxafs82b0day6qvgjcll8rx9vipidsmagbcm" + "version": "4.19.312", + "hash": "sha256:0jppa4p73pssd7m3jpc7i6rgnj9gawjcgk4wmqyy87ijzrgzm553" }, "6.6": { - "version": "6.6.21", - "hash": "sha256:0mz420w99agr7jv1jgqfr4fjhzbv005xif086sqx556s900l62zf" - }, - "6.7": { - "version": "6.7.9", - "hash": "sha256:0inkvyrvq60j9lxgivkivq3qh94lsfc1dpv6vwgxmy3q0zy37mqg" + "version": "6.6.27", + "hash": "sha256:14c229mcrd2rd2vjp0c3apzqifn6mkz0rcbw07nj73rw1q3517k3" }, "6.8": { - "version": "6.8", - "hash": "sha256:1wv5x7qhcd05m8m0myyqm2il6mha1sx11h7ppf8yjsxvx2jdwsf9" + "version": "6.8.6", + "hash": "sha256:158rb8x4qaig8ywbr6n2jnqpl9wgqha4ghs3y3mlbaq3sqr34wly" } } diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix index afdc6bb5fd01b..90a4935fef640 100644 --- a/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "19500"; - sha256 = "1xlicxwb1j5m4yjyw9ybyffmilzg7xh847jxfl4jy318vjpkmffr"; + rev = "19527"; + sha256 = "0sb1qxc25g7f3v6qym9iwi3xjwmxzrf7w33yfmvv3k09rlfndijy"; } , ... }: diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index 747d5aec77901..337594115fa6f 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.210-rt102"; # updated by ./update-rt.sh + version = "5.10.213-rt105"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -17,14 +17,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0vggj3a71awc1w803cdzrnkn88rxr7l1xh9mmdcw9hzxj1d3r9jf"; + sha256 = "105df7w6m5a3fngi6ajqs5qblaq4lbxsgcppllrk7v1r68i31kw4"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1q4365ix990iw33a63cpn61qvgf8rkzf658xyi0hnr6292hlvajj"; + sha256 = "1q5kz3mfvwb4fd5i2mbklsa6gifb8g3wbq0wi2478q097dvmb6gi"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix index 189a211c8e488..91774ba38dbd8 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.15.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.15.148-rt74"; # updated by ./update-rt.sh + version = "5.15.153-rt75"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1n75lrck581mppx84cds1a1l5vj05cdkp8ahpry7dx6rgz4pb1f4"; + sha256 = "1g44gjcwcdq5552vwinljqwiy90bxax72jjvdasp71x88khv3pfp"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0vbwqrkzigjfwmyxfbhq5n1g1qvyis949r97zqxhnmanq7c4njdk"; + sha256 = "04i22p0ap4dsqybf9jbbmrbzva11qknilnyk46z18gzrr0msjldl"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix index cd2f60d3921d9..463385036292e 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.4.264-rt88"; # updated by ./update-rt.sh + version = "5.4.271-rt89"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -14,14 +14,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1c5n47dq9khb15hz24a000k3hj913vv1dda6famnm8wpjbfr176k"; + sha256 = "0l2qv4xlhnry9crs90rkihsxyny6jz8kxw08bfad7nys9hrn3g6d"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1yzdiip1fm9szx2hhvq9ph7jq00qglb1skis6gv0184g0ls2qddg"; + sha256 = "15k9jja5yd9zf5yhd7hhydwh4hksg2mybk66jhdjsryh4w9jav7z"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix b/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix index 16a23b6b139c9..06028d209779d 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-6.1.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "6.1.80-rt26"; # updated by ./update-rt.sh + version = "6.1.83-rt28"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${kversion}.tar.xz"; - sha256 = "0wdnyy7m9kfkl98id0gm6jzp4aa0hfy6gfkb4k4cg1wbpfpcm3jn"; + sha256 = "145iw3wii7znhrqdmgnwhswk235g6gw8axjjji2cw4rn148rddl8"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0w47ii5xhsbnkmgzlgg18ljwdms88scbzhqlw0qv3lnldicykg0p"; + sha256 = "07wv3zd7n5378k8ywdavrp5ndqkdcis923dwpswfv7062xm34y5h"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-6.6.nix b/pkgs/os-specific/linux/kernel/linux-rt-6.6.nix index 514baa0ca5980..eb85f9c3cd091 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-6.6.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-6.6.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "6.6.20-rt25"; # updated by ./update-rt.sh + version = "6.6.25-rt29"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${kversion}.tar.xz"; - sha256 = "08nxv2240d2ak6p2vsbjasnp7askamswby3h6cclhhihkgrwgxp2"; + sha256 = "0i0zvqlj02rm6wpbidji0rn9559vrpfc1b8gbfjk70lhhyz11llr"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1sfalbcfzzjmskxpix1850cypg4zixwzbd9rmpg37n8lclivn2gv"; + sha256 = "15mb4zycv86yp1cbs5svgs3pnmh8jihjhf4jxc4h4ywlzglkb1za"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index baf0231f13e16..5b222c4b45eff 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -59,6 +59,33 @@ let drvAttrs = config_: kernelConf: kernelPatches: configfile: let + # Folding in `ubootTools` in the default nativeBuildInputs is problematic, as + # it makes updating U-Boot cumbersome, since it will go above the current + # threshold of rebuilds + # + # To prevent these needless rounds of staging for U-Boot builds, we can + # limit the inclusion of ubootTools to target platforms where uImage *may* + # be produced. + # + # This command lists those (kernel-named) platforms: + # .../linux $ grep -l uImage ./arch/*/Makefile | cut -d'/' -f3 | sort + # + # This is still a guesstimation, but since none of our cached platforms + # coincide in that list, this gives us "perfect" decoupling here. + linuxPlatformsUsingUImage = [ + "arc" + "arm" + "csky" + "mips" + "powerpc" + "sh" + "sparc" + "xtensa" + ]; + needsUbootTools = + lib.elem stdenv.hostPlatform.linuxArch linuxPlatformsUsingUImage + ; + config = let attrName = attr: "CONFIG_" + attr; in { isSet = attr: hasAttr (attrName attr) config; @@ -106,7 +133,8 @@ let inherit src; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr zstd python3Minimal kmod ubootTools ] + nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr zstd python3Minimal kmod ] + ++ optional needsUbootTools ubootTools ++ optional (lib.versionOlder version "5.8") libelf ++ optionals (lib.versionAtLeast version "4.16") [ bison flex ] ++ optionals (lib.versionAtLeast version "5.2") [ cpio pahole zlib ] diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index 9c2b50f95952a..bce7d7d0dcb3b 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -66,15 +66,6 @@ patch = ./export-rt-sched-migrate.patch; }; - rust_1_74 = { - name = "rust-1.74.patch"; - patch = fetchpatch { - name = "rust-1.74.patch"; - url = "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=80fe9e51510b23472ad0f97175556490549ed714"; - hash = "sha256-yGt7PwqN/G+ZtZSt6eARvVFdkC8tnUiu0Fz4cFCyguM="; - }; - }; - rust_1_75 = { name = "rust-1.75.patch"; patch = ./rust-1.75.patch; diff --git a/pkgs/os-specific/linux/kernel/perf/default.nix b/pkgs/os-specific/linux/kernel/perf/default.nix index 172965f2a78f1..02f0407425d13 100644 --- a/pkgs/os-specific/linux/kernel/perf/default.nix +++ b/pkgs/os-specific/linux/kernel/perf/default.nix @@ -164,6 +164,7 @@ stdenv.mkDerivation { meta = with lib; { homepage = "https://perf.wiki.kernel.org/"; description = "Linux tools to profile with performance counters"; + mainProgram = "perf"; maintainers = with maintainers; [ viric ]; platforms = platforms.linux; broken = kernel.kernelOlder "5"; diff --git a/pkgs/os-specific/linux/kernel/update-mainline.py b/pkgs/os-specific/linux/kernel/update-mainline.py index 020e55c5fe402..bf5001ee378aa 100755 --- a/pkgs/os-specific/linux/kernel/update-mainline.py +++ b/pkgs/os-specific/linux/kernel/update-mainline.py @@ -130,6 +130,13 @@ def main(): continue if old_version is None: + if kernel.eol: + print( + f"{kernel.branch} is EOL, not adding...", + file=sys.stderr + ) + continue + message = f"linux_{nixpkgs_branch}: init at {kernel.version}" else: message = f"linux_{nixpkgs_branch}: {old_version} -> {kernel.version}" diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix index ea0db48c75f3e..c09f5c485e432 100644 --- a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -6,14 +6,14 @@ let # NOTE: When updating these, please also take a look at the changes done to # kernel config in the xanmod version commit ltsVariant = { - version = "6.6.21"; - hash = "sha256-DDkjrtKK7zIffVMuBtHvSWp0GtMA87YuOp8AhUw64+Y="; + version = "6.6.27"; + hash = "sha256-MYvt7QWRdUybbhva6B4MOYrwnJfuu/qvMlnaGKcO1Hw="; variant = "lts"; }; mainVariant = { - version = "6.7.9"; - hash = "sha256-/YoZTclMdJBQ8iwpfm/Ne/YLNQneN0hccy95o3fWvGM="; + version = "6.8.6"; + hash = "sha256-7GsiIl3rcLm/u2zxrjpP6dTxn7w/6at22gaU//mLlzw="; variant = "main"; }; @@ -29,6 +29,14 @@ let }; structuredExtraConfig = with lib.kernel; { + # CPUFreq governor Performance + CPU_FREQ_DEFAULT_GOV_PERFORMANCE = lib.mkOverride 60 yes; + CPU_FREQ_DEFAULT_GOV_SCHEDUTIL = lib.mkOverride 60 no; + + # Full preemption + PREEMPT = lib.mkOverride 60 yes; + PREEMPT_VOLUNTARY = lib.mkOverride 60 no; + # Google's BBRv3 TCP congestion Control TCP_CONG_BBR = yes; DEFAULT_BBR = yes; diff --git a/pkgs/os-specific/linux/kernel/zen-kernels.nix b/pkgs/os-specific/linux/kernel/zen-kernels.nix index d8261beb17641..7c4adba2efcf2 100644 --- a/pkgs/os-specific/linux/kernel/zen-kernels.nix +++ b/pkgs/os-specific/linux/kernel/zen-kernels.nix @@ -4,16 +4,16 @@ let # comments with variant added for update script # ./update-zen.py zen zenVariant = { - version = "6.8"; #zen + version = "6.8.4"; #zen suffix = "zen1"; #zen - sha256 = "19rsi8747xw5lsq4pwizq2va6inmwrywgy8b5f2ppcd6ny0whn1i"; #zen + sha256 = "0cbcij31gar4is5zcrl748ijn91jly74i2gggf43ndh8yrzdni85"; #zen isLqx = false; }; # ./update-zen.py lqx lqxVariant = { - version = "6.7.9"; #lqx + version = "6.8.4"; #lqx suffix = "lqx1"; #lqx - sha256 = "0hhkn2098h69l8slz5f0krkckf3qm7hmh5z233j341jpc0qv8p6b"; #lqx + sha256 = "1hv9hvx9nw51qki5wbhm4dgyvgw7jjwxl8fvslaazn3r0rqch7z2"; #lqx isLqx = true; }; zenKernelsFor = { version, suffix, sha256, isLqx }: buildLinux (args // { @@ -93,6 +93,8 @@ let RT_GROUP_SCHED = lib.mkForce (option no); SCHED_AUTOGROUP = lib.mkForce (option no); SCHED_CORE = lib.mkForce (option no); + UCLAMP_TASK = lib.mkForce (option no); + UCLAMP_TASK_GROUP = lib.mkForce (option no); # ERROR: modpost: "sched_numa_hop_mask" [drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko] undefined! MLX5_CORE = no; |