diff options
Diffstat (limited to 'pkgs/os-specific/linux')
20 files changed, 362 insertions, 75 deletions
diff --git a/pkgs/os-specific/linux/decklink/default.nix b/pkgs/os-specific/linux/decklink/default.nix new file mode 100644 index 0000000000000..63bfe4a63af20 --- /dev/null +++ b/pkgs/os-specific/linux/decklink/default.nix @@ -0,0 +1,52 @@ +{ stdenv +, lib +, blackmagic-desktop-video +, kernel +}: + +stdenv.mkDerivation rec { + pname = "decklink"; + + # the download is a horrible curl mess. we reuse it between the kernel module + # and desktop service, since the version of the two have to match anyways. + # See pkgs/tools/video/blackmagic-desktop-video/default.nix for more. + inherit (blackmagic-desktop-video) src version; + + KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + INSTALL_MOD_PATH = placeholder "out"; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + postUnpack = '' + tar xf Blackmagic_Desktop_Video_Linux_${lib.versions.majorMinor version}/other/${stdenv.hostPlatform.uname.processor}/desktopvideo-${version}-${stdenv.hostPlatform.uname.processor}.tar.gz + moduleRoot=$NIX_BUILD_TOP/desktopvideo-${version}-${stdenv.hostPlatform.uname.processor}/usr/src + ''; + + + buildPhase = '' + runHook preBuild + + make -C $moduleRoot/blackmagic-${version} -j$NIX_BUILD_CORES + make -C $moduleRoot/blackmagic-io-${version} -j$NIX_BUILD_CORES + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + make -C $KERNELDIR M=$moduleRoot/blackmagic-${version} modules_install + make -C $KERNELDIR M=$moduleRoot/blackmagic-io-${version} modules_install + + runHook postInstall + ''; + + meta = with lib; { + homepage = "https://www.blackmagicdesign.com/support/family/capture-and-playback"; + maintainers = [ maintainers.hexchen ]; + license = licenses.unfree; + description = "Kernel module for the Blackmagic Design Decklink cards"; + sourceProvenance = with lib.sourceTypes; [ binaryFirmware ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/fan2go/default.nix b/pkgs/os-specific/linux/fan2go/default.nix index e7ad27741062d..48da98cf59120 100644 --- a/pkgs/os-specific/linux/fan2go/default.nix +++ b/pkgs/os-specific/linux/fan2go/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "fan2go"; - version = "0.8.0"; + version = "0.8.1"; src = fetchFromGitHub { owner = "markusressel"; repo = pname; rev = version; - sha256 = "3pnJaLD+FEQWAAwIiTkcs9VgqO0JwRaK7JLdIygeChY="; + sha256 = "w2Qwu3ZmBkoA86xa7V6pnIBAbfG9mtkAHePkQjefRW8="; }; - vendorSha256 = "9EeiYPNTUEFHxTdvVb2JLU6Qi0oazH+n9MB8Dg+RLJ4="; + vendorSha256 = "6OEdl7ie0dTjXrG//Fvcg4ZyTW/mhrUievDljY2zi/4="; postConfigure = '' substituteInPlace vendor/github.com/md14454/gosensors/gosensors.go \ diff --git a/pkgs/os-specific/linux/fw-ectool/default.nix b/pkgs/os-specific/linux/fw-ectool/default.nix new file mode 100644 index 0000000000000..a73cc1896ecdc --- /dev/null +++ b/pkgs/os-specific/linux/fw-ectool/default.nix @@ -0,0 +1,41 @@ +{ stdenv +, lib +, fetchFromGitHub +, pkg-config +, hostname +}: + +stdenv.mkDerivation { + pname = "fw-ectool"; + version = "unstable-2022-12-03"; + + src = fetchFromGitHub { + owner = "DHowett"; + repo = "fw-ectool"; + rev = "54c140399bbc3e6a3dce6c9f842727c4128367be"; + hash = "sha256-2teJFz4zcA+USpbVPXMEIHLdmMLem8ik7YrmrSxr/n0="; + }; + + nativeBuildInputs = [ + pkg-config + hostname + ]; + + buildPhase = '' + patchShebangs util + make out=out utils + ''; + + installPhase = '' + install -D out/util/ectool $out/bin/ectool + ''; + + meta = with lib; { + description = "EC-Tool adjusted for usage with framework embedded controller"; + homepage = "https://github.com/DHowett/framework-ec"; + license = licenses.bsd3; + maintainers = [ maintainers.mkg20001 ]; + platforms = platforms.linux; + mainProgram = "ectool"; + }; +} diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index c8ae911c12872..2e55826773692 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -603,8 +603,8 @@ let microcode = { MICROCODE = yes; - MICROCODE_INTEL = yes; - MICROCODE_AMD = yes; + MICROCODE_INTEL = whenOlder "6.6" yes; + MICROCODE_AMD = whenOlder "6.6" yes; # Write Back Throttling # https://lwn.net/Articles/682582/ # https://bugzilla.kernel.org/show_bug.cgi?id=12309#c655 @@ -913,7 +913,7 @@ let SECCOMP = yes; # used by systemd >= 231 SECCOMP_FILTER = yes; # ditto POSIX_MQUEUE = yes; - FRONTSWAP = yes; + FRONTSWAP = whenOlder "6.6" yes; FUSION = yes; # Fusion MPT device support IDE = whenOlder "5.14" no; # deprecated IDE support, removed in 5.14 IDLE_PAGE_TRACKING = yes; diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index f3ffbde6f1d9e..ab62028af7bc3 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,71 +2,71 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.323-hardened1.patch", - "sha256": "0id59byd331mz8ga02gbs3g1q0y4n2wz6mi9s0dmp1yjagjd9m70", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.323-hardened1/linux-hardened-4.14.323-hardened1.patch" + "name": "linux-hardened-4.14.325-hardened1.patch", + "sha256": "1mc1pyjjksg2f4189wyas55ax8czzhai2i3jc6n7l9jmfwj7xr9q", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.325-hardened1/linux-hardened-4.14.325-hardened1.patch" }, - "sha256": "1g2fh0mn1sv0kq2hh3pynmx2fjai7hdwhf4fnaspl7j5n88902kg", - "version": "4.14.323" + "sha256": "117p1mdha57f6d3kdwac9jrbmib7g77q4xhir8ghl6fmrs1f2sav", + "version": "4.14.325" }, "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.292-hardened1.patch", - "sha256": "1na729sricp347jqp3y2j4yxxg84haa62mwmj9zq0pa1k6f037ph", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.292-hardened1/linux-hardened-4.19.292-hardened1.patch" + "name": "linux-hardened-4.19.294-hardened1.patch", + "sha256": "1s70vz8rai1z440rmwzipwpq7wa7p2bvri43zmkbisrfggm1lz2r", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.294-hardened1/linux-hardened-4.19.294-hardened1.patch" }, - "sha256": "0dr12v4jqmzxcqdghqqjny5zp3g4dx9lxqrl9d4fxz23s79ji5rl", - "version": "4.19.292" + "sha256": "03x0xsb8a369zdr81hg6xdl5n5v48k6iwnhj6r29725777lvvbfc", + "version": "4.19.294" }, "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.191-hardened1.patch", - "sha256": "02949v0qrr4b76g9rl1z8lkdfv3mc1pfb4h14z9bd0dqg5shlz0j", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.191-hardened1/linux-hardened-5.10.191-hardened1.patch" + "name": "linux-hardened-5.10.194-hardened1.patch", + "sha256": "1ba8ridhjz9y8ap1wgp7z41jmwzx8j0bxkyp1zjfls1z7mqq4vpf", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.194-hardened1/linux-hardened-5.10.194-hardened1.patch" }, - "sha256": "1hk2x5dgvfq9v6161v25wz5qpzgyvqbx34xbm7ww8z4ish76cm6b", - "version": "5.10.191" + "sha256": "15fr7krhpmqz0xqjg78m2xvfllbni3xh8xyhxh9ni31ppd3mw394", + "version": "5.10.194" }, "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.127-hardened1.patch", - "sha256": "13z0x45jig81f3vhb5w3lvb554b78888grp7w60sqgglx7bckspb", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.127-hardened1/linux-hardened-5.15.127-hardened1.patch" + "name": "linux-hardened-5.15.130-hardened1.patch", + "sha256": "12wm6kyg63rg1lk1w9208vpcm71cjy236rjp9gf8mfx7iraqssl7", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.130-hardened1/linux-hardened-5.15.130-hardened1.patch" }, - "sha256": "09lgj9hs1cjxg84hb7avras4rlsx18igr69mx433l9hv6issbl5d", - "version": "5.15.127" + "sha256": "0qix62jsn3z9yccakac7fvqnip19zi05qn0w5wkgb7rj0x0lwimb", + "version": "5.15.130" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.254-hardened1.patch", - "sha256": "0yh5kb23lp89qnk90lz73j101bg20npr7clx0y8zmg6dihls764z", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.254-hardened1/linux-hardened-5.4.254-hardened1.patch" + "name": "linux-hardened-5.4.256-hardened1.patch", + "sha256": "1rsp30g5xry5y95mz0i6walkcxj6abyrsaq3fwhz0ka6nq6g7w82", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.256-hardened1/linux-hardened-5.4.256-hardened1.patch" }, - "sha256": "1iyrm2xql15ifhy2b939ywrrc44yd41b79sjjim4vqxmc6lqsq2i", - "version": "5.4.254" + "sha256": "0fim5q9xakwnjfg48bpsic9r2r8dvrjlalqqkm9vh1rml9mhi967", + "version": "5.4.256" }, "6.1": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.1.47-hardened1.patch", - "sha256": "0wgsjb05m9f0fgv4vj0m0ll9bx22z894qlpwb45b33mq66fvbgwn", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.47-hardened1/linux-hardened-6.1.47-hardened1.patch" + "name": "linux-hardened-6.1.51-hardened1.patch", + "sha256": "0nbf7j3hwlsvh8f4mmc9w2gqdcj8lyx1hxrz91y2hwlqlqjx7w4p", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.51-hardened1/linux-hardened-6.1.51-hardened1.patch" }, - "sha256": "1azwvlzyp1s2adm17ic0jfmv3ph70wqzycb8s96z9987y1m8pmck", - "version": "6.1.47" + "sha256": "0fqhmb6v28rssd44z7jw57mwvvskpl4kabjylck0pg54irnl9c2q", + "version": "6.1.51" }, "6.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.4.12-hardened1.patch", - "sha256": "0xkcvyy2ii5wfdw8h21svcsz3s3q0qk4yx7dxzbrisap10d79l51", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.12-hardened1/linux-hardened-6.4.12-hardened1.patch" + "name": "linux-hardened-6.4.14-hardened1.patch", + "sha256": "1cw0zyjxbfprb2m2kjrpz8s56axbzhnwj8hg9b0486nsqz5s66bs", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.14-hardened1/linux-hardened-6.4.14-hardened1.patch" }, - "sha256": "0x56b4hslm730ghvggz41fjkbzlnxp6k8857dn7iy27yavlipafc", - "version": "6.4.12" + "sha256": "1rjh0jrn5qvxwzmyg478n08vckkld8r52nkc102ppqvsfhiy7skm", + "version": "6.4.14" } } diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index 905ce00cfc43e..e189e72010884 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.130"; + version = "5.15.131"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0qix62jsn3z9yccakac7fvqnip19zi05qn0w5wkgb7rj0x0lwimb"; + sha256 = "0sacnbw48lblnqaj56nybh588sq4k84gwf0r5zinzyrryj8k6z4r"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-6.1.nix b/pkgs/os-specific/linux/kernel/linux-6.1.nix index 75e3abd118e6d..9e14c7a6117e0 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.1.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.1.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.1.51"; + version = "6.1.52"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - sha256 = "0fqhmb6v28rssd44z7jw57mwvvskpl4kabjylck0pg54irnl9c2q"; + sha256 = "0lis73mxnl7hxz8lyja6sfgmbym944l3k1h7dab6b4mw1nckfxsn"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-6.4.nix b/pkgs/os-specific/linux/kernel/linux-6.4.nix index 1cf9f26ba8aeb..b5d9d64513240 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.4.14"; + version = "6.4.15"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - sha256 = "1rjh0jrn5qvxwzmyg478n08vckkld8r52nkc102ppqvsfhiy7skm"; + sha256 = "1phlx375ln5pslw5vjqm029cdv6pzf4ang10xlrf90x5sb4fgy93"; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-6.5.nix b/pkgs/os-specific/linux/kernel/linux-6.5.nix index 3c2badfc62726..341cc84be74df 100644 --- a/pkgs/os-specific/linux/kernel/linux-6.5.nix +++ b/pkgs/os-specific/linux/kernel/linux-6.5.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.5.1"; + version = "6.5.2"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = versions.pad 3 version; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz"; - hash = "sha256-I3Zd1EQlRizZKtvuUmcGCP1/P9GDqDslunp7SIPQRRs="; + hash = "sha256-ICfhQFfVaK093BANrfTIhTpJsDEnBHimHYj2ARVyZQ8="; }; } // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix index 1f03029d90288..9a3b32a7f2d2c 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "6.5-rc7"; + version = "6.6-rc1"; extraMeta.branch = lib.versions.majorMinor version; # modDirVersion needs to be x.y.z, will always add .0 @@ -11,7 +11,7 @@ buildLinux (args // rec { src = fetchzip { url = "https://git.kernel.org/torvalds/t/linux-${version}.tar.gz"; - hash = "sha256-5rIcyXN54o9P+RxHZkI/BTO2Ox6uJ0Fi9NVcrN1HczQ="; + hash = "sha256-DRai7HhWVtRB0GiRCvCv2JM2TFKRsZ60ohD6GW0b8As="; }; # Should the testing kernels ever be built on Hydra? diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 8dd92c99db4a8..7c3084d7ebdb5 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -1,5 +1,5 @@ { lib, stdenv, buildPackages, runCommand, nettools, bc, bison, flex, perl, rsync, gmp, libmpc, mpfr, openssl -, libelf, cpio, elfutils, zstd, python3Minimal, zlib, pahole +, libelf, cpio, elfutils, zstd, python3Minimal, zlib, pahole, kmod , fetchpatch }: @@ -271,7 +271,7 @@ let make modules_install $makeFlags "''${makeFlagsArray[@]}" \ $installFlags "''${installFlagsArray[@]}" unlink $out/lib/modules/${modDirVersion}/build - unlink $out/lib/modules/${modDirVersion}/source + rm -f $out/lib/modules/${modDirVersion}/source mkdir -p $dev/lib/modules/${modDirVersion}/{build,source} @@ -376,6 +376,7 @@ stdenv.mkDerivation ((drvAttrs config stdenv.hostPlatform.linux-kernel kernelPat ++ optionals (lib.versionAtLeast version "4.16") [ bison flex ] ++ optionals (lib.versionAtLeast version "5.2") [ cpio pahole zlib ] ++ optional (lib.versionAtLeast version "5.8") elfutils + ++ optional (lib.versionAtLeast version "6.6") kmod ; hardeningDisable = [ "bindnow" "format" "fortify" "stackprotector" "pic" "pie" ]; diff --git a/pkgs/os-specific/linux/linuxptp/default.nix b/pkgs/os-specific/linux/linuxptp/default.nix index fb7f410db8dcf..e5a1443d32254 100644 --- a/pkgs/os-specific/linux/linuxptp/default.nix +++ b/pkgs/os-specific/linux/linuxptp/default.nix @@ -3,11 +3,11 @@ stdenv.mkDerivation rec { pname = "linuxptp"; - version = "4.0"; + version = "4.1"; src = fetchurl { url = "mirror://sourceforge/linuxptp/${pname}-${version}.tgz"; - hash = "sha256-0n1e8pa7PSheIuafda4CO0tCovRlUTDW05DYr8vD2TM="; + hash = "sha256-4XQ9RPggiJfjCJXaNXnmcP+Rm5FP60talJ8+Qh3d5TU="; }; postPatch = '' diff --git a/pkgs/os-specific/linux/nixos-rebuild/default.nix b/pkgs/os-specific/linux/nixos-rebuild/default.nix index b871c63e36d33..c6ec0866791e6 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/default.nix +++ b/pkgs/os-specific/linux/nixos-rebuild/default.nix @@ -3,6 +3,8 @@ , coreutils , gnused , gnugrep +, jq +, util-linux , nix , lib , nixosTests @@ -20,7 +22,7 @@ substituteAll { nix_x86_64_linux = fallback.x86_64-linux; nix_i686_linux = fallback.i686-linux; nix_aarch64_linux = fallback.aarch64-linux; - path = lib.makeBinPath [ coreutils gnused gnugrep ]; + path = lib.makeBinPath [ coreutils gnused gnugrep jq util-linux ]; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 index 64bbbee411d7f..b0ff5b0a672fa 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.8 @@ -10,7 +10,7 @@ .Sh SYNOPSIS .Nm .Bro -.Cm switch | boot | test | build | dry-build | dry-activate | edit | build-vm | build-vm-with-bootloader +.Cm switch | boot | test | build | dry-build | dry-activate | edit | build-vm | build-vm-with-bootloader | list-generations Op Fl -json .Brc .br .Op Fl -upgrade | -upgrade-all @@ -196,6 +196,14 @@ The boot loader is installed on an automatically generated virtual disk containing a .Pa /boot partition. +. +.It Cm list-generations Op Fl -json +List the available generations in a similar manner to the boot loader +menu. It shows the generation number, build date and time, NixOS version, +kernel version and the configuration revision. This is useful to get +information e.g. for which generation to roll back to with +.Ic nixos-rebuild switch Fl -generation Ar N +There is also a json version of output available. .El . . diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 89871056c482f..2f89642845e22 100755 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -36,6 +36,7 @@ verboseScript= noFlake= # comma separated list of vars to preserve when using sudo preservedSudoVars=NIXOS_INSTALL_BOOTLOADER +json= # log the given argument to stderr log() { @@ -48,7 +49,7 @@ while [ "$#" -gt 0 ]; do --help) showSyntax ;; - switch|boot|test|build|edit|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader) + switch|boot|test|build|edit|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader|list-generations) if [ "$i" = dry-run ]; then i=dry-build; fi # exactly one action mandatory, bail out if multiple are given if [ -n "$action" ]; then showSyntax; fi @@ -146,6 +147,9 @@ while [ "$#" -gt 0 ]; do k="$1"; shift 1 lockFlags+=("$i" "$j" "$k") ;; + --json) + json=1 + ;; *) log "$0: unknown option \`$i'" exit 1 @@ -507,6 +511,87 @@ if [ "$action" = dry-build ]; then extraBuildFlags+=(--dry-run) fi +if [ "$action" = list-generations ]; then + if [ ! -L "$profile" ]; then + log "No profile \`$(basename "$profile")' found" + exit 1 + fi + + generation_from_dir() { + generation_dir="$1" + generation_base="$(basename "$generation_dir")" # Has the format "system-123-link" for generation 123 + no_link_gen="${generation_base%-link}" # remove the "-link" + echo "${no_link_gen##*-}" # remove everything before the last dash + } + describe_generation(){ + generation_dir="$1" + generation_number="$(generation_from_dir "$generation_dir")" + nixos_version="$(cat "$generation_dir/nixos-version" 2> /dev/null || echo "Unknown")" + + kernel_dir="$(dirname "$(realpath "$generation_dir/kernel")")" + kernel_version="$(ls "$kernel_dir/lib/modules" || echo "Unknown")" + + configurationRevision="$("$generation_dir/sw/bin/nixos-version" --configuration-revision 2> /dev/null || true)" + + # Old nixos-version output ignored unknown flags and just printed the version + # therefore the following workaround is done not to show the default output + nixos_version_default="$("$generation_dir/sw/bin/nixos-version")" + if [ "$configurationRevision" == "$nixos_version_default" ]; then + configurationRevision="" + fi + + # jq automatically quotes the output => don't try to quote it in output! + build_date="$(stat "$generation_dir" --format=%W | jq 'todate')" + + pushd "$generation_dir/specialisation/" > /dev/null || : + specialisation_list=(*) + popd > /dev/null || : + + specialisations="$(jq --compact-output --null-input '$ARGS.positional' --args -- "${specialisation_list[@]}")" + + if [ "$(basename "$generation_dir")" = "$(readlink "$profile")" ]; then + current_generation_tag="true" + else + current_generation_tag="false" + fi + + # Escape userdefined strings + nixos_version="$(jq -aR <<< "$nixos_version")" + kernel_version="$(jq -aR <<< "$kernel_version")" + configurationRevision="$(jq -aR <<< "$configurationRevision")" + cat << EOF +{ + "generation": $generation_number, + "date": $build_date, + "nixosVersion": $nixos_version, + "kernelVersion": $kernel_version, + "configurationRevision": $configurationRevision, + "specialisations": $specialisations, + "current": $current_generation_tag +} +EOF + } + + find "$(dirname "$profile")" -regex "$profile-[0-9]+-link" | + sort -Vr | + while read -r generation_dir; do + describe_generation "$generation_dir" + done | + if [ -z "$json" ]; then + jq --slurp -r '.[] | [ + ([.generation, (if .current == true then "current" else "" end)] | join(" ")), + (.date | fromdate | strflocaltime("%Y-%m-%d %H:%M:%S")), + .nixosVersion, .kernelVersion, .configurationRevision, + (.specialisations | join(" ")) + ] | @tsv' | + column --separator $'\t' --table --table-columns "Generation,Build-date,NixOS version,Kernel,Configuration Revision,Specialisation" | + ${PAGER:cat} + else + jq --slurp . + fi + exit 0 +fi + # Either upgrade the configuration in the system profile (for "switch" # or "boot"), or just build it and create a symlink "result" in the diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index 9595de407cb49..24e0ed5adbb19 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -75,6 +75,18 @@ rec { url = "https://developer.nvidia.com/downloads/vulkan-beta-${lib.concatStrings (lib.splitString "." version)}-linux"; }; + # data center driver compatible with current default cudaPackages + dc = dc_520; + dc_520 = generic rec { + version = "520.61.05"; + url = "https://us.download.nvidia.com/tesla/${version}/NVIDIA-Linux-x86_64-${version}.run"; + sha256_64bit = "sha256-EPYWZwOur/6iN/otDMrNDpNXr1mzu8cIqQl8lXhQlzU=="; + fabricmanagerSha256 = "sha256-o8Kbmkg7qczKQclaGvEyXNzEOWq9ZpQZn9syeffnEiE=="; + useSettings = false; + usePersistenced = false; + useFabricmanager = true; + }; + # Update note: # If you add a legacy driver here, also update `top-level/linux-kernels.nix`, # adding to the `nvidia_x11_legacy*` entries. diff --git a/pkgs/os-specific/linux/nvidia-x11/fabricmanager.nix b/pkgs/os-specific/linux/nvidia-x11/fabricmanager.nix new file mode 100644 index 0000000000000..58cf8c0e3557c --- /dev/null +++ b/pkgs/os-specific/linux/nvidia-x11/fabricmanager.nix @@ -0,0 +1,47 @@ +nvidia_x11: sha256: + +{ stdenv, lib, fetchurl, patchelf }: + +let + sys = with lib; concatStringsSep "-" (reverseList (splitString "-" stdenv.system)); + bsys = builtins.replaceStrings ["_"] ["-"] sys; + fmver = nvidia_x11.version; +in + +stdenv.mkDerivation rec { + pname = "fabricmanager"; + version = fmver; + src = fetchurl { + url = "https://developer.download.nvidia.com/compute/cuda/redist/fabricmanager/" + + "${sys}/${pname}-${sys}-${fmver}-archive.tar.xz"; + inherit sha256; + }; + phases = [ "unpackPhase" "installPhase" ]; + + installPhase = '' + find . + mkdir -p $out/{bin,share/nvidia-fabricmanager} + for bin in nv{-fabricmanager,switch-audit};do + ${patchelf}/bin/patchelf \ + --set-interpreter ${stdenv.cc.libc}/lib/ld-${bsys}.so.2 \ + --set-rpath ${lib.makeLibraryPath [ stdenv.cc.libc ]} \ + bin/$bin + done + mv bin/nv{-fabricmanager,switch-audit} $out/bin/. + for d in etc systemd share/nvidia;do + mv $d $out/share/nvidia-fabricmanager/. + done + for d in include lib;do + mv $d $out/. + done + ''; + + meta = with lib; { + homepage = "https://www.nvidia.com/object/unix.html"; + description = "Fabricmanager daemon for NVLink intialization and control"; + license = licenses.unfreeRedistributable; + platforms = nvidia_x11.meta.platforms; + mainProgram = "nv-fabricmanager"; + maintainers = with maintainers; [ edwtjo ]; + }; +} diff --git a/pkgs/os-specific/linux/nvidia-x11/generic.nix b/pkgs/os-specific/linux/nvidia-x11/generic.nix index 792fda42ca9c4..8ec292f272514 100644 --- a/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -4,14 +4,19 @@ , sha256_64bit , sha256_aarch64 ? null , openSha256 ? null -, settingsSha256 +, settingsSha256 ? null , settingsVersion ? version -, persistencedSha256 +, persistencedSha256 ? null , persistencedVersion ? version +, fabricmanagerSha256 ? null +, fabricmanagerVersion ? version , useGLVND ? true , useProfiles ? true , preferGtk2 ? false , settings32Bit ? false +, useSettings ? true +, usePersistenced ? true +, useFabricmanager ? false , ibtSupport ? false , prePatch ? "" @@ -33,14 +38,21 @@ disable32Bit ? stdenv.hostPlatform.system == "aarch64-linux" # 32 bit libs only version of this package , lib32 ? null - # Whether to extract the GSP firmware -, firmware ? openSha256 != null + # Whether to extract the GSP firmware, datacenter drivers needs to extract the + # firmware +, firmware ? openSha256 != null || useFabricmanager + # Whether the user accepts the NVIDIA Software License +, config, acceptLicense ? config.nvidia.acceptLicense or false }: with lib; assert !libsOnly -> kernel != null; assert versionOlder version "391" -> sha256_32bit != null; +assert useSettings -> settingsSha256 != null; +assert usePersistenced -> persistencedSha256 != null; +assert useFabricmanager -> fabricmanagerSha256 != null; +assert useFabricmanager -> !(useSettings || usePersistenced); let nameSuffix = optionalString (!libsOnly) "-${kernel.version}"; @@ -54,12 +66,33 @@ let dbus # for nvidia-powerd ]); + # maybe silly since we've ignored this previously and just unfree.. + throwLicense = throw '' + Use of NVIDIA Software requires license acceptance of the license: + + - License For Customer Use of NVIDIA Software [1] + + You can express acceptance by setting acceptLicense to true your nixpkgs.config. + Example: + + configuration.nix: + nixpkgs.config.allowUnfree = true; + nixpkgs.config.nvidia.acceptLicense = true; + + config.nix: + allowUnfree = true; + nvidia.acceptLicense = true; + + [1]: https://www.nvidia.com/content/DriverDownloads/licence.php?lang=us + ''; + self = stdenv.mkDerivation { - name = "nvidia-x11-${version}${nameSuffix}"; + name = "nvidia-${if useFabricmanager then "dc" else "x11"}-${version}${nameSuffix}"; builder = ./builder.sh; src = + if !acceptLicense && (openSha256 == null) then throwLicense else if stdenv.hostPlatform.system == "x86_64-linux" then fetchurl { urls = if args ? url then [ args.url ] else [ @@ -127,11 +160,17 @@ let nvidia_x11 = self; broken = brokenOpen; }) openSha256; - settings = (if settings32Bit then pkgsi686Linux.callPackage else callPackage) (import ./settings.nix self settingsSha256) { - withGtk2 = preferGtk2; - withGtk3 = !preferGtk2; - }; - persistenced = mapNullable (hash: callPackage (import ./persistenced.nix self hash) { }) persistencedSha256; + settings = if useSettings then + (if settings32Bit then pkgsi686Linux.callPackage else callPackage) (import ./settings.nix self settingsSha256) { + withGtk2 = preferGtk2; + withGtk3 = !preferGtk2; + } else {}; + persistenced = if usePersistenced then + mapNullable (hash: callPackage (import ./persistenced.nix self hash) { }) persistencedSha256 + else {}; + fabricmanager = if useFabricmanager then + mapNullable (hash: callPackage (import ./fabricmanager.nix self hash) { }) fabricmanagerSha256 + else {}; inherit persistencedVersion settingsVersion; compressFirmware = false; ibtSupport = ibtSupport || (lib.versionAtLeast version "530"); @@ -141,12 +180,12 @@ let meta = with lib; { homepage = "https://www.nvidia.com/object/unix.html"; - description = "X.org driver and kernel module for NVIDIA graphics cards"; + description = "${if useFabricmanager then "Data Center" else "X.org"} driver and kernel module for NVIDIA cards"; license = licenses.unfreeRedistributable; platforms = [ "x86_64-linux" ] ++ optionals (sha256_32bit != null) [ "i686-linux" ] ++ optionals (sha256_aarch64 != null) [ "aarch64-linux" ]; - maintainers = with maintainers; [ jonringer kiskae ]; + maintainers = with maintainers; [ jonringer kiskae edwtjo ]; priority = 4; # resolves collision with xorg-server's "lib/xorg/modules/extensions/libglx.so" inherit broken; }; diff --git a/pkgs/os-specific/linux/pam_mount/default.nix b/pkgs/os-specific/linux/pam_mount/default.nix index 1613e11e0280f..2ed6829f3614a 100644 --- a/pkgs/os-specific/linux/pam_mount/default.nix +++ b/pkgs/os-specific/linux/pam_mount/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "pam_mount"; - version = "2.19"; + version = "2.20"; src = fetchurl { - url = "mirror://sourceforge/pam-mount/pam_mount/${pname}-${version}.tar.xz"; - sha256 = "02m6w04xhgv2yx69yxph8giw0sp39s9lvvlffslyna46fnr64qvb"; + url = "https://inai.de/files/pam_mount/${pname}-${version}.tar.xz"; + hash = "sha256-VCYgekhWgPjhdkukBbs4w5pODIMGvIJxkQ8bgZozbO0="; }; patches = [ diff --git a/pkgs/os-specific/linux/uclibc-ng/default.nix b/pkgs/os-specific/linux/uclibc-ng/default.nix index b357bc50e5848..43c9bbfa8f3f6 100644 --- a/pkgs/os-specific/linux/uclibc-ng/default.nix +++ b/pkgs/os-specific/linux/uclibc-ng/default.nix @@ -58,11 +58,11 @@ let in stdenv.mkDerivation rec { pname = "uclibc-ng"; - version = "1.0.42"; + version = "1.0.44"; src = fetchurl { url = "https://downloads.uclibc-ng.org/releases/${version}/uClibc-ng-${version}.tar.xz"; - sha256 = "sha256-7G2uRM6GVYiF5WvDvva9TQgjlxFObh/BV5X3HoBNcBY="; + sha256 = "sha256-ffnZh5VYJzgvHCQA2lE0Vr7Ltvhovf03c3Jl8cvuyZQ="; }; # 'ftw' needed to build acl, a coreutils dependency |