diff --git a/custom/modules/default.nix b/custom/modules/default.nix index 1c2f431..5775016 100644 --- a/custom/modules/default.nix +++ b/custom/modules/default.nix @@ -9,5 +9,82 @@ let linuxMainline = import ./kernel.nix { inherit pkgs lib kernel-src; }; in { - boot.kernelPackages = pkgs.linuxPackagesFor linuxMainline; + boot = { + kernelPackages = pkgs.linuxPackagesFor linuxMainline; + kernelPatches = [ + { + name = "gpu"; + structuredExtraConfig = ( + with lib.kernel; + { + CPU_SUP_INTEL = no; + CPU_SUP_HYGON = no; + CPU_SUP_CENTAUR = no; + CPU_SUP_ZHAOXIN = no; + # + X86_MCE_INTEL = no; + } + ); + } + { + name = "gpu"; + structuredExtraConfig = ( + with lib.kernel; + { + DRM_AMDGPU = no; + DRM_KOMEDA = no; + DRM_NOUVEAU = no; + DRM_RADEON = no; + # + FB_NVIDIA = no; + FB_RADEON = no; + } + ); + } + { + name = "go crazy, go stupid"; + structuredExtraConfig = ( + with lib.kernel; + { + # CPU_MITIGATIONS = no; + # + # unaffected by + MITIGATION_PAGE_TABLE_ISOLATION = no; + MITIGATION_GDS = no; + MITIGATION_RFDS = no; + MITIGATION_MDS = no; + MITIGATION_TAA = no; + MITIGATION_MMIO_STALE_DATA = no; + MITIGATION_L1TF = no; + MITIGATION_SRBDS = no; + MITIGATION_ITS = no; + MITIGATION_SPECTRE_BHI = no; + MITIGATION_IBRS_ENTRY = no; + MITIGATION_CALL_DEPTH_TRACKING = no; + } + ); + } + { + name = "audio"; + structuredExtraConfig = ( + with lib.kernel; + { + SND_SEQ_DEVICE = no; + SND_SEQUENCER = no; + SND_SEQ_DUMMY = no; + SND_HRTIMER = no; + } + ); + } + { + name = "network"; + structuredExtraConfig = ( + with lib.kernel; + { + # VLAN_8021Q = no; + } + ); + } + ]; + }; } diff --git a/flake.nix b/flake.nix index e6b208f..7c7debf 100644 --- a/flake.nix +++ b/flake.nix @@ -156,81 +156,6 @@ # amneziawg ]; kernelParams = [ "mitigations=off" ]; - kernelPatches = [ - { - name = "gpu"; - structuredExtraConfig = ( - with lib.kernel; - { - CPU_SUP_INTEL = no; - CPU_SUP_HYGON = no; - CPU_SUP_CENTAUR = no; - CPU_SUP_ZHAOXIN = no; - # - X86_MCE_INTEL = no; - } - ); - } - { - name = "gpu"; - structuredExtraConfig = ( - with lib.kernel; - { - DRM_AMDGPU = no; - DRM_KOMEDA = no; - DRM_NOUVEAU = no; - DRM_RADEON = no; - # - FB_NVIDIA = no; - FB_RADEON = no; - } - ); - } - { - name = "go crazy, go stupid"; - structuredExtraConfig = ( - with lib.kernel; - { - # CPU_MITIGATIONS = no; - # - # unaffected by - MITIGATION_PAGE_TABLE_ISOLATION = no; - MITIGATION_GDS = no; - MITIGATION_RFDS = no; - MITIGATION_MDS = no; - MITIGATION_TAA = no; - MITIGATION_MMIO_STALE_DATA = no; - MITIGATION_L1TF = no; - MITIGATION_SRBDS = no; - MITIGATION_ITS = no; - MITIGATION_SPECTRE_BHI = no; - MITIGATION_IBRS_ENTRY = no; - MITIGATION_CALL_DEPTH_TRACKING = no; - } - ); - } - { - name = "audio"; - structuredExtraConfig = ( - with lib.kernel; - { - SND_SEQ_DEVICE = no; - SND_SEQUENCER = no; - SND_SEQ_DUMMY = no; - SND_HRTIMER = no; - } - ); - } - { - name = "network"; - structuredExtraConfig = ( - with lib.kernel; - { - # VLAN_8021Q = no; - } - ); - } - ]; }; # nixpkgs.config.permittedInsecurePackages = [ # "olm-3.2.16"