experiment

2024-07-31 19:52:48 +02:00 · 2024-07-31 19:52:48 +02:00 · 264153f81c
commit 264153f81c
parent e5c2785e47
1 changed files with 23 additions and 21 deletions
--- a/flake.nix
+++ b/flake.nix
@ -16,31 +16,33 @@

    linux-hardened = pkgs: arch: configfile:
    let
-      inherit (pkgs) linuxKernel fetchFromGitHub gccStdenv;
+      inherit (pkgs)
+        callPackage
+        gccStdenv
+        linuxPackagesFor
+        recurseIntoAttrs;

-      kernel = linuxKernel.manualConfig rec {
-        pname = "linux-hardened";
-        version = "6.10.2-hardened1";
+      package = { stdenv, linuxKernel, fetchFromGitHub, ... }:
+        linuxKernel.manualConfig rec {
+          inherit configfile stdenv;

-        src = fetchFromGitHub {
-          owner = "anthraxx";
-          repo = pname;
-          rev = "v${version}";
-          hash = "sha256-a9kxt09pQjUJUsdqaIMyA7Us6sxueaacetWKv59Xy3s=";
+          pname = "linux-hardened";
+          version = "6.10.2-hardened1";
+
+          src = fetchFromGitHub {
+            owner = "anthraxx";
+            repo = pname;
+            rev = "v${version}";
+            hash = "sha256-a9kxt09pQjUJUsdqaIMyA7Us6sxueaacetWKv59Xy3s=";
+          };
+
+          extraMakeFlags = [ "KCFLAGS=-march=${arch}" ];
+          isHardened = true;
+          features = { efiBootStub = true; };
        };

-        stdenv = gccStdenv;
-
-        extraMakeFlags = [ "KCFLAGS=-march=${arch}" ];
-
-        isHardened = true;
-        inherit configfile features;
-      };
-
-      features = { efiBootStub = true; };
-    in kernel.overrideAttrs (base: {
-      passthru = base.passthru // { inherit features; };
-    });
+      kernel = callPackage package { stdenv = gccStdenv; };
+    in recurseIntoAttrs (linuxPackagesFor kernel);
  in {
    packages.x86_64-linux =
    let