diff --git a/flake.lock b/flake.lock index 5134ed1..875a42e 100644 --- a/flake.lock +++ b/flake.lock @@ -1,12 +1,104 @@ { "nodes": { + "eosyn": { + "inputs": { + "lix": "lix", + "lix-module": "lix-module", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1732909782, + "narHash": "sha256-DG4+Leg/w3tnlPXGd+d31OGna+sgGwMFdb9l3mpRjy0=", + "ref": "refs/heads/main", + "rev": "a9198f5ea57c3b95ba59812071593634a3e951de", + "revCount": 1, + "type": "git", + "url": "https://woof.rip/mikael/eosyn.git" + }, + "original": { + "type": "git", + "url": "https://woof.rip/mikael/eosyn.git" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1732806742, + "narHash": "sha256-2RNOVB3UIIxxjiFKrEqSgnSoHK+olbw2o5g/63dDjJ8=", + "rev": "f5754dc90ae9b1207656d0e29ad2704d3ef1e554", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/f5754dc90ae9b1207656d0e29ad2704d3ef1e554.tar.gz?rev=f5754dc90ae9b1207656d0e29ad2704d3ef1e554" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils", + "flakey-profile": "flakey-profile", + "lix": [ + "eosyn", + "lix" + ], + "nixpkgs": [ + "eosyn", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1732603698, + "narHash": "sha256-Jw2MhzgCCrKV2MJytehG0cCLIAosBX71p8qmQ6XQlR4=", + "rev": "15b999f9c958c475f71fb8c543b9fc2f36ae8730", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/15b999f9c958c475f71fb8c543b9fc2f36ae8730.tar.gz?rev=15b999f9c958c475f71fb8c543b9fc2f36ae8730" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz" + } + }, "nixpkgs": { "locked": { - "lastModified": 1731531548, - "narHash": "sha256-sz8/v17enkYmfpgeeuyzniGJU0QQBfmAjlemAUYhfy8=", + "lastModified": 1732617236, + "narHash": "sha256-PYkz6U0bSEaEB1al7O1XsqVNeSNS+s3NVclJw7YC43w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "24f0d4acd634792badd6470134c387a3b039dace", + "rev": "af51545ec9a44eadf3fe3547610a5cdd882bc34e", "type": "github" }, "original": { @@ -18,7 +110,22 @@ }, "root": { "inputs": { - "nixpkgs": "nixpkgs" + "eosyn": "eosyn" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 435c02b..2279809 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Hardened Linux kernel"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + eosyn.url = "git+https://woof.rip/mikael/eosyn.git"; }; nixConfig = { @@ -11,29 +11,29 @@ extra-trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ]; }; - outputs = { self, nixpkgs, ... }@inputs: let - inherit (nixpkgs) lib; + outputs = { self, eosyn, ... }@inputs: let + inherit (eosyn) lib; packageWith = pkgs: args: pkgs.callPackage ./package.nix (if builtins.isPath args then import args else args); in { lib.kernel = import ./lib.nix { inherit lib; }; packages = { riscv64-linux = let - package = packageWith nixpkgs.legacyPackages.riscv64-linux; + package = packageWith eosyn.legacyPackages.riscv64-linux; in { default = package { }; paravirt = package ./platform/paravirt.nix; }; aarch64-linux = let - package = packageWith nixpkgs.legacyPackages.aarch64-linux; + package = packageWith eosyn.legacyPackages.aarch64-linux; in { default = package { }; paravirt = package ./platform/paravirt.nix; }; x86_64-linux = let - package = packageWith nixpkgs.legacyPackages.x86_64-linux; + package = packageWith eosyn.legacyPackages.x86_64-linux; in { default = package { }; paravirt = package ./platform/paravirt.nix; @@ -44,7 +44,7 @@ devShells = lib.genAttrs [ "riscv64-linux" "aarch64-linux" "x86_64-linux" ] (system: { default = let - pkgs = nixpkgs.legacyPackages.${system}; + pkgs = eosyn.legacyPackages.${system}; in pkgs.mkShell { packages = with pkgs; [ pkg-config ncurses.dev bison ]; inputsFrom = [ self.packages.${system}.default ]; @@ -52,6 +52,6 @@ }); hydraJobs = self.packages |> lib.foldlAttrs (jobs: system: packages: lib.recursiveUpdate jobs - (lib.mapAttrs (name: package: { ${system} = package; }) packages)) { }; + (lib.mapAttrs (name: package: { ${system} = lib.hydraJob package; }) packages)) { }; }; } diff --git a/package.nix b/package.nix index 922715d..4dd0b48 100644 --- a/package.nix +++ b/package.nix @@ -2,7 +2,7 @@ lib, stdenv, buildPackages, - llvmPackages_19, + llvmPackages, hostPlatform, fetchFromGitHub, buildEnv, @@ -29,7 +29,7 @@ }@args: lib.makeOverridable ({ - llvmPackages ? llvmPackages_19, + llvmPackages ? llvmPackages, instSetArch ? hostPlatform.gccarch or null, platformConfig ? { }, extraConfig ? { },