Skip to content

Commit

Permalink
autoModuleSignHook: sign when aggregated
Browse files Browse the repository at this point in the history
  • Loading branch information
@eadwu
eadwu committed Aug 17, 2020
1 parent 6366850 commit 4938fc4
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 5 deletions.
2 changes: 1 addition & 1 deletion nixos/modules/system/boot/kernel.nix
View file
Expand Up @@ -166,7 +166,7 @@ in
symlinks because modprobe only supports one directory.
'';
# Convert the list of path to only one path.
apply = pkgs.aggregateModules;
apply = pkgs.aggregateModules config.boot.kernelPackages.autoModuleSignHook;
};

system.requiredKernelConfig = mkOption {
Expand Down
3 changes: 2 additions & 1 deletion pkgs/os-specific/linux/kernel/manual-config.nix
View file
Expand Up @@ -49,7 +49,8 @@ let

# Dependencies that are required to build kernel modules
moduleBuildDependencies = optional (stdenv.lib.versionAtLeast version "4.14") libelf
++ extraModuleBuildDependencies;
# ++ extraModuleBuildDependencies
;

installkernel = writeTextFile { name = "installkernel"; executable=true; text = ''
#!${stdenv.shell} -e
Expand Down
6 changes: 5 additions & 1 deletion pkgs/os-specific/linux/kmod/aggregator.nix
View file
@@ -1,8 +1,10 @@
{ stdenvNoCC, kmod, modules, buildEnv, name ? "kernel-modules" }:
{ stdenvNoCC, kmod, modules, buildEnv, autoModuleSignHook, name ? "kernel-modules" }:

buildEnv {
inherit name;

buildInputs = [ autoModuleSignHook ];

paths = modules;

postBuild =
Expand Down Expand Up @@ -31,5 +33,7 @@ buildEnv {
rm -f $out/lib/modules/$kernelVersion/modules.!(builtin*|order*)
${kmod}/bin/depmod -b $out -C $out/etc/depmod.d -a $kernelVersion
fi
moduleSignPhase()
'';
}
11 changes: 9 additions & 2 deletions pkgs/top-level/all-packages.nix
View file
Expand Up @@ -17439,6 +17439,13 @@ in
# Obsolete aliases (these packages do not depend on the kernel).
inherit (pkgs) odp-dpdk pktgen; # added 2018-05

autoModuleSignHook = makeSetupHook
{ substitutions =
{ kernel = kernel.dev + "/lib/modules/${kernel.modDirVersion}/build";
hash = if (kernel.configfile.structuredConfig ? MODULE_SIG_HASH)
then kernel.configfile.structuredConfig.MODULE_SIG_HASH.freeform else ""; }; }
../os-specific/linux/kernel/sign-module.sh;

acpi_call = callPackage ../os-specific/linux/acpi-call {};

amdgpu-pro = callPackage ../os-specific/linux/amdgpu-pro { };
Expand Down Expand Up @@ -17819,10 +17826,10 @@ in

mmc-utils = callPackage ../os-specific/linux/mmc-utils { };

aggregateModules = modules:
aggregateModules = autoModuleSignHook: modules:
callPackage ../os-specific/linux/kmod/aggregator.nix {
inherit (buildPackages) kmod;
inherit modules;
inherit modules autoModuleSignHook;
};

multipart-parser-c = callPackage ../development/libraries/multipart-parser-c { };
Expand Down

0 comments on commit 4938fc4

Please sign in to comment.