The patches are unmaintained and suggest a false sense of securitywip/yesman
parent
eac06ed070
commit
5fccac2b8d
@ -1,19 +0,0 @@ |
||||
import ./make-test.nix ({ pkgs, ...} : { |
||||
name = "kernel-copperhead"; |
||||
meta = with pkgs.stdenv.lib.maintainers; { |
||||
maintainers = [ nequissimus ]; |
||||
}; |
||||
|
||||
machine = { pkgs, ... }: |
||||
{ |
||||
boot.kernelPackages = pkgs.linuxPackages_copperhead_lts; |
||||
}; |
||||
|
||||
testScript = |
||||
'' |
||||
$machine->succeed("uname -a"); |
||||
$machine->succeed("uname -s | grep 'Linux'"); |
||||
$machine->succeed("uname -a | grep '${pkgs.linuxPackages_copperhead_lts.kernel.modDirVersion}'"); |
||||
$machine->succeed("uname -a | grep 'hardened'"); |
||||
''; |
||||
}) |
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -1,30 +0,0 @@ |
||||
{ stdenv, buildPackages, fetchFromGitHub, perl, buildLinux, ... } @ args: |
||||
|
||||
with stdenv.lib; |
||||
|
||||
let |
||||
version = "4.14.44"; |
||||
revision = "a"; |
||||
sha256 = "1alvhpwy9xzppwsag7qh1lkk3l4piyh2fv27w37il6gclja4dxkf"; |
||||
|
||||
# modVersion needs to be x.y.z, will automatically add .0 if needed |
||||
modVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))); |
||||
|
||||
# branchVersion needs to be x.y |
||||
branchVersion = concatStrings (intersperse "." (take 2 (splitString "." version))); |
||||
|
||||
modDirVersion = "${modVersion}-hardened"; |
||||
in |
||||
buildLinux (args // { |
||||
inherit modDirVersion; |
||||
|
||||
version = "${version}-${revision}"; |
||||
extraMeta.branch = "${branchVersion}"; |
||||
|
||||
src = fetchFromGitHub { |
||||
inherit sha256; |
||||
owner = "copperhead"; |
||||
repo = "linux-hardened"; |
||||
rev = "${version}.${revision}"; |
||||
}; |
||||
} // (args.argsOverride or {})) |
Loading…
Reference in new issue