···
1
+
# WARNING/NOTE: whenever you want to add an option here you need to either
2
+
# * mark it as an optional one with `option`,
3
+
# * or make sure it works for all the versions in nixpkgs,
4
+
# * or check for which kernel versions it will work (using kernel
5
+
# changelog, google or whatever) and mark it with `whenOlder` or
7
+
# Then do test your change by building all the kernels (or at least
8
+
# their configs) in Nixpkgs or else you will guarantee lots and lots
9
+
# of pain to users trying to switch to an older kernel because of some
10
+
# hardware problems with a new one.
3
-
WARNING/NOTE: whenever you want to add an option here you need to
15
+
# to let user override values, aka converting modules to included and vice-versa
16
+
, mkValueOverride ? null
6
-
* mark it as an optional one with `?` suffix,
7
-
* or make sure it works for all the versions in nixpkgs,
8
-
* or check for which kernel versions it will work (using kernel
9
-
changelog, google or whatever) and mark it with `versionOlder` or
18
+
# new extraConfig as a flattened set
19
+
, structuredExtraConfig ? {}
12
-
Then do test your change by building all the kernels (or at least
13
-
their configs) in Nixpkgs or else you will guarantee lots and lots
14
-
of pain to users trying to switch to an older kernel because of some
15
-
hardware problems with a new one.
21
+
# legacy extraConfig as string
19
-
{ stdenv, version, extraConfig, features }:
27
+
assert (mkValueOverride == null) || (builtins.isFunction mkValueOverride);
24
-
# Compress kernel modules for a sizable disk space savings.
25
-
${optionalString (versionAtLeast version "3.18") ''
27
-
MODULE_COMPRESS_XZ y
31
+
with import ../../../../lib/kernel.nix { inherit (stdenv) lib; inherit version; };
37
-
DEBUG_STACKOVERFLOW n
41
-
${if (features.debug or false) then ''
39
+
# TODO configuration items have to be part of subattrs. Remove this constraint
40
+
flattenKConf = nested: mapAttrs (_: head) (zipAttrs (attrValues nested));
47
-
${optionalString (versionOlder version "4.4") ''
48
-
CPU_NOTIFIER_ERROR_INJECT? n
51
-
${optionalString (versionOlder version "4.11") ''
45
+
DEBUG_INFO = if (features.debug or false) then yes else no;
48
+
DYNAMIC_DEBUG = yes;
49
+
TIMER_STATS = whenOlder "4.11" yes;
50
+
DEBUG_NX_TEST = whenOlder "4.11" no;
51
+
CPU_NOTIFIER_ERROR_INJECT = whenOlder "4.4" (option no);
52
+
DEBUG_STACK_USAGE = no;
53
+
DEBUG_STACKOVERFLOW = when (!grsecurity) no;
54
+
RCU_TORTURE_TEST = no;
56
+
DETECT_HUNG_TASK = yes;
57
+
CRASH_DUMP = option no;
58
+
# Easier debugging of NFS issues.
59
+
SUNRPC_DEBUG = whenAtLeast "3.4" yes;
56
-
# Bump the maximum number of CPUs to support systems like EC2 x1.*
57
-
# instances and Xeon Phi.
58
-
${optionalString (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") ''
62
+
power-management = {
63
+
PM_RUNTIME = whenOlder "3.19" yes;
64
+
PM_ADVANCED_DEBUG = yes;
65
+
X86_INTEL_LPSS = whenAtLeast "3.11" yes;
66
+
X86_INTEL_PSTATE = whenAtLeast "3.10" yes;
68
+
CPU_FREQ_DEFAULT_GOV_PERFORMANCE = yes;
69
+
USB_SUSPEND = whenOlder "3.10" yes;
62
-
# Unix domain sockets.
73
+
external-firmware = {
74
+
# Support drivers that need external firmware.
66
-
${optionalString (versionOlder version "3.19") ''
70
-
${optionalString (versionAtLeast version "3.11") ''
73
-
${optionalString (versionAtLeast version "3.10") ''
77
-
CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
78
-
${optionalString (versionOlder version "3.10") ''
79
+
# Make /proc/config.gz available
81
+
IKCONFIG_PROC = yes;
83
-
# Support drivers that need external firmware.
85
+
# Optimize with -O2, not -Os
86
+
CC_OPTIMIZE_FOR_SIZE = no;
86
-
# Make /proc/config.gz available.
90
-
# Optimize with -O2, not -Os.
91
-
CC_OPTIMIZE_FOR_SIZE n
93
+
# Include the CFQ I/O scheduler in the kernel, rather than as a
94
+
# module, so that the initrd gets a good I/O scheduler.
97
+
BLK_CGROUP = yes; # required by CFQ"
98
+
IOSCHED_DEADLINE = yes;
99
+
MQ_IOSCHED_DEADLINE = whenAtLeast "4.11" yes;
100
+
BFQ_GROUP_IOSCHED = whenAtLeast "4.12" yes;
101
+
MQ_IOSCHED_KYBER = whenAtLeast "4.12" yes;
102
+
IOSCHED_BFQ = whenAtLeast "4.12" module;
93
-
# Enable the kernel's built-in memory tester.
96
-
# Include the CFQ I/O scheduler in the kernel, rather than as a
97
-
# module, so that the initrd gets a good I/O scheduler.
99
-
BLK_CGROUP y # required by CFQ
101
-
${optionalString (versionAtLeast version "4.11") ''
102
-
MQ_IOSCHED_DEADLINE y
104
-
${optionalString (versionAtLeast version "4.12") ''
105
-
BFQ_GROUP_IOSCHED y
113
+
IPV6_PRIVACY = whenOlder "3.13" yes;
115
+
NETFILTER_ADVANCED = yes;
116
+
IP_VS_PROTO_TCP = yes;
117
+
IP_VS_PROTO_UDP = yes;
118
+
IP_VS_PROTO_ESP = yes;
119
+
IP_VS_PROTO_AH = yes;
120
+
IP_DCCP_CCID3 = no; # experimental
121
+
CLS_U32_PERF = yes;
122
+
CLS_U32_MARK = yes;
123
+
BPF_JIT = when (stdenv.system == "x86_64-linux") yes;
125
+
# Required by systemd per-cgroup firewalling
126
+
CGROUP_BPF = option yes;
127
+
CGROUP_NET_PRIO = yes; # Required by systemd
128
+
IP_ROUTE_VERBOSE = yes;
129
+
IP_MROUTE_MULTIPLE_TABLES = yes;
130
+
IP_MULTICAST = yes;
131
+
IPV6_ROUTER_PREF = yes;
132
+
IPV6_ROUTE_INFO = yes;
133
+
IPV6_OPTIMISTIC_DAD = yes;
134
+
IPV6_MULTIPLE_TABLES = yes;
135
+
IPV6_SUBTREES = yes;
137
+
IPV6_MROUTE_MULTIPLE_TABLES = yes;
138
+
IPV6_PIMSM_V2 = yes;
139
+
IPV6_FOU_TUNNEL = whenAtLeast "4.7" module;
140
+
NET_CLS_BPF = whenAtLeast "4.4" module;
141
+
NET_ACT_BPF = whenAtLeast "4.4" module;
145
+
BRIDGE_VLAN_FILTERING = yes;
147
+
NET_L3_MASTER_DEV = option yes;
148
+
NET_FOU_IP_TUNNELS = option yes;
149
+
IP_NF_TARGET_REDIRECT = module;
151
+
PPP_MULTILINK = yes; # PPP multilink support
113
-
# Disable some expensive (?) features.
154
+
# needed for iwd WPS support (wpa_supplicant replacement)
155
+
KEY_DH_OPERATIONS = whenAtLeast "4.7" yes;
116
-
# Enable initrd support.
159
+
CFG80211_WEXT = option yes; # Without it, ipw2200 drivers don't build
160
+
IPW2100_MONITOR = option yes; # support promiscuous mode
161
+
IPW2200_MONITOR = option yes; # support promiscuous mode
162
+
HOSTAP_FIRMWARE = option yes; # Support downloading firmware images with Host AP driver
163
+
HOSTAP_FIRMWARE_NVRAM = option yes;
164
+
ATH9K_PCI = option yes; # Detect Atheros AR9xxx cards on PCI(e) bus
165
+
ATH9K_AHB = option yes; # Ditto, AHB bus
166
+
B43_PHY_HT = option (whenAtLeast "3.2" yes);
167
+
BCMA_HOST_PCI = option yes;
120
-
# Enable various subsystems.
121
-
ACCESSIBILITY y # Accessibility support
122
-
AUXDISPLAY y # Auxiliary Display support
124
-
MTD_COMPLEX_MAPPINGS y # needed for many devices
125
-
SCSI_LOWLEVEL y # enable lots of SCSI devices
126
-
SCSI_LOWLEVEL_PCMCIA y
127
-
SCSI_SAS_ATA y # added to enable detection of hard drive
128
-
SPI y # needed for many devices
131
-
${optionalString (versionOlder version "4.17") ''
132
-
DONGLE y # Serial dongle support
173
+
FB_NVIDIA_I2C = yes; # Enable DDC Support
175
+
FB_ATY_CT = yes; # Mach64 CT/VT/GT/LT (incl. 3D RAGE) support
176
+
FB_ATY_GX = yes; # Mach64 GX support
177
+
FB_SAVAGE_I2C = yes;
178
+
FB_SAVAGE_ACCEL = yes;
181
+
FB_3DFX_ACCEL = yes;
183
+
FRAMEBUFFER_CONSOLE = yes;
184
+
FRAMEBUFFER_CONSOLE_ROTATION = yes;
185
+
FB_GEODE = when (versionOlder version "3.9" || stdenv.system == "i686-linux") yes;
135
-
# Networking options.
138
-
${optionalString (versionOlder version "3.13") ''
142
-
NETFILTER_ADVANCED y
143
-
CGROUP_BPF? y # Required by systemd per-cgroup firewalling
144
-
CGROUP_NET_PRIO y # Required by systemd
146
-
IP_MROUTE_MULTIPLE_TABLES y
151
-
IP_DCCP_CCID3 n # experimental
155
-
IPV6_OPTIMISTIC_DAD y
156
-
IPV6_MULTIPLE_TABLES y
159
-
IPV6_MROUTE_MULTIPLE_TABLES y
161
-
${optionalString (versionAtLeast version "4.7") ''
166
-
${optionalString (stdenv.system == "x86_64-linux") ''
169
-
${optionalString (versionAtLeast version "4.4") ''
176
-
BRIDGE_VLAN_FILTERING y
178
-
NET_L3_MASTER_DEV? y
179
-
NET_FOU_IP_TUNNELS? y
180
-
IP_NF_TARGET_REDIRECT m
189
+
# Enable KMS for devices whose X.org driver supports it
190
+
DRM_I915_KMS = whenOlder "4.3" yes;
191
+
# Allow specifying custom EDID on the kernel command line
192
+
DRM_LOAD_EDID_FIRMWARE = yes;
193
+
DRM_RADEON_KMS = option (whenOlder "3.9" yes);
194
+
VGA_SWITCHEROO = yes; # Hybrid graphics support
197
+
# necessary for amdgpu polaris support
198
+
DRM_AMD_POWERPLAY = whenBetween "4.5" "4.9" yes;
199
+
# (experimental) amdgpu support for verde and newer chipsets
200
+
DRM_AMDGPU_SI = whenAtLeast "4.9" yes;
201
+
# (stable) amdgpu support for bonaire and newer chipsets
202
+
DRM_AMDGPU_CIK = whenAtLeast "4.9" yes;
203
+
DRM_I915_GVT = whenAtLeast "4.16" yes;
204
+
DRM_I915_GVT_KVMGT = whenAtLeast "4.16" module;
182
-
# Wireless networking.
183
-
CFG80211_WEXT? y # Without it, ipw2200 drivers don't build
184
-
IPW2100_MONITOR? y # support promiscuous mode
185
-
IPW2200_MONITOR? y # support promiscuous mode
186
-
HOSTAP_FIRMWARE? y # Support downloading firmware images with Host AP driver
187
-
HOSTAP_FIRMWARE_NVRAM? y
188
-
ATH9K_PCI? y # Detect Atheros AR9xxx cards on PCI(e) bus
189
-
ATH9K_AHB? y # Ditto, AHB bus
208
+
SND_DYNAMIC_MINORS = yes;
209
+
SND_AC97_POWER_SAVE = yes; # AC97 Power-Saving Mode
210
+
SND_HDA_INPUT_BEEP = yes; # Support digital beep via input layer
211
+
SND_HDA_RECONFIG = yes; # Support reconfiguration of jack functions
212
+
# Support configuring jack functions via fw mechanism at boot
213
+
SND_HDA_PATCH_LOADER = yes;
214
+
SND_USB_CAIAQ_INPUT = yes;
215
+
# Enable PSS mixer (Beethoven ADSP-16 and other compatible)
216
+
PSS_MIXER = whenOlder "4.12" yes;
193
-
# Enable various FB devices.
196
-
FB_NVIDIA_I2C y # Enable DDC Support
198
-
FB_ATY_CT y # Mach64 CT/VT/GT/LT (incl. 3D RAGE) support
199
-
FB_ATY_GX y # Mach64 GX support
206
-
FRAMEBUFFER_CONSOLE y
207
-
FRAMEBUFFER_CONSOLE_ROTATION y
208
-
${optionalString (stdenv.system == "i686-linux") ''
219
+
# Include firmware for various USB serial devices.
220
+
# Only applicable for kernels below 4.16, after that no firmware is shipped in the kernel tree.
222
+
USB_SERIAL_GENERIC = yes; # USB Generic Serial Driver
223
+
} // optionalAttrs (versionOlder version "4.16") {
224
+
USB_SERIAL_KEYSPAN_MPR = yes; # include firmware for various USB serial devices
225
+
USB_SERIAL_KEYSPAN_USA28 = yes;
226
+
USB_SERIAL_KEYSPAN_USA28X = yes;
227
+
USB_SERIAL_KEYSPAN_USA28XA = yes;
228
+
USB_SERIAL_KEYSPAN_USA28XB = yes;
229
+
USB_SERIAL_KEYSPAN_USA19 = yes;
230
+
USB_SERIAL_KEYSPAN_USA18X = yes;
231
+
USB_SERIAL_KEYSPAN_USA19W = yes;
232
+
USB_SERIAL_KEYSPAN_USA19QW = yes;
233
+
USB_SERIAL_KEYSPAN_USA19QI = yes;
234
+
USB_SERIAL_KEYSPAN_USA49W = yes;
235
+
USB_SERIAL_KEYSPAN_USA49WLC = yes;
212
-
# Video configuration.
213
-
# Enable KMS for devices whose X.org driver supports it.
214
-
${optionalString (versionOlder version "4.3") ''
218
-
${optionalString (versionAtLeast version "4.16") ''
220
-
DRM_I915_GVT_KVMGT m
222
-
# Allow specifying custom EDID on the kernel command line
223
-
DRM_LOAD_EDID_FIRMWARE y
224
-
VGA_SWITCHEROO y # Hybrid graphics support
227
-
${optionalString (versionAtLeast version "4.5" && (versionOlder version "4.9")) ''
228
-
DRM_AMD_POWERPLAY y # necessary for amdgpu polaris support
230
-
${optionalString (versionAtLeast version "4.9") ''
231
-
DRM_AMDGPU_SI y # (experimental) amdgpu support for verde and newer chipsets
232
-
DRM_AMDGPU_CIK y # (stable) amdgpu support for bonaire and newer chipsets
239
+
USB_DEBUG = option (whenOlder "3.15" no);
240
+
USB_EHCI_ROOT_HUB_TT = yes; # Root Hub Transaction Translators
241
+
USB_EHCI_TT_NEWSCHED = yes; # Improved transaction translator scheduling
236
-
SND_DYNAMIC_MINORS y
237
-
SND_AC97_POWER_SAVE y # AC97 Power-Saving Mode
238
-
SND_HDA_INPUT_BEEP y # Support digital beep via input layer
239
-
SND_HDA_RECONFIG y # Support reconfiguration of jack functions
240
-
SND_HDA_PATCH_LOADER y # Support configuring jack functions via fw mechanism at boot
241
-
SND_USB_CAIAQ_INPUT y
242
-
${optionalString (versionOlder version "4.12") ''
243
-
PSS_MIXER y # Enable PSS mixer (Beethoven ADSP-16 and other compatible)
244
+
# Filesystem options - in particular, enable extended attributes and
245
+
# ACLs for all filesystems that support them.
249
+
TMPFS_POSIX_ACL = yes;
250
+
FS_ENCRYPTION = option (whenAtLeast "4.9" module);
246
-
# USB serial devices.
247
-
USB_SERIAL_GENERIC y # USB Generic Serial Driver
252
+
EXT2_FS_XATTR = yes;
253
+
EXT2_FS_POSIX_ACL = yes;
254
+
EXT2_FS_SECURITY = yes;
255
+
EXT2_FS_XIP = whenOlder "4.0" yes; # Ext2 execute in place support
249
-
# Include firmware for various USB serial devices.
250
-
# Only applicable for kernels below 4.16, after that no firmware is shipped in the kernel tree.
251
-
${optionalString (versionOlder version "4.16") ''
252
-
USB_SERIAL_KEYSPAN_MPR y
253
-
USB_SERIAL_KEYSPAN_USA28 y
254
-
USB_SERIAL_KEYSPAN_USA28X y
255
-
USB_SERIAL_KEYSPAN_USA28XA y
256
-
USB_SERIAL_KEYSPAN_USA28XB y
257
-
USB_SERIAL_KEYSPAN_USA19 y
258
-
USB_SERIAL_KEYSPAN_USA18X y
259
-
USB_SERIAL_KEYSPAN_USA19W y
260
-
USB_SERIAL_KEYSPAN_USA19QW y
261
-
USB_SERIAL_KEYSPAN_USA19QI y
262
-
USB_SERIAL_KEYSPAN_USA49W y
263
-
USB_SERIAL_KEYSPAN_USA49WLC y
257
+
EXT3_FS_POSIX_ACL = yes;
258
+
EXT3_FS_SECURITY = yes;
266
-
# Device mapper (RAID, LVM, etc.)
260
+
EXT4_FS_POSIX_ACL = yes;
261
+
EXT4_FS_SECURITY = yes;
262
+
EXT4_ENCRYPTION = option ((if (versionOlder version "4.8") then module else yes));
269
-
# Filesystem options - in particular, enable extended attributes and
270
-
# ACLs for all filesystems that support them.
274
-
${optionalString (versionAtLeast version "4.9") ''
278
-
EXT2_FS_POSIX_ACL y
280
-
${optionalString (versionOlder version "4.0") ''
281
-
EXT2_FS_XIP y # Ext2 execute in place support
283
-
EXT3_FS_POSIX_ACL y
285
-
EXT4_FS_POSIX_ACL y
286
-
EXT4_ENCRYPTION? ${if versionOlder version "4.8" then "m" else "y"}
288
-
REISERFS_FS_XATTR? y
289
-
REISERFS_FS_POSIX_ACL? y
290
-
REISERFS_FS_SECURITY? y
295
-
XFS_RT? y # XFS Realtime subvolume support
296
-
OCFS2_DEBUG_MASKLOG? n
297
-
BTRFS_FS_POSIX_ACL y
298
-
UBIFS_FS_ADVANCED_COMPR? y
300
-
F2FS_FS_SECURITY? y
301
-
F2FS_FS_ENCRYPTION? y
303
-
${optionalString (versionAtLeast version "4.0" && versionOlder version "4.6") ''
310
-
${optionalString (versionAtLeast version "3.11") ''
311
-
NFSD_V4_SECURITY_LABEL y
316
-
${optionalString (versionAtLeast version "3.11") ''
317
-
NFS_V4_1 y # NFSv4.1 client support
319
-
NFS_V4_SECURITY_LABEL y
325
-
CIFS_WEAK_PW_HASH y
329
-
${optionalString (versionOlder version "4.13") ''
332
-
${optionalString (versionAtLeast version "3.12") ''
335
-
${optionalString (versionAtLeast version "3.14") ''
336
-
CEPH_FS_POSIX_ACL y
338
-
${optionalString (versionAtLeast version "3.13") ''
339
-
SQUASHFS_FILE_DIRECT y
340
-
SQUASHFS_DECOMP_MULTI_PERCPU y
346
-
${optionalString (versionAtLeast version "3.19") ''
264
+
REISERFS_FS_XATTR = option yes;
265
+
REISERFS_FS_POSIX_ACL = option yes;
266
+
REISERFS_FS_SECURITY = option yes;
350
-
# Native Language Support modules, needed by some filesystems
354
-
NLS_CODEPAGE_437 m # VFAT default for the codepage= mount option
355
-
NLS_ISO8859_1 m # VFAT default for the iocharset= mount option
268
+
JFS_POSIX_ACL = option yes;
269
+
JFS_SECURITY = option yes;
357
-
# Runtime security tests
358
-
${optionalString (versionOlder version "4.11") ''
359
-
DEBUG_SET_MODULE_RONX? y # Detect writes to read-only module pages
271
+
XFS_QUOTA = option yes;
272
+
XFS_POSIX_ACL = option yes;
273
+
XFS_RT = option yes; # XFS Realtime subvolume support
362
-
# Security related features.
364
-
STRICT_DEVMEM? y # Filter access to /dev/mem
365
-
SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default
366
-
SECURITY_YAMA? y # Prevent processes from ptracing non-children processes
367
-
DEVKMEM n # Disable /dev/kmem
368
-
${optionalString (! stdenv.hostPlatform.isAarch32)
369
-
(if versionOlder version "3.14" then ''
370
-
CC_STACKPROTECTOR? y # Detect buffer overflows on the stack
371
-
'' else optionalString (versionOlder version "4.18") ''
372
-
CC_STACKPROTECTOR_REGULAR? y
374
-
${optionalString (versionAtLeast version "3.12") ''
375
-
USER_NS y # Support for user namespaces
275
+
OCFS2_DEBUG_MASKLOG = option no;
379
-
SECURITY_APPARMOR y
380
-
DEFAULT_SECURITY_APPARMOR y
277
+
BTRFS_FS_POSIX_ACL = yes;
382
-
# Microcode loading support
386
-
${optionalString (versionAtLeast version "3.11" && versionOlder version "4.4") ''
388
-
MICROCODE_INTEL_EARLY y
389
-
MICROCODE_AMD_EARLY y
279
+
UBIFS_FS_ADVANCED_COMPR = option yes;
392
-
${optionalString (versionAtLeast version "4.10") ''
393
-
# Write Back Throttling
394
-
# https://lwn.net/Articles/682582/
395
-
# https://bugzilla.kernel.org/show_bug.cgi?id=12309#c655
282
+
F2FS_FS_SECURITY = option yes;
283
+
F2FS_FS_ENCRYPTION = option yes;
403
-
8139TOO_PIO n # PIO is slower
404
-
AIC79XX_DEBUG_ENABLE n
405
-
AIC7XXX_DEBUG_ENABLE n
407
-
${optionalString (versionAtLeast version "3.3" && versionOlder version "3.13") ''
408
-
AUDIT_LOGINUID_IMMUTABLE y
410
-
${optionalString (versionOlder version "4.4") ''
414
-
BLK_DEV_INTEGRITY y
415
-
BSD_PROCESS_ACCT_V3 y
417
-
BT_HCIUART_H4? y # UART (H4) protocol support
419
-
BT_RFCOMM_TTY? y # RFCOMM TTY support
422
-
DVB_DYNAMIC_MINORS? y # we use udev
423
-
EFI_STUB y # EFI bootloader in the bzImage itself
424
-
CGROUPS y # used by systemd
425
-
FHANDLE y # used by systemd
426
-
SECCOMP y # used by systemd >= 231
427
-
SECCOMP_FILTER y # ditto
430
-
FUSION y # Fusion MPT device support
431
-
IDE n # deprecated IDE support
432
-
${optionalString (versionAtLeast version "4.3") ''
433
-
IDLE_PAGE_TRACKING y
435
-
${optionalString (versionOlder version "4.17") ''
436
-
IRDA_ULTRA y # Ultra (connectionless) protocol
438
-
JOYSTICK_IFORCE_232? y # I-Force Serial joysticks and wheels
439
-
JOYSTICK_IFORCE_USB? y # I-Force USB joysticks and wheels
440
-
JOYSTICK_XPAD_FF? y # X-Box gamepad rumble support
441
-
JOYSTICK_XPAD_LEDS? y # LED Support for Xbox360 controller 'BigX' LED
444
-
LDM_PARTITION y # Windows Logical Disk Manager (Dynamic Disk) support
445
-
LOGIRUMBLEPAD2_FF y # Logitech Rumblepad 2 force feedback
446
-
LOGO n # not needed
449
-
${optionalString (versionAtLeast version "3.15" && versionOlder version "4.8") ''
452
-
${optionalString (versionOlder version "4.9") ''
455
-
MOUSE_PS2_ELANTECH y # Elantech PS/2 protocol extension
457
-
NET_FC y # Fibre Channel driver support
458
-
${optionalString (versionAtLeast version "3.11") ''
459
-
PINCTRL_BAYTRAIL y # GPIO on Intel Bay Trail, for some Chromebook internal eMMC disks
461
-
MMC_BLOCK_MINORS 32 # 8 is default. Modern gpt tables on eMMC may go far beyond 8.
462
-
PPP_MULTILINK y # PPP multilink support
464
-
REGULATOR y # Voltage and Current Regulator Support
465
-
RC_DEVICES? y # Enable IR devices
470
-
SCSI_LOGGING y # SCSI logging facility
471
-
SERIAL_8250 y # 8250/16550 and compatible serial support
472
-
SLIP_COMPRESSED y # CSLIP compressed headers
475
-
THERMAL_HWMON y # Hardware monitoring support
476
-
${optionalString (versionAtLeast version "3.15") ''
479
-
${optionalString (versionOlder version "3.15") ''
482
-
USB_EHCI_ROOT_HUB_TT y # Root Hub Transaction Translators
483
-
USB_EHCI_TT_NEWSCHED y # Improved transaction translator scheduling
484
-
${optionalString (versionAtLeast version "4.3") ''
487
-
X86_CHECK_BIOS_CORRUPTION y
286
+
NFSD_PNFS = whenBetween "4.0" "4.6" yes;
291
+
NFSD_V4_SECURITY_LABEL = whenAtLeast "3.11" yes;
294
+
NFS_SWAP = whenAtLeast "3.6" yes;
296
+
NFS_V4_1 = whenAtLeast "3.11" yes; # NFSv4.1 client support
297
+
NFS_V4_2 = whenAtLeast "3.11" yes;
298
+
NFS_V4_SECURITY_LABEL = whenAtLeast "3.11" yes;
302
+
CIFS_FSCACHE = yes;
304
+
CIFS_WEAK_PW_HASH = yes;
307
+
CIFS_DFS_UPCALL = yes;
308
+
CIFS_SMB2 = whenOlder "4.13" yes;
310
+
CEPH_FSCACHE = whenAtLeast "3.12" yes;
311
+
CEPH_FS_POSIX_ACL = whenAtLeast "3.14" yes;
313
+
SQUASHFS_FILE_DIRECT = whenAtLeast "3.13" yes;
314
+
SQUASHFS_DECOMP_MULTI_PERCPU = whenAtLeast "3.13" yes;
315
+
SQUASHFS_XATTR = yes;
316
+
SQUASHFS_ZLIB = yes;
317
+
SQUASHFS_LZO = yes;
319
+
SQUASHFS_LZ4 = whenAtLeast "3.19" yes;
321
+
# Native Language Support modules, needed by some filesystems
323
+
NLS_DEFAULT = "utf8";
325
+
NLS_CODEPAGE_437 = module; # VFAT default for the codepage= mount option
326
+
NLS_ISO8859_1 = module; # VFAT default for the iocharset= mount option
332
+
# Detect writes to read-only module pages
333
+
DEBUG_SET_MODULE_RONX = option (whenOlder "4.11" yes);
334
+
RANDOMIZE_BASE = option yes;
335
+
STRICT_DEVMEM = option yes; # Filter access to /dev/mem
336
+
SECURITY_SELINUX_BOOTPARAM_VALUE = "0"; # Disable SELinux by default
337
+
# Prevent processes from ptracing non-children processes
338
+
SECURITY_YAMA = option yes;
339
+
DEVKMEM = when (!grsecurity) no; # Disable /dev/kmem
341
+
USER_NS = whenAtLeast "3.12" yes; # Support for user namespaces
343
+
SECURITY_APPARMOR = yes;
344
+
DEFAULT_SECURITY_APPARMOR = yes;
346
+
AUDIT_LOGINUID_IMMUTABLE = whenBetween "3.3" "3.13" yes;
347
+
} // optionalAttrs (!stdenv.hostPlatform.isAarch32) {
349
+
# Detect buffer overflows on the stack
350
+
CC_STACKPROTECTOR = option (whenOlder "3.14" yes);
351
+
CC_STACKPROTECTOR_REGULAR = option (whenOlder "4.18" yes);
356
+
MICROCODE_INTEL = yes;
357
+
MICROCODE_AMD = yes;
359
+
MICROCODE_EARLY = whenBetween "3.11" "4.4" yes;
360
+
MICROCODE_INTEL_EARLY = whenBetween "3.11" "4.4" yes;
361
+
MICROCODE_AMD_EARLY = whenBetween "3.11" "4.4" yes;
362
+
} // optionalAttrs (versionAtLeast version "4.10") {
363
+
# Write Back Throttling
364
+
# https://lwn.net/Articles/682582/
365
+
# https://bugzilla.kernel.org/show_bug.cgi?id=12309#c655
372
+
NAMESPACES = option yes; # Required by 'unshare' used by 'nixos-install'
373
+
RT_GROUP_SCHED = no;
374
+
CGROUP_DEVICE = option yes;
376
+
MEMCG = whenAtLeast "3.6" yes;
377
+
MEMCG_SWAP = whenAtLeast "3.6" yes;
378
+
CGROUP_MEM_RES_CTLR = whenOlder "3.6" yes;
379
+
CGROUP_MEM_RES_CTLR_SWAP = whenOlder "3.6" yes;
381
+
DEVPTS_MULTIPLE_INSTANCES = whenOlder "4.7" yes;
382
+
BLK_DEV_THROTTLING = yes;
383
+
CFQ_GROUP_IOSCHED = yes;
384
+
CGROUP_PIDS = whenAtLeast "4.3" yes;
388
+
# Enable staging drivers. These are somewhat experimental, but
389
+
# they generally don't hurt.
394
+
# PROC_EVENTS requires that the netlink connector is not built
395
+
# as a module. This is required by libcgroup's cgrulesengd.
403
+
FUNCTION_TRACER = yes;
404
+
FTRACE_SYSCALLS = yes;
405
+
SCHED_TRACER = yes;
406
+
STACK_TRACER = yes;
407
+
UPROBE_EVENT = option (whenOlder "4.11" yes);
408
+
UPROBE_EVENTS = option (whenAtLeast "4.11" yes);
409
+
BPF_SYSCALL = whenAtLeast "4.4" yes;
410
+
BPF_EVENTS = whenAtLeast "4.4" yes;
411
+
FUNCTION_PROFILER = yes;
412
+
RING_BUFFER_BENCHMARK = no;
416
+
PARAVIRT = option yes;
418
+
HYPERVISOR_GUEST = when (!grsecurity && versionAtLeast version "3.10") yes;
419
+
PARAVIRT_GUEST = option (when (!grsecurity && versionOlder version "3.10") yes);
420
+
PARAVIRT_SPINLOCKS = option yes;
422
+
KVM_APIC_ARCHITECTURE = whenOlder "4.8" yes;
423
+
KVM_ASYNC_PF = yes;
424
+
KVM_CLOCK = option (whenOlder "3.7" yes);
425
+
KVM_COMPAT = option (whenBetween "4.0" "4.12" yes);
426
+
KVM_DEVICE_ASSIGNMENT = option (whenBetween "3.10" "4.12" yes);
427
+
KVM_GENERIC_DIRTYLOG_READ_PROTECT = whenAtLeast "4.0" yes;
428
+
KVM_GUEST = when (!grsecurity) yes;
430
+
KVM_VFIO = whenAtLeast "3.13" yes;
432
+
VIRT_DRIVERS = yes;
433
+
# We nneed 64 GB (PAE) support for Xen guest support
434
+
HIGHMEM64G = option (when (!stdenv.is64bit) yes);
436
+
VFIO_PCI_VGA = when (versionAtLeast version "3.9" && stdenv.is64bit) yes;
438
+
} // optionalAttrs (stdenv.isx86_64 || stdenv.isi686) ({
441
+
# XXX: why isn't this in the xen-dom0 conditional section below?
442
+
XEN_DOM0 = option yes;
444
+
} // optionalAttrs (versionAtLeast version "3.18" && xen_dom0) {
445
+
PCI_XEN = option yes;
446
+
HVC_XEN = option yes;
447
+
HVC_XEN_FRONTEND = option yes;
448
+
XEN_SYS_HYPERVISOR = option yes;
449
+
SWIOTLB_XEN = option yes;
450
+
XEN_BACKEND = option yes;
451
+
XEN_BALLOON = option yes;
452
+
XEN_BALLOON_MEMORY_HOTPLUG = option yes;
453
+
XEN_EFI = option yes;
454
+
XEN_HAVE_PVMMU = option yes;
455
+
XEN_MCE_LOG = option yes;
456
+
XEN_PVH = option yes;
457
+
XEN_PVHVM = option yes;
458
+
XEN_SAVE_RESTORE = option yes;
459
+
XEN_SCRUB_PAGES = option yes;
460
+
XEN_SELFBALLOONING = option yes;
461
+
XEN_STUB = option yes;
462
+
XEN_TMEM = option yes;
466
+
MEDIA_DIGITAL_TV_SUPPORT = yes;
467
+
MEDIA_CAMERA_SUPPORT = yes;
468
+
MEDIA_RC_SUPPORT = whenOlder "4.14" yes;
469
+
MEDIA_CONTROLLER = yes;
470
+
MEDIA_PCI_SUPPORT = yes;
471
+
MEDIA_USB_SUPPORT = yes;
472
+
MEDIA_ANALOG_TV_SUPPORT = yes;
473
+
VIDEO_STK1160_COMMON = module;
474
+
VIDEO_STK1160_AC97 = whenOlder "4.11" yes;
478
+
# Enable the 9P cache to speed up NixOS VM tests.
479
+
"9P_FSCACHE" = option yes;
480
+
"9P_FS_POSIX_ACL" = option yes;
484
+
TRANSPARENT_HUGEPAGE = option yes;
485
+
TRANSPARENT_HUGEPAGE_ALWAYS = option no;
486
+
TRANSPARENT_HUGEPAGE_MADVISE = option yes;
491
+
ZSWAP = option yes;
493
+
ZSMALLOC = if (versionOlder version "3.18") then yes else module;
497
+
# Enable PCIe and USB for the brcmfmac driver
498
+
BRCMFMAC_USB = option yes;
499
+
BRCMFMAC_PCIE = option yes;
502
+
# Support x2APIC (which requires IRQ remapping)
503
+
x2apic = optionalAttrs (stdenv.system == "x86_64-linux") {
509
+
# For older kernels, painstakingly disable each symbol.
511
+
# Disable various self-test modules that have no use in a production system
512
+
# This menu disables all/most of them on >= 4.16
513
+
RUNTIME_TESTING_MENU = option no;
514
+
} // optionalAttrs (versionOlder version "4.16") {
515
+
ARM_KPROBES_TEST = option no;
516
+
ASYNC_RAID6_TEST = option no;
517
+
ATOMIC64_SELFTEST = option no;
518
+
BACKTRACE_SELF_TEST = option no;
519
+
INTERVAL_TREE_TEST = option no;
520
+
PERCPU_TEST = option no;
521
+
RBTREE_TEST = option no;
522
+
TEST_BITMAP = option no;
523
+
TEST_BPF = option no;
524
+
TEST_FIRMWARE = option no;
525
+
TEST_HASH = option no;
526
+
TEST_HEXDUMP = option no;
527
+
TEST_KMOD = option no;
528
+
TEST_KSTRTOX = option no;
529
+
TEST_LIST_SORT = option no;
530
+
TEST_LKM = option no;
531
+
TEST_PARMAN = option no;
532
+
TEST_PRINTF = option no;
533
+
TEST_RHASHTABLE = option no;
534
+
TEST_SORT = option no;
535
+
TEST_STATIC_KEYS = option no;
536
+
TEST_STRING_HELPERS = option no;
537
+
TEST_UDELAY = option no;
538
+
TEST_USER_COPY = option no;
539
+
TEST_UUID = option no;
541
+
CRC32_SELFTEST = option no;
542
+
CRYPTO_TEST = option no;
543
+
EFI_TEST = option no;
544
+
GLOB_SELFTEST = option no;
545
+
DRM_DEBUG_MM_SELFTEST = option (whenOlder "4.18" no);
546
+
LNET_SELFTEST = option (whenOlder "4.18" no);
547
+
LOCK_TORTURE_TEST = option no;
548
+
MTD_TESTS = option no;
549
+
NOTIFIER_ERROR_INJECTION = option no;
550
+
RCU_PERF_TEST = option no;
551
+
RCU_TORTURE_TEST = option no;
552
+
TEST_ASYNC_DRIVER_PROBE = option no;
553
+
WW_MUTEX_SELFTEST = option no;
554
+
XZ_DEC_TEST = option no;
555
+
} // optionalAttrs (features.criu or false) ({
557
+
CHECKPOINT_RESTORE = yes;
558
+
} // optionalAttrs (features.criu_revert_expert or true) {
559
+
RFKILL_INPUT = option yes;
560
+
HID_PICOLCD_FB = option yes;
561
+
HID_PICOLCD_BACKLIGHT = option yes;
562
+
HID_PICOLCD_LCD = option yes;
563
+
HID_PICOLCD_LEDS = option yes;
564
+
HID_PICOLCD_CIR = option yes;
565
+
DEBUG_MEMORY_INIT = option yes;
570
+
MODULE_COMPRESS = whenAtLeast "3.18" yes;
571
+
MODULE_COMPRESS_XZ = whenAtLeast "3.18" yes;
574
+
# Unix domain sockets.
577
+
# Device mapper (RAID, LVM, etc.)
580
+
# Enable initrd support.
582
+
BLK_DEV_INITRD = yes;
585
+
PM_TRACE_RTC = no; # Disable some expensive (?) features.
586
+
ACCESSIBILITY = yes; # Accessibility support
587
+
AUXDISPLAY = yes; # Auxiliary Display support
588
+
DONGLE = whenOlder "4.17" yes; # Serial dongle support
590
+
MTD_COMPLEX_MAPPINGS = yes; # needed for many devices
591
+
NET_POCKET = whenOlder "3.2" yes; # enable pocket and portable adapters
593
+
SCSI_LOWLEVEL = yes; # enable lots of SCSI devices
594
+
SCSI_LOWLEVEL_PCMCIA = yes;
595
+
SCSI_SAS_ATA = yes; # added to enable detection of hard drive
597
+
SPI = yes; # needed for many devices
601
+
"8139TOO_8129" = yes;
602
+
"8139TOO_PIO" = no; # PIO is slower
490
-
${optionalString (versionAtLeast version "3.12") ''
491
-
HOTPLUG_PCI_ACPI y # PCI hotplug using ACPI
492
-
HOTPLUG_PCI_PCIE y # PCI-Expresscard hotplug support
604
+
AIC79XX_DEBUG_ENABLE = no;
605
+
AIC7XXX_DEBUG_ENABLE = no;
606
+
AIC94XX_DEBUG = no;
607
+
AUDIT_LOGINUID_IMMUTABLE = whenBetween "3.3" "3.13" yes;
608
+
B43_PCMCIA = option (whenOlder "4.4" yes);
610
+
BLK_DEV_INTEGRITY = yes;
496
-
# Linux containers.
497
-
NAMESPACES? y # Required by 'unshare' used by 'nixos-install'
502
-
${optionalString (versionOlder version "4.7") "DEVPTS_MULTIPLE_INSTANCES y"}
503
-
BLK_DEV_THROTTLING y
504
-
CFQ_GROUP_IOSCHED y
505
-
${optionalString (versionAtLeast version "4.3") ''
612
+
BSD_PROCESS_ACCT_V3 = yes;
509
-
# Enable staging drivers. These are somewhat experimental, but
510
-
# they generally don't hurt.
614
+
BT_HCIUART_BCSP = option yes;
615
+
BT_HCIUART_H4 = option yes; # UART (H4) protocol support
616
+
BT_HCIUART_LL = option yes;
617
+
BT_RFCOMM_TTY = option (whenAtLeast "3.4" yes); # RFCOMM TTY support
513
-
# PROC_EVENTS requires that the netlink connector is not built
514
-
# as a module. This is required by libcgroup's cgrulesengd.
619
+
CLEANCACHE = option yes;
620
+
CRASH_DUMP = option no;
622
+
DMAR = option (whenOlder "3.1" no); # experimental
526
-
${if versionOlder version "4.11" then ''
624
+
DVB_DYNAMIC_MINORS = option yes; # we use udev
532
-
${optionalString (versionAtLeast version "4.4") ''
536
-
FUNCTION_PROFILER y
537
-
RING_BUFFER_BENCHMARK n
626
+
EFI_STUB = whenAtLeast "3.3" yes; # EFI bootloader in the bzImage itself
627
+
CGROUPS = yes; # used by systemd
628
+
FHANDLE = yes; # used by systemd
629
+
SECCOMP = yes; # used by systemd >= 231
630
+
SECCOMP_FILTER = yes; # ditto
631
+
POSIX_MQUEUE = yes;
633
+
FUSION = yes; # Fusion MPT device support
634
+
IDE = no; # deprecated IDE support
635
+
IDLE_PAGE_TRACKING = whenAtLeast "4.3" yes;
636
+
IRDA_ULTRA = whenOlder "4.17" yes; # Ultra (connectionless) protocol
539
-
# Devtmpfs support.
638
+
JOYSTICK_IFORCE_232 = option yes; # I-Force Serial joysticks and wheels
639
+
JOYSTICK_IFORCE_USB = option yes; # I-Force USB joysticks and wheels
640
+
JOYSTICK_XPAD_FF = option yes; # X-Box gamepad rumble support
641
+
JOYSTICK_XPAD_LEDS = option yes; # LED Support for Xbox360 controller 'BigX' LED
542
-
# Easier debugging of NFS issues.
643
+
KEXEC_FILE = option yes;
644
+
KEXEC_JUMP = option yes;
548
-
PARAVIRT_SPINLOCKS? y
549
-
${optionalString (versionOlder version "4.8") ''
550
-
KVM_APIC_ARCHITECTURE y
553
-
${optionalString ((versionAtLeast version "4.0") && (versionOlder version "4.12")) ''
556
-
${optionalString (versionOlder version "4.12") ''
557
-
KVM_DEVICE_ASSIGNMENT? y
559
-
${optionalString (versionAtLeast version "4.0") ''
560
-
KVM_GENERIC_DIRTYLOG_READ_PROTECT y
564
-
${optionalString (versionAtLeast version "3.13") ''
567
-
${optionalString (stdenv.isx86_64 || stdenv.isi686) ''
570
-
${optionalString ((versionAtLeast version "3.18") && (features.xen_dom0 or false)) ''
573
-
HVC_XEN_FRONTEND? y
574
-
XEN_SYS_HYPERVISOR? y
578
-
XEN_BALLOON_MEMORY_HOTPLUG? y
584
-
XEN_SAVE_RESTORE? y
586
-
XEN_SELFBALLOONING? y
592
-
${optionalString (!stdenv.is64bit) ''
593
-
HIGHMEM64G? y # We need 64 GB (PAE) support for Xen guest support.
595
-
${optionalString (stdenv.is64bit) ''
646
+
# Windows Logical Disk Manager (Dynamic Disk) support
647
+
LDM_PARTITION = yes;
648
+
LOGIRUMBLEPAD2_FF = yes; # Logitech Rumblepad 2 force feedback
649
+
LOGO = no; # not needed
650
+
MEDIA_ATTACH = yes;
651
+
MEGARAID_NEWGEN = yes;
601
-
MEDIA_DIGITAL_TV_SUPPORT y
602
-
MEDIA_CAMERA_SUPPORT y
603
-
${optionalString (versionOlder version "4.14") ''
607
-
MEDIA_USB_SUPPORT y
608
-
MEDIA_PCI_SUPPORT y
609
-
MEDIA_ANALOG_TV_SUPPORT y
610
-
VIDEO_STK1160_COMMON m
611
-
${optionalString (versionOlder version "4.11") ''
612
-
VIDEO_STK1160_AC97 y
653
+
MLX4_EN_VXLAN = whenBetween "3.15" "4.8" yes;
615
-
# Our initrd init uses shebang scripts, so can't be modular.
655
+
MODVERSIONS = whenOlder "4.9" yes;
656
+
MOUSE_PS2_ELANTECH = yes; # Elantech PS/2 protocol extension
657
+
MTRR_SANITIZER = yes;
658
+
NET_FC = yes; # Fibre Channel driver support
659
+
# GPIO on Intel Bay Trail, for some Chromebook internal eMMC disks
660
+
PINCTRL_BAYTRAIL = whenAtLeast "3.11" yes;
661
+
# 8 is default. Modern gpt tables on eMMC may go far beyond 8.
662
+
MMC_BLOCK_MINORS = "32";
618
-
# For systemd-binfmt
621
-
# Enable the 9P cache to speed up NixOS VM tests.
665
+
REGULATOR = yes; # Voltage and Current Regulator Support
666
+
RC_DEVICES = option (whenAtLeast "3.6" yes); # Enable IR devices
625
-
# Enable transparent support for huge pages.
626
-
TRANSPARENT_HUGEPAGE? y
627
-
TRANSPARENT_HUGEPAGE_ALWAYS? n
628
-
TRANSPARENT_HUGEPAGE_MADVISE? y
668
+
RT2800USB_RT53XX = yes;
669
+
RT2800USB_RT55XX = whenAtLeast "3.10" yes;
630
-
# zram support (e.g for in-memory compressed swap).
634
-
${optionalString (versionOlder version "3.18") ''
637
-
${optionalString (versionAtLeast version "3.18") ''
671
+
SCHED_AUTOGROUP = yes;
672
+
CFS_BANDWIDTH = yes;
641
-
# Enable PCIe and USB for the brcmfmac driver
674
+
SCSI_LOGGING = yes; # SCSI logging facility
675
+
SERIAL_8250 = yes; # 8250/16550 and compatible serial support
645
-
# Support x2APIC (which requires IRQ remapping).
646
-
${optionalString (stdenv.system == "x86_64-linux") ''
677
+
SLIP_COMPRESSED = yes; # CSLIP compressed headers
651
-
# needed for iwd WPS support (wpa_supplicant replacement)
652
-
${optionalString (versionAtLeast version "4.7") ''
653
-
KEY_DH_OPERATIONS y
681
+
THERMAL_HWMON = yes; # Hardware monitoring support
682
+
UEVENT_HELPER = whenAtLeast "3.15" no;
656
-
# Disable the firmware helper fallback, udev doesn't implement it any more
657
-
FW_LOADER_USER_HELPER_FALLBACK? n
684
+
USERFAULTFD = whenAtLeast "4.3" yes;
685
+
X86_CHECK_BIOS_CORRUPTION = yes;
659
-
# Disable various self-test modules that have no use in a production system
660
-
# This menu disables all/most of them on >= 4.16
661
-
RUNTIME_TESTING_MENU? n
662
-
# For older kernels, painstakingly disable each symbol.
663
-
${optionalString (versionOlder version "4.16") ''
664
-
ARM_KPROBES_TEST? n
665
-
ASYNC_RAID6_TEST? n
666
-
ATOMIC64_SELFTEST? n
667
-
BACKTRACE_SELF_TEST? n
668
-
INTERVAL_TREE_TEST? n
684
-
TEST_STATIC_KEYS? n
685
-
TEST_STRING_HELPERS? n
688
+
# Our initrd init uses shebang scripts, so can't be modular.
689
+
BINFMT_SCRIPT = whenAtLeast "3.10" yes;
690
+
# For systemd-binfmt
691
+
BINFMT_MISC = option yes;
693
-
${optionalString (versionOlder version "4.18") ''
694
-
DRM_DEBUG_MM_SELFTEST? n
699
-
LOCK_TORTURE_TEST? n
701
-
NOTIFIER_ERROR_INJECTION? n
703
-
RCU_TORTURE_TEST? n
704
-
TEST_ASYNC_DRIVER_PROBE? n
705
-
WW_MUTEX_SELFTEST? n
693
+
# Disable the firmware helper fallback, udev doesn't implement it any more
694
+
FW_LOADER_USER_HELPER_FALLBACK = option no;
708
-
${optionalString (features.criu or false) ''
710
-
CHECKPOINT_RESTORE y
696
+
HOTPLUG_PCI_ACPI = whenAtLeast "3.12" yes; # PCI hotplug using ACPI
697
+
HOTPLUG_PCI_PCIE = whenAtLeast "3.12" yes; # PCI-Expresscard hotplug support
713
-
${optionalString ((features.criu or false) && (features.criu_revert_expert or true))
714
-
# Revert some changes, introduced by EXPERT, when necessary for criu
718
-
HID_PICOLCD_BACKLIGHT? y
720
-
HID_PICOLCD_LEDS? y
722
-
DEBUG_MEMORY_INIT? y
699
+
} // optionalAttrs (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "aarch64-linux") {
700
+
# Bump the maximum number of CPUs to support systems like EC2 x1.*
701
+
# instances and Xeon Phi.
705
+
in (generateNixKConf ((flattenKConf options) // structuredExtraConfig) mkValueOverride) + extraConfig
pyrox.dev