From 6eea9ac8683a393f55d270490c91a6f0c2af4fc0 Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Sun, 6 Jan 2019 19:26:08 +0100 Subject: [PATCH 1/2] linux: add feature flag to indicate support for 32bit emulation Motivated by the need to warn users trying to build configurations that depend on being able to run 32bit apps on 64bit kernels. --- pkgs/os-specific/linux/kernel/generic.nix | 1 + pkgs/top-level/all-packages.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/pkgs/os-specific/linux/kernel/generic.nix b/pkgs/os-specific/linux/kernel/generic.nix index e424dff596d3..a731ec3388f6 100644 --- a/pkgs/os-specific/linux/kernel/generic.nix +++ b/pkgs/os-specific/linux/kernel/generic.nix @@ -62,6 +62,7 @@ let netfilterRPFilter = true; grsecurity = false; xen_dom0 = false; + ia32Emulation = true; } // features) kernelPatches; intermediateNixConfig = import ./common-config.nix { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8d00a87c336d..24fcbfda44b7 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14825,6 +14825,7 @@ in # Hardened linux hardenedLinuxPackagesFor = kernel: linuxPackagesFor (kernel.override { + features.ia32Emulation = false; extraConfig = import ../os-specific/linux/kernel/hardened-config.nix { inherit stdenv; inherit (kernel) version; From ab070d1b0b424a49322d70a75b21c4f21e10637a Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Sun, 6 Jan 2019 19:28:35 +0100 Subject: [PATCH 2/2] nixos/opengl: assert 32bit emu support if 32bit support is enabled See https://github.com/NixOS/nixpkgs/issues/51097 --- nixos/modules/hardware/opengl.nix | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/nixos/modules/hardware/opengl.nix b/nixos/modules/hardware/opengl.nix index 48e0072e0892..6b7b8069fd44 100644 --- a/nixos/modules/hardware/opengl.nix +++ b/nixos/modules/hardware/opengl.nix @@ -124,10 +124,14 @@ in config = mkIf cfg.enable { - assertions = lib.singleton { - assertion = cfg.driSupport32Bit -> pkgs.stdenv.isx86_64; - message = "Option driSupport32Bit only makes sense on a 64-bit system."; - }; + assertions = [ + { assertion = cfg.driSupport32Bit -> pkgs.stdenv.isx86_64; + message = "Option driSupport32Bit only makes sense on a 64-bit system."; + } + { assertion = cfg.driSupport32Bit -> (config.boot.kernelPackages.kernel.features.ia32Emulation or false); + message = "Option driSupport32Bit requires a kernel that supports 32bit emulation"; + } + ]; systemd.tmpfiles.rules = [ "L+ /run/opengl-driver - - - - ${package}"