AppArmor: add a sample patched kernel.

2013-05-11 08:44:30 +03:00 · 2013-05-11 08:44:30 +03:00 · 8d7e1a79cc
parent a9459797e2
commit 8d7e1a79cc
2 changed files with 23 additions and 1 deletions
--- a/pkgs/os-specific/linux/kernel/patches.nix
+++ b/pkgs/os-specific/linux/kernel/patches.nix
@ -1,4 +1,4 @@
-{ stdenv, fetchurl, fetchgit }:
+{ stdenv, fetchurl, fetchgit, apparmor }:

 let

@ -36,10 +36,23 @@ let
      '';
    };

+  makeAppArmorPatch = {apparmor, version}:
+    stdenv.mkDerivation {
+      name = "apparmor-${version}.patch";
+      phases = ["installPhase"];
+      installPhase = ''
+        cat ${apparmor}/kernel-patches/${version}/* > $out
+      '';
+    };
 in

 rec {

+  apparmor_3_2 = {
+    features.apparmor = true;
+    patch = makeAppArmorPatch { version = "3.2"; inherit apparmor; };
+  };
+
  sec_perm_2_6_24 =
    { name = "sec_perm-2.6.24";
      patch = ./sec_perm-2.6.24.patch;
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -5963,6 +5963,14 @@ let
      ];
  };

+  linux_3_2_apparmor = linux_3_2.override {
+    kernelPatches = [ kernelPatches.apparmor_3_2 ];
+    extraConfig = ''
+      SECURITY_APPARMOR y
+      DEFAULT_SECURITY_APPARMOR y
+    '';
+  };
+
  linux_3_2_xen = linux_3_2.override {
    extraConfig = ''
      XEN_DOM0 y
@ -6135,6 +6143,7 @@ let
  # Build the kernel modules for the some of the kernels.
  linuxPackages_3_0 = recurseIntoAttrs (linuxPackagesFor linux_3_0 linuxPackages_3_0);
  linuxPackages_3_2 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_2 linuxPackages_3_2);
+  linuxPackages_3_2_apparmor = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_2_apparmor linuxPackages_3_2_apparmor);
  linuxPackages_3_2_xen = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_2_xen linuxPackages_3_2_xen);
  linuxPackages_3_4 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_4 linuxPackages_3_4);
  linuxPackages_3_6_rpi = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_6_rpi linuxPackages_3_6_rpi);