This has three major benefits:
1. We no longer have two kernel build processes to maintain
2. The build process is (IMO) cleaner and cleaves more closely to
upstream. In partuclar, we use make install to install the kernel and
development source/build trees, eliminating the guesswork about which
files to copy.
3. The derivation has multiple outputs: the kernel and modules are in
the default `out' output, while the build and source trees are in a
`dev' output. This makes it possible for the full source and build tree
to be kept (which is expected by out-of-tree modules) without bloating
the closure of the system derivation.
In addition, if a solution for how to handle queries in the presence of
imports from derivations ever makes it into nix, a framework for
querying the full configuration of the kernel in nix expressions is
already in place.
Signed-off-by: Shea Levy <shea@shealevy.com>
With this, I was able to successfully compile a defconfig kernel for the
sheevaplug, though I didn't actually try to run it (not having a
sheevaplug myself).
For native compiles, the most significant difference is that the
platform's kernel target is built directly rather than hoping the
default make target will pull it in.
Also some stylistic improvements along the way.
Signed-off-by: Shea Levy <shea@shealevy.com>
In addition to replacing use of a feature with IMO confusing semantics,
this will also let us cleanly separate out all-packages.nix into
category-specific files without changing the structure of the pkgs
attrset.
Signed-off-by: Shea Levy <shea@shealevy.com>
This patch also bumps up the HPN version of openssh so that it compiles
on top of 6.4. Along with the bump, a package was added for the high
performance networking version.
The gcmrekey patch was removed as this vulnerability is fixed in
version 6.4 onward. http://www.openssh.org/txt/gcmrekey.adv
