mirror of
https://github.com/NixOS/nixos-hardware.git
synced 2025-11-03 16:57:14 +08:00
b09586b101
The broadcom-sta driver package is marked as insecure due to CVE-2019-9501 and CVE-2019-9502 (heap buffer overflow vulnerabilities allowing remote code execution). The driver is also unmaintained and incompatible with modern Linux kernel security mitigations. Removed broadcom_sta from extraModulePackages and the corresponding "wl" kernel module. This resolves test failures where Nixpkgs refuses to evaluate configurations containing this insecure package.
17 lines
277 B
Nix
17 lines
277 B
Nix
{ config, lib, ... }:
|
|
|
|
{
|
|
imports = [ ../. ];
|
|
|
|
boot.blacklistedKernelModules = [ "bcma" ];
|
|
|
|
boot = {
|
|
# Divides power consumption by two.
|
|
kernelParams = [ "acpi_osi=" ];
|
|
};
|
|
|
|
services.xserver.deviceSection = lib.mkDefault ''
|
|
Option "TearFree" "true"
|
|
'';
|
|
}
|