Skip to content

Instantly share code, notes, and snippets.

View xddxdd's full-sized avatar

Yuhui Xu xddxdd

196 followers · 49 following
View GitHub Profile
@xddxdd
xddxdd / nixpkgs-shrink-kmods.patch
Created May 9, 2026 07:43
(EXPERIMENTAL) Nixpkgs patch to only allow explicitly defined kernel modules
diff --git a/nixos/modules/system/boot/kernel.nix b/nixos/modules/system/boot/kernel.nix
index 7f2d388b8af3..c01a349e6568 100644
--- a/nixos/modules/system/boot/kernel.nix
+++ b/nixos/modules/system/boot/kernel.nix
@@ -396,6 +396,17 @@ in
let
kernelPath = "${config.boot.kernelPackages.kernel}/" + "${config.system.boot.loader.kernelFile}";
initrdPath = "${config.system.build.initialRamdisk}/" + "${config.system.boot.loader.initrdFile}";
+
+ shrunkModules = pkgs.makeModulesClosure {