From 1bc322d6fd1be7304bb000c94ca43eb38c29d0cd Mon Sep 17 00:00:00 2001
From: Tom Dohrmann <erbse.13@gmx.de>
Date: Tue, 23 Jul 2024 13:42:07 +0200
Subject: [PATCH] kata.kata-kernel-uvm: enable dm-init

We use this kernel module with `dm-mod.create="dm-verit...` to protect
the image file.
---
 packages/by-name/kata/kata-kernel-uvm/package.nix | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/packages/by-name/kata/kata-kernel-uvm/package.nix b/packages/by-name/kata/kata-kernel-uvm/package.nix
index b2e9c38a0a..647095f144 100644
--- a/packages/by-name/kata/kata-kernel-uvm/package.nix
+++ b/packages/by-name/kata/kata-kernel-uvm/package.nix
@@ -18,11 +18,14 @@ let
       hash = "sha256-SY75Ond2WLkY17Zal22GXgNKB3L1LGIyLKv8H/M0Wbw=";
     };
 
-    # We don't use an initrd.
     postPatch = ''
       config=$(find . -regex '.*/config-[0-9.-]+-confidential')
+
+      # 1. We don't use an initrd.
+      # 2. Enable dm-init, so that we can use `dm-mod.create`.
       substituteInPlace $config \
-        --replace-fail 'CONFIG_INITRAMFS_SOURCE="initramfs.cpio.gz"' 'CONFIG_INITRAMFS_SOURCE=""'
+        --replace-fail 'CONFIG_INITRAMFS_SOURCE="initramfs.cpio.gz"' 'CONFIG_INITRAMFS_SOURCE=""' \
+        --replace-fail '# CONFIG_DM_INIT is not set' 'CONFIG_DM_INIT=y'
     '';
 
     dontBuild = true;