packaged unkillable kernel module

mods/unkillable-process-kernel-module.nix

@@ -0,0 +1,167 @@
+{ stdenv
+, lib
+, fetchFromGitHub
+, kernel
+, kmod
+}: let 
+# from: https://ortiz.sh/linux/2020/07/05/UNKILLABLE.html
+srcCode = ''
+  #include <linux/init.h>
+  #include <linux/module.h>
+  #include <linux/kernel.h>
+  #include <linux/types.h>
+  #include <linux/proc_fs.h>
+  #include <linux/sched.h>
+  #include <linux/sched/signal.h>
+  #include <linux/pid.h>
+
+  MODULE_LICENSE("GPL");
+
+  void unkillable_exit(void);
+  int unkillable_init(void);
+
+  /* device access functions */
+  ssize_t unkillable_write(struct file *filp, const char *buf, size_t count, loff_t *f_pos);
+  ssize_t unkillable_read(struct file *filp, char *buf, size_t count, loff_t *f_pos);
+  int unkillable_open(struct inode *inode, struct file *filp);
+  int unkillable_release(struct inode *inode, struct file *filp);
+  struct file_operations unkillable_fops = {
+    .read = unkillable_read,
+    .write = unkillable_write,
+    .open = unkillable_open,
+    .release = unkillable_release
+  };
+
+  /* Declaration of the init and exit functions */
+  module_init(unkillable_init);
+  module_exit(unkillable_exit);
+
+  int unkillable_major = 117;
+
+  int unkillable_init(void) 
+  {
+    if (register_chrdev(unkillable_major, "unkillable", &unkillable_fops) < 0 ) {
+      printk("Unkillable: cannot obtain major number %d\n", unkillable_major);
+      return 1;
+    }
+
+    printk("Inserting unkillable module\n"); 
+    return 0;
+  }
+
+  void unkillable_exit(void) 
+  {
+    unregister_chrdev(unkillable_major, "unkillable");
+    printk("Removing unkillable module\n");
+  }
+
+  int unkillable_open(struct inode *inode, struct file *filp) 
+  {
+    return 0;
+  }
+
+  int unkillable_release(struct inode *inode, struct file *filp) 
+  {
+    return 0;
+  }
+
+  ssize_t unkillable_read(struct file *filp, char *buf, size_t count, loff_t *f_pos) 
+  { 
+    struct pid *pid_struct;
+    struct task_struct *p;
+    
+    /* interpret count to read as target pid */
+    printk("Unkillable: Got pid %d", (int) count);
+
+    /* get the pid struct */
+    pid_struct = find_get_pid((int) count);
+
+    /* get the task_struct from the pid */
+    p = pid_task(pid_struct, PIDTYPE_PID);
+
+    /* add the flag */
+    p->signal->flags = p->signal->flags | SIGNAL_UNKILLABLE;
+    printk("Unkillable: pid %d marked as unkillable\n", (int) count);
+    
+    if (*f_pos == 0) { 
+      *f_pos+=1; 
+      return 1; 
+    } else { 
+      return 0; 
+    }
+  }
+
+  ssize_t unkillable_write(struct file *filp, const char *buf, size_t count, loff_t *f_pos) 
+  {
+    return 0;
+  }
+'';
+srcMakeFile = ''
+obj-m := unkillable.o
+
+all:
+${"\t"}$(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules
+
+unkillable.o:
+${"\t"}$(CC) unkillable.c -o unkillable.o
+
+install:
+${"\t"}$(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules_install
+'';
+srcMakeFileFull = ''
+  obj-m += unkillable.o
+
+  all:
+    make -C /lib/modules/$KERNELRELEASE/build M=$(PWD) modules
+
+  clean:
+    make -C /lib/modules/$KERNELRELEASE/build M=$(PWD) clean
+
+  install:
+    sudo insmod unkillable.ko
+
+  uninstall:
+    sudo rmmod unkillable
+
+  mknod:
+    sudo mknod /dev/unkillable c 117 0
+    sudo chmod 666 /dev/unkillable
+'';
+
+in stdenv.mkDerivation rec {
+  name = "unkillableKernelModule-${version}-${kernel.version}";
+  version = "0.1";
+
+  src = stdenv.mkDerivation {
+    name = "unkillableKernelModule-source";
+    dontUnpack = true;
+    dontPatch = true;
+    dontConfigure = true;
+    buildPhase = ''
+      mkdir -p $out
+      echo '${srcCode}' > $out/unkillable.c
+      echo '${srcMakeFile}' > $out/Makefile
+    '';
+  };
+
+  #preUnpack = ''
+  # mkdir -p source/linux/unkillableKernelModule
+  # '';
+  #sourceRoot = "source/linux/unkillableKernelModule";
+  hardeningDisable = [ "pic" "format" ];
+  nativeBuildInputs = kernel.moduleBuildDependencies;
+
+  makeFlags = [
+    "KERNELRELEASE=${kernel.modDirVersion}"
+    "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"
+    "INSTALL_MOD_PATH=$(out)"
+  ];
+
+  meta = with lib; {
+    description = "A kernel module that makes a char-device /dev/unkillable, from which you can read($your_pid) from, which then makes your process unkillable. code from: https://ortiz.sh/linux/2020/07/05/UNKILLABLE.html";
+    homepage = "https://ortiz.sh/linux/2020/07/05/UNKILLABLE.html";
+    license = licenses.gpl2;
+    maintainers = [ ];
+    platforms = platforms.linux;
+  };
+}

random-pkgs.nix

@@ -4,10 +4,14 @@
 }: let
   pkgs = import nixpkgs { inherit system; };
 in rec {
+
+
   zephyr = inputs.zephyr-nix.packages.${system};
 
+
   one = inputs.zephyr-nix;
 
+
   two-shell = pkgs.mkShell {
     packages = with pkgs; [
       (zephyr.sdk.override {
@@ -27,13 +31,18 @@ in rec {
       export ZEPHYR_BASE=${inputs.zephyr-nix.inputs.zephyr};
     '';
   };
+
+
   three = inputs.zmk-nix.legacyPackages.${system}.fetchZephyrDeps {
     name = "testing-deps";
     hash = "";
     src = self;
   };
+
+
   four = inputs.zephyr-nix.packages.${system}.buildZephyrWorkspace;
 
+
   keyboardRight = inputs.zmk-nix.legacyPackages.${system}.buildKeyboard {
     name = "firmware-right";
 
@@ -48,6 +57,7 @@ in rec {
     zephyrDepsHash = "sha256-/ECQR3x0hzVGB7icGuWeyyNC9HuWmCgS5xA8r30gCAw=";
   };
 
+
   keyboardLeft = inputs.zmk-nix.legacyPackages.${system}.buildKeyboard {
     name = "firmware-left";
 
@@ -62,6 +72,8 @@ in rec {
     zephyrDepsHash = "sha256-/ECQR3x0hzVGB7icGuWeyyNC9HuWmCgS5xA8r30gCAw=";
   };
 
+
+
   keyboardBoth = inputs.zmk-nix.legacyPackages.${system}.buildSplitKeyboard {
     name = "firmware";
 
@@ -76,6 +88,12 @@ in rec {
     zephyrDepsHash = "sha256-/ECQR3x0hzVGB7icGuWeyyNC9HuWmCgS5xA8r30gCAw=";
   };
 
+
+
+  unkillableKernelModule = mypkgs.callPackage ./mods/unkillable-process-kernel-module.nix {
+    kernel = self.nixosConfigurations.main.config.boot.kernelPackages.kernel;
+  };
+
   usbip-kernel = self.nixosConfigurations.main.config.system.build.kernel.overrideAttrs (prev: {
     kernelPatches = prev.kernelPatches or [] ++ [ {
       name = "usbip";