From e82d1792c9c9fc4ad1c4ac07f52b30d7003e0dd6 Mon Sep 17 00:00:00 2001
From: Katherina Walshe-Grey <git@qenya.tel>
Date: Mon, 8 Sep 2025 12:39:40 +0100
Subject: [PATCH] boot, tailscale: Apply kernel regression patch instead of
 workarounds

---
 common/boot.nix      | 13 +++++++++++++
 common/tailscale.nix | 17 -----------------
 2 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/common/boot.nix b/common/boot.nix
index 342b3d0..56a0896 100644
--- a/common/boot.nix
+++ b/common/boot.nix
@@ -11,6 +11,19 @@ in
     efi.canTouchEfiVariables = true;
   };
 
+  boot.kernelPatches = [
+    # Fix the /proc/net/tcp seek issue
+    # Impacts tailscale: https://github.com/tailscale/tailscale/issues/16966
+    {
+      name = "proc: fix missing pde_set_flags() for net proc files";
+      patch = pkgs.fetchurl {
+        name = "fix-missing-pde_set_flags-for-net-proc-files.patch";
+        url = "https://patchwork.kernel.org/project/linux-fsdevel/patch/20250821105806.1453833-1-wangzijie1@honor.com/raw/";
+        hash = "sha256-DbQ8FiRj65B28zP0xxg6LvW5ocEH8AHOqaRbYZOTDXg=";
+      };
+    }
+  ];
+
   services.resolved = {
     enable = true;
     fallbackDns = [ ];
diff --git a/common/tailscale.nix b/common/tailscale.nix
index 142b0c4..1fa1da8 100644
--- a/common/tailscale.nix
+++ b/common/tailscale.nix
@@ -20,21 +20,4 @@
   };
 
   networking.domain = "birdsong.network";
-
-  # Workaround for: https://github.com/tailscale/tailscale/issues/16966
-  nixpkgs.overlays = [
-    (_: prev: {
-      tailscale = prev.tailscale.overrideAttrs (old: {
-        checkFlags =
-          builtins.map
-            (
-              flag:
-              if prev.lib.hasPrefix "-skip=" flag
-              then flag + "|^TestGetList$|^TestIgnoreLocallyBoundPorts$|^TestPoller$"
-              else flag
-            )
-            old.checkFlags;
-      });
-    })
-  ];
 }