From 4ac44ce7218ac31be0cea74fd06f317269c2b1f8 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:20:50 +0200 Subject: [PATCH 1/8] linux: 4.19.240 -> 4.19.241 --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index c03c5d5afd21..2e1f98af3e20 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.240"; + version = "4.19.241"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1hj6vngynx6kjaczjl77jjwqq0kh0lm6jdqjvakd1cgrppaizb3j"; + sha256 = "04zyi22c2d91k7v2w0s8v112cqqf24km599mn18k2nafq79njqjc"; }; } // (args.argsOverride or {})) From f93833182bc4f09dc1212dc09c27501ff967a82d Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:21:02 +0200 Subject: [PATCH 2/8] linux: 5.15.36 -> 5.15.37 --- pkgs/os-specific/linux/kernel/linux-5.15.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.15.nix b/pkgs/os-specific/linux/kernel/linux-5.15.nix index 44438676ae3d..007258e73360 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.15.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.15.36"; + version = "5.15.37"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -15,6 +15,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1466557034q1fzvpy8vwj8ps3cv2q8s7z76af9y1jz4kgaqmsd1n"; + sha256 = "09n0l9ly111r6jbpgz1kw2q4n4mmcv5jxfhs5bcsiyjp44d0kgqq"; }; } // (args.argsOverride or { })) From cb10c6f5cfb6a9f8de3c9e6113e221e16be79973 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:21:47 +0200 Subject: [PATCH 3/8] linux/hardened/patches/4.14: 4.14.276-hardened1 -> 4.14.277-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index cb73bbed5575..dcac0289242b 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,12 +2,12 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.276-hardened1.patch", - "sha256": "1q0w8fqn9z32r35s3lil9dllkykydnpfp1dkhgvmy5rggbm801ay", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.276-hardened1/linux-hardened-4.14.276-hardened1.patch" + "name": "linux-hardened-4.14.277-hardened1.patch", + "sha256": "1jjbywmwglnsj80dbic14bip6wfllsgqgw7lcn9s8n12mdr42ps2", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.277-hardened1/linux-hardened-4.14.277-hardened1.patch" }, - "sha256": "1rxksrmkh5raz930y9khfg85dglgphrgcvkj21n86m333pajs4mf", - "version": "4.14.276" + "sha256": "058vzn1gcsc194hgwrj78afawz2anm7ga8a1x5m5i4cw8p1arp73", + "version": "4.14.277" }, "4.19": { "patch": { From 4d43ae779d460f22edd40886bfa501235ff1ef02 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:21:59 +0200 Subject: [PATCH 4/8] linux/hardened/patches/4.19: 4.19.239-hardened1 -> 4.19.240-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index dcac0289242b..0f9d847f594c 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -12,12 +12,12 @@ "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.239-hardened1.patch", - "sha256": "1w0h47av90aapz5g5ldny1vrq21n22kxag24byk4b43ndg6q0ksc", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.239-hardened1/linux-hardened-4.19.239-hardened1.patch" + "name": "linux-hardened-4.19.240-hardened1.patch", + "sha256": "1qhrwpjfy5c75zcpvp1b0xb460vyjv04iml2inqrhnj9zcz1kgp8", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.240-hardened1/linux-hardened-4.19.240-hardened1.patch" }, - "sha256": "0fsr9jy8d1rpg6ixp7av01pqz3vq50rgfcjd7vj16ccsdk15sz5z", - "version": "4.19.239" + "sha256": "1hj6vngynx6kjaczjl77jjwqq0kh0lm6jdqjvakd1cgrppaizb3j", + "version": "4.19.240" }, "5.10": { "patch": { From bb404a9c09b7ec41f0bc063c462914240ea4f946 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:22:11 +0200 Subject: [PATCH 5/8] linux/hardened/patches/5.10: 5.10.112-hardened1 -> 5.10.113-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 0f9d847f594c..c7a75b0d92a9 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -22,12 +22,12 @@ "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.112-hardened1.patch", - "sha256": "1sryrhl7bblx4r0smvlzw7p4xhc4l8bsqgwzlj2x8qamj544w464", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.112-hardened1/linux-hardened-5.10.112-hardened1.patch" + "name": "linux-hardened-5.10.113-hardened1.patch", + "sha256": "0v6blapny74fkhsm5rksxg632hv3chh81wgc96l6ql4sy7p19riv", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.113-hardened1/linux-hardened-5.10.113-hardened1.patch" }, - "sha256": "19aa7fq8n75gh0vv01mpxg4cxkfpr5lj0sv6lxiyzcgbc71isv4c", - "version": "5.10.112" + "sha256": "1z3dd5hrdbn2axsi2n70n41q1dq2dvg7s8aph1p6yiajpc16llc2", + "version": "5.10.113" }, "5.15": { "patch": { From ed9d1bfe64f2ccd7642dc0d1c14bee01649b9be4 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:22:24 +0200 Subject: [PATCH 6/8] linux/hardened/patches/5.15: 5.15.35-hardened1 -> 5.15.36-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index c7a75b0d92a9..7cbab2d0d788 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -32,12 +32,12 @@ "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.35-hardened1.patch", - "sha256": "10x2q01bckmfmgdzfg01khj43pav1drzzp3fr20hk718ywikvgax", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.35-hardened1/linux-hardened-5.15.35-hardened1.patch" + "name": "linux-hardened-5.15.36-hardened1.patch", + "sha256": "1y52bayw2n1lc1vp9jz8a39fz32x81ivaw24kc6hdr23yg0a8q5g", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.36-hardened1/linux-hardened-5.15.36-hardened1.patch" }, - "sha256": "1n05c4c4ish25x483a2p5177zgda8pq7g4752n1b7chfygi5l6ha", - "version": "5.15.35" + "sha256": "1466557034q1fzvpy8vwj8ps3cv2q8s7z76af9y1jz4kgaqmsd1n", + "version": "5.15.36" }, "5.4": { "patch": { From b79d9a846b51933229e0b9bfd625b1bb4324cc66 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:22:37 +0200 Subject: [PATCH 7/8] linux/hardened/patches/5.17: init at 5.17.5-hardened1 --- nixos/tests/kernel-generic.nix | 1 + pkgs/os-specific/linux/kernel/hardened/patches.json | 10 ++++++++++ pkgs/top-level/linux-kernels.nix | 1 + 3 files changed, 12 insertions(+) diff --git a/nixos/tests/kernel-generic.nix b/nixos/tests/kernel-generic.nix index f34d5d607940..1e60198abdd0 100644 --- a/nixos/tests/kernel-generic.nix +++ b/nixos/tests/kernel-generic.nix @@ -30,6 +30,7 @@ let linux_5_4_hardened linux_5_10_hardened linux_5_15_hardened + linux_5_17_hardened linux_testing; }; diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 7cbab2d0d788..97321f46cae9 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -39,6 +39,16 @@ "sha256": "1466557034q1fzvpy8vwj8ps3cv2q8s7z76af9y1jz4kgaqmsd1n", "version": "5.15.36" }, + "5.17": { + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-5.17.5-hardened1.patch", + "sha256": "1cv43sp2amai7r75dw07bd2ys6fz1ri9pfra3kaajap55sbalsw0", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.17.5-hardened1/linux-hardened-5.17.5-hardened1.patch" + }, + "sha256": "11z95wsgmj97pg77yck26l0383gncbla0zwpzv4gjdj4p62x3g4v", + "version": "5.17.5" + }, "5.4": { "patch": { "extra": "-hardened1", diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix index 9743acce4b6d..454e1cdca76b 100644 --- a/pkgs/top-level/linux-kernels.nix +++ b/pkgs/top-level/linux-kernels.nix @@ -541,6 +541,7 @@ in { }); linux_5_10_hardened = recurseIntoAttrs (hardenedPackagesFor kernels.linux_5_10 { }); linux_5_15_hardened = recurseIntoAttrs (hardenedPackagesFor kernels.linux_5_15 { }); + linux_5_17_hardened = recurseIntoAttrs (hardenedPackagesFor kernels.linux_5_17 { }); linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen); linux_lqx = recurseIntoAttrs (packagesFor kernels.linux_lqx); From e7675ff05daf09d96395f8add98594b183ca071f Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 6 May 2022 00:22:49 +0200 Subject: [PATCH 8/8] linux/hardened/patches/5.4: 5.4.190-hardened1 -> 5.4.191-hardened1 --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 97321f46cae9..16b0ac27fc6b 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -52,11 +52,11 @@ "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.190-hardened1.patch", - "sha256": "0z4w05fq20pmiyxf4bip61ywy5xg96klbnj62yxiaha68pfwlm29", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.190-hardened1/linux-hardened-5.4.190-hardened1.patch" + "name": "linux-hardened-5.4.191-hardened1.patch", + "sha256": "117v9xb9y3bmppxmrbya5a4d869fh6l7map25g5n03sca56g7c32", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.191-hardened1/linux-hardened-5.4.191-hardened1.patch" }, - "sha256": "157ifcl59xxj721r302hg82vmbqzx5hjrlihrc5s4maxfw3ygm41", - "version": "5.4.190" + "sha256": "0fharjqasvq76pciwci6qamdadpfjh2n8gdyri8fj65drmgsi318", + "version": "5.4.191" } }