alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity
113050 commits 217 branches 121 tags 4.5 GiB
Commit graph

2074 commits

Author SHA1 Message Date
Tim Steinbach 690a83091b
linux: FS_ENCRYPTION only for >= 4.9 kernels 2017-05-25 18:25:08 -04:00
Tim Steinbach 8f0ca4f44a
linux: 4.4.69 -> 4.4.70 2017-05-25 18:21:54 -04:00
Tim Steinbach 446c57fdb2
linux: 4.9.29 -> 4.9.30 2017-05-25 18:19:16 -04:00
Tim Steinbach f618a6caa1
linux: 4.11.2 -> 4.11.3 2017-05-25 18:16:57 -04:00
Tim Steinbach aa73b7df30
linux: 4.12-rc1 -> 4.12-rc2 2017-05-22 11:40:04 -04:00
Tim Steinbach a42c54057f
linux: 4.11.1 -> 4.11.2 2017-05-20 17:17:35 -04:00
Tim Steinbach a551ca61b7
linux: 4.9.28 -> 4.9.29 2017-05-20 17:17:34 -04:00
Tim Steinbach 82852ac60e
linux: 4.4.68 -> 4.4.69 2017-05-20 17:17:33 -04:00
Tuomas Tynkkynen de263072b5 kernel: 4.10 is end-of-life 
https://lkml.org/lkml/2017/5/20/75
 2017-05-20 19:54:18 +03:00
Joachim Fasting 77ed860114
linux_hardened: enable checks on scatter-gather tables 
Recommended by kspp
 2017-05-18 12:33:42 +02:00
Tim Steinbach 8eb302d6d7 Merge pull request #25792 from NeQuissimus/linux_4_12_rc1 
linux-testing: 4.11-rc7 -> 4.12-rc1
 2017-05-17 08:30:10 -04:00
Tuomas Tynkkynen a35ec5dda6 linux_rpi: 1.20170303 -> 1.20170427 2017-05-15 11:14:59 +03:00
Tim Steinbach 336b044dcb
linux-testing: 4.11-rc7 -> 4.12-rc1 2017-05-14 22:03:14 -04:00
Tuomas Tynkkynen ba585648e7 kernel: 4.9.27 -> 4.9.28 2017-05-15 01:28:01 +03:00
Tuomas Tynkkynen 8de08ff145 kernel: 4.4.67 -> 4.4.68 2017-05-15 01:27:50 +03:00
Tuomas Tynkkynen c230aee121 kernel: 4.11 -> 4.11.1 2017-05-15 01:27:41 +03:00
Tuomas Tynkkynen 2f1e6c8686 kernel: 4.10.15 -> 4.10.16 2017-05-15 01:27:30 +03:00
Tim Steinbach 8584a16922
linux: 4.10.14 -> 4.10.15 2017-05-09 08:43:37 -04:00
Joachim Fasting 996b65cfba
linux_hardened: enable structleak plugin 
A port of the PaX structleak plugin.  Note that this version of structleak
seems to cover less ground than the PaX original (only marked structs are
zeroed). [1]

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61f13eaa1ee17728c41370100d2d45c254ce76f
 2017-05-09 01:38:26 +02:00
Joachim Fasting 1816e2b960
linux_hardened: BUG on struct validation failure 2017-05-09 01:38:24 +02:00
Joachim Fasting a7ecdffc28
linux_hardened: move to 4.11 
Note that DEBUG_RODATA has been split into STRICT_KERNEL_RWX &
STRICT_MODULE_RWX, which are on by default (non-optional).
 2017-05-09 01:38:22 +02:00
Joachim Fasting 42c58cd2e8
linux_hardened: compile with stackprotector-strong 
Default is regular, which we need to unset for kconfig to accept the new
value.
 2017-05-09 01:38:21 +02:00
Tim Steinbach 8c74ff6534
linux: 4.9.26 -> 4.9.27 2017-05-08 09:26:26 -04:00
Tim Steinbach 4e2c67ff76
linux: 4.4.66 -> 4.4.67 2017-05-08 09:23:52 -04:00
Joachim Fasting a04d8532c2
linux: support using gcc plugins 
linux 4.8 onwards support gcc plugins.  This patch adds build inputs
required to make use of gcc plugins to the generic kernel build
environment.
 2017-05-06 19:47:27 +02:00
Tim Steinbach 2a38ecc055
linux: 4.10.13 -> 4.10.14 2017-05-03 20:46:48 -04:00
Tim Steinbach 6076843be3
linux: 4.9.25 -> 4.9.26 2017-05-03 20:44:09 -04:00
Tim Steinbach af933bc7d3
linux: 4.4.65 -> 4.4.66 2017-05-03 20:41:46 -04:00
Tim Steinbach b5169fd277
linux: Add cgroups patches for 4.9, 4.10, 4.11 2017-05-02 08:49:39 -04:00
Shea Levy 207a0af06a Add linux 4.11 2017-05-01 19:04:45 -04:00
Michael Raskin 1cce0887ee Merge branch 'master' into mptcp-v91.3 2017-05-01 00:43:08 +02:00
Tim Steinbach 0c4de3c0c9
linux: 4.4.64 -> 4.4.65 2017-04-30 08:58:44 -04:00
Joachim Fasting ab4fa1cce4
tree-wide: prune some dead grsec leaves 
The beginning of pruning grsecurity/PaX from the tree.
 2017-04-30 12:05:41 +02:00
Joachim Fasting 62f2a1c2be
linux_hardened: init 
The rationale for this is to have a place to enable hardening features
that are either too invasive or that may be speculative/yet proven to be
worthwhile for general-purpose kernels.
 2017-04-30 12:05:39 +02:00
Joachim Fasting 32b8512e54
grsecurity: discontinue support 
Upstream has decided to make -testing patches private, effectively ceasing
free support for grsecurity/PaX [1].  Consequently, we can no longer
responsibly support grsecurity on NixOS.

This patch turns the kernel and patch expressions into build errors and
adds a warning to the manual, but retains most of the infrastructure, in
an effort to make the transition smoother.  For 17.09 all of it should
probably be pruned.

[1]: https://grsecurity.net/passing_the_baton.php
 2017-04-28 12:35:15 +02:00
Tim Steinbach 7f3b857d0d
linux: 4.4.63 -> 4.4.64 2017-04-27 22:12:35 -04:00
Tim Steinbach 08c44a5cac
linux: 4.10.12 -> 4.10.13 2017-04-27 22:10:06 -04:00
Tim Steinbach 903fec9922
linux: 4.9.24 -> 4.9.25 2017-04-27 22:07:34 -04:00
Jason A. Donenfeld b1750d699c linux-chromiumos: remove 3.14 
3.14 is no longer supported upstream by kernel.org and thus no longer
receives security patches. The git commit mentioned in this .nix isn't
even available in the linked repository --
https://chromium.googlesource.com/chromiumos/third_party/kernel -- so I
think this .nix might be dead anyway. Finally, it specifies 3.14.0,
which is so ridiculously old (the latest was 3.14.79) that nobody
develops for it.

Fixes: #25145
Supports: #25127
 2017-04-23 15:47:46 +02:00
Joachim Fasting 9e6c96f8fc
grsecurity: 4.9.24-201704210851 -> 4.9.24-2201704220732 2017-04-22 16:37:24 +02:00
Joachim Fasting 05911da7bb
grsecurity: 4.9.23-201704181901 -> 4.9.24-201704210851 2017-04-21 15:09:32 +02:00
Tim Steinbach 7fb1b54cc1
linux: 4.4.62 -> 4.4.63 2017-04-21 08:03:43 -04:00
Tim Steinbach 1b3282d52d
linux: 4.10.11 -> 4.10.12 2017-04-21 08:01:22 -04:00
Tim Steinbach 4dda88c89d
linux: 4.9.23 -> 4.9.24 2017-04-21 07:58:45 -04:00
Joachim Fasting 9902d63e84
grsecurity: 4.9.22-201704120836 -> 4.9.23-201704181901 2017-04-20 00:21:41 +02:00
Tim Steinbach 7643c7c8cc
linux: 4.4.61 -> 4.4.62 2017-04-18 08:22:23 -04:00
Tim Steinbach 5283e644ce
linux: 4.10.10 -> 4.10.11 2017-04-18 08:20:40 -04:00
Tim Steinbach 1173fe0b49
linux: 4.9.22 -> 4.9.23 2017-04-18 08:15:48 -04:00
Tim Steinbach 5a7b029fa9
linux: 4.11-rc6 -> 4.11-rc7 2017-04-17 07:41:19 -04:00
Tuomas Tynkkynen 3ed0d7e2df kernel-config: Explicitly enable CONFIG_NETFILTER 
This is needed by the NixOS firewall, but isn't enabled by the ARM
defconfig nor kernelAutoModules (as 'm' doesn't seem to be an option)
 2017-04-14 20:43:50 +03:00
Joachim Fasting 3fa5605b41
grsecurity: 4.9.21-201704091948 -> 4.9.22-201704120836 2017-04-12 18:58:29 +02:00
Tim Steinbach 5f05792417
linux: 4.4.60 -> 4.4.61 2017-04-12 09:17:53 -04:00
Tim Steinbach 6860eedfd6
linux: 4.10.9 -> 4.10.10 2017-04-12 09:16:08 -04:00
Tim Steinbach 224a8f7358
linux: 4.9.21 -> 4.9.22 2017-04-12 09:13:56 -04:00
Tim Steinbach 205abc1fb6
linux: 4.11-rc5 -> 4.11-rc6 2017-04-10 08:34:23 -04:00
Joachim Fasting 7701cbca6b
grsecurity: 4.9.20-201703310823 -> 4.9.21-201704091948 2017-04-10 03:34:42 +02:00
Nikolay Amiantov 7099e8da83 linux: build with initrd support by default 
We don't require initrd in some cases but still most boot sequences including ARM use it.
 2017-04-09 22:46:07 +03:00
Nikolay Amiantov c0e77dba0e linux: add kernelPreferBuiltin platform option 
This allows to use kernelAutoModules but still compile in any options that are set so in template config.
It's helpful for ARM and maybe other platforms where defaul configurations are useful because they compile in
modules that we and udev cannot autodetect now.
 2017-04-09 22:46:07 +03:00
Tim Steinbach 79f9544eca
linux: 4.4.59 -> 4.4.60 2017-04-08 08:04:54 -04:00
Tim Steinbach 1988c1fa41
linux: 4.10.8 -> 4.10.9 2017-04-08 08:02:18 -04:00
Tim Steinbach 016a319b50
linux: 4.9.20 -> 4.9.21 2017-04-08 07:59:27 -04:00
Tim Steinbach a29d0df28c
linux: 4.11-rc4 -> 4.11-rc5 2017-04-03 09:02:37 -04:00
Volth b78f16b337 kernel: do not remove .o files on installPhase 2017-04-01 16:05:17 +03:00
Volth ed41d50e9f kernel: fix 9p issues 
[tuomas: rename the patch from 9p-hacks to something slighly more
meaningful]
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
 2017-04-01 15:49:14 +03:00
Joachim Fasting a41668f441
grsecurity: 4.9.19-201703300917 -> 4.9.20-201703310823 2017-04-01 00:08:50 +02:00
Tim Steinbach cb791371c5
linux: 4.4.58 -> 4.4.59 2017-03-31 09:19:07 -04:00
Tim Steinbach bff456bd55
linux: 4.10.7 -> 4.10.8 2017-03-31 09:16:52 -04:00
Tim Steinbach 501429d120
linux: 4.9.19 -> 4.9.20 2017-03-31 09:14:19 -04:00
Tim Steinbach ecca152887
linux: 4.10.6 -> 4.10.7 2017-03-30 22:12:26 -04:00
Tim Steinbach 6b5193bcd9
linux: 4.4.57 -> 4.4.58 2017-03-30 22:12:05 -04:00
Joachim Fasting f9cb8775b3
linux_4_9: 4.9.18 -> 4.9.19 2017-03-30 22:50:38 +02:00
Joachim Fasting 4d4488e793
grsecurity: 4.9.18-201703261106 -> 4.9.19-201703300917 2017-03-30 16:28:34 +02:00
Tim Steinbach 310bb3e6bb
linux: 4.11-rc3 -> 4.11-rc4 2017-03-26 19:04:21 -04:00
Joachim Fasting 5fe81c1bdb
grsecurity: 4.9.17-201703221829 -> 4.9.18-201703261106 2017-03-26 21:35:36 +02:00
Tim Steinbach 23d0f01e95
linux: 4.4.56 -> 4.4.57 2017-03-26 10:08:56 -04:00
Tim Steinbach c0411ea229
linux: 4.10.5 -> 4.10.6 2017-03-26 10:05:22 -04:00
Tim Steinbach 422a8b9cd1
linux: 4.9.17 -> 4.9.18 2017-03-26 10:00:57 -04:00
Guillaume Maudoux d431ff2776 linux_mptcp: 0.91.2 -> 0.91.3 (kernel 4.1.38) 2017-03-23 22:36:24 +01:00
Robin Gloster 37f7470269
linux: drop 3.12 and 4.1 
Support ends before 17.09 is released:
https://www.kernel.org/category/releases.html
 2017-03-23 22:06:04 +01:00
Tim Steinbach 37a965c1de
linux: 4.10.4 -> 4.10.5 2017-03-23 16:43:31 -04:00
Tim Steinbach a20602d8e2
linux: 4.4.55 -> 4.4.56 2017-03-23 16:38:46 -04:00
Joachim Fasting 94ab4932ae
grsecurity: 4.9.16-201703180820 -> 4.9.17-201703221829 2017-03-23 01:03:14 +01:00
Joachim Fasting a2fdf72ec4
linux_4_9: 4.9.16 -> 4.9.17 2017-03-23 01:03:11 +01:00
Tim Steinbach c60102d177
linux: 4.11-rc2 -> 4.11-rc3 2017-03-21 20:32:36 -04:00
Tim Steinbach bef5607e20
linux: 4.4.54 -> 4.4.55 2017-03-19 12:18:46 -04:00
Tim Steinbach 6879d560cb
linux: 4.10.3 -> 4.10.4 2017-03-19 12:15:40 -04:00
Joachim Fasting b5da6ca213
linux_4_9: 4.9.15 -> 4.9.16 2017-03-18 15:32:56 +01:00
Joachim Fasting d4409817a6
grsecurity: 4.9.15-201703150049 -> 4.9.16-201703180820 2017-03-18 15:32:48 +01:00
Tim Steinbach ca3fb4d1d4
linux: 4.4.53 -> 4.4.54 2017-03-17 17:25:40 -04:00
Tim Steinbach 81ad24d4d7
linux: 4.10.2 -> 4.10.3 2017-03-17 17:19:59 -04:00
Joachim Fasting 12648a455b
linux_4_9: 4.9.14 -> 4.9.15 2017-03-15 20:03:34 +01:00
Joachim Fasting 9e60a17cb8
grsecurity: 4.9.14-201703121245 -> 4.9.15-201703150049 
Contains a fix for the n_hdlc double free bug.
 2017-03-15 07:25:21 +01:00
Franz Pletz 44bd7c45dc
linux_4_10: 4.10.1 -> 4.10.2 2017-03-14 23:08:43 +01:00
Franz Pletz a691c06556
linux_testing: 4.11-rc1 -> 4.11-rc2 2017-03-14 23:08:43 +01:00
Tim Steinbach 18684a4892
linux: 4.1.38 -> 4.1.39 2017-03-13 20:15:42 -04:00
Tim Steinbach 9ac82a773c
linux: 4.4.52 -> 4.4.53 2017-03-13 20:15:26 -04:00
Tuomas Tynkkynen b2c96062ca kernel: Add a validity check for modDirVersion 
Because if you get it wrong, you get a very confusing error message at
the end of the kernel build, which is quite painful as the build can
take a long time.
 2017-03-13 18:47:21 +02:00
Joachim Fasting 8091c1b208
linux_4_9: 4.9.13 -> 4.9.14 2017-03-12 18:44:29 +01:00
Joachim Fasting 4c211bdc63
grsecurity: 4.9.13-201703052141 -> 4.9.14-201703121245 2017-03-12 18:44:27 +01:00
Franz Pletz c1ccedeaff
linux: make some new config settings optional 
These are not support on older kernels pre 4.0.
 2017-03-11 08:14:29 +01:00
Franz Pletz ff2313a6c6
linux: 3.12.70 -> 3.12.71 2017-03-11 08:14:29 +01:00
Tuomas Tynkkynen 77c49794cd linux_testing: 4.10-rc7 -> 4.11-rc1 
Some config options got removed, so conditionalize them.
 2017-03-11 01:27:06 +02:00
Tuomas Tynkkynen 5f5b87107f raspberrypifw, linux_rpi: 1.20161020 -> 1.20170303 2017-03-08 21:35:31 +02:00
Joachim Fasting 17d80c49fa
grsecurity: 4.9.13-201702270729 -> 201703052141 2017-03-06 15:59:30 +01:00
Tuomas Tynkkynen 57c6fac3e9 kernel config: Enable IP_MULTICAST 
This is lacking on ARM and causes libuv tests to fail.
 2017-03-04 12:49:50 +02:00
Franz Pletz 49bdf9803a
linux: IPV6_FOU_TUNNEL is available since 4.7 2017-03-02 17:19:55 +01:00
Franz Pletz 75e85cae42
linux: enable FOU tunnels and VRF interfaces 2017-03-02 17:19:55 +01:00
Joachim Fasting a20a53300d
grsecurity: 4.9.13-201702261126 -> 201702270729 2017-02-27 16:04:32 +01:00
Joachim Fasting f3a6991f3d
grsecurity: 4.9.12-201702231830 -> 4.9.13-201702261126 2017-02-26 18:20:50 +01:00
Franz Pletz 701544d0a7
linux: 4.9.12 -> 4.9.13 2017-02-26 18:09:16 +01:00
Franz Pletz 62857b1f21
linux: 4.4.51 -> 4.4.52 2017-02-26 18:09:16 +01:00
Franz Pletz 8a75569619
linux: 4.10 -> 4.10.1 2017-02-26 18:09:15 +01:00
Joachim Fasting 0150d9a95c
grsecurity: 4.9.11-201702222257 -> 4.9.12-201702231830 2017-02-26 14:01:57 +01:00
Graham Christensen d36b1ccc13
Revert "Revert "linux kernels: patch against DCCP double free (CVE-2017-6074)"" 
This reverts commit 53a2baabbe.
 2017-02-23 19:23:29 -05:00
Graham Christensen 53a2baabbe
Revert "linux kernels: patch against DCCP double free (CVE-2017-6074)" 
This reverts commit 1d68edbef4.
 2017-02-23 18:47:16 -05:00
Graham Christensen 1d68edbef4
linux kernels: patch against DCCP double free (CVE-2017-6074) 2017-02-23 18:44:43 -05:00
Tim Steinbach 82aae8f631
kernel: 4.4.50 -> 4.4.51 2017-02-23 17:47:51 -05:00
Tim Steinbach 18c2be2862
kernel: 4.9.11 -> 4.9.12 2017-02-23 17:47:18 -05:00
Joachim Fasting b92501f0d8
grsecurity: 4.9.11-201702181444 -> 201702222257 2017-02-23 19:18:39 +01:00
Shea Levy f454297a7d linux 4.10 2017-02-20 07:32:46 -05:00
Shea Levy b191ac0d89 Revert "linux 4.10" 
Somehow the tarball was actually linux 4.4.10

This reverts commit fea71f84d0.
 2017-02-20 07:29:47 -05:00
Shea Levy fea71f84d0 linux 4.10 2017-02-20 06:47:49 -05:00
Tim Steinbach 7274fc32d2
linux: 4.4.48 -> 4.4.50 2017-02-18 18:40:04 -05:00
Tim Steinbach 2423313581
kernel: 4.9.10 -> 4.9.11 2017-02-18 18:33:36 -05:00
Joachim Fasting ca016c2626
grsecurity: 4.9.10-201702152052 -> 4.9.11-201702181444 2017-02-18 22:01:16 +01:00
Joachim Fasting e8007c0e89
linux_4_9: patch for CVE-2017-5986 
Seems fairly low impact[1] but we might as well patch it until a new 4.9
version is released

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1420276
 2017-02-17 19:11:30 +01:00
Joachim Fasting 73577a2b05
linux_4_9: 4.9.9 -> 4.9.10 2017-02-17 19:11:24 +01:00
Joachim Fasting bc2f53fd29
grsecurity: 4.9.8-201702071801 -> 4.9.10-201702152052 2017-02-16 14:51:25 +01:00
Tim Steinbach 0ec9e695c8
linux: 3.10.104 -> 3.10.105 2017-02-13 18:47:01 -05:00
Eelco Dolstra c71a893334
Revert "Use looser 9pfs caching in VM tests/builds" 
This reverts commit bbd03e236a.
 2017-02-13 14:38:19 +01:00
Eelco Dolstra 4af79a7331
Revert "linux: Apply 9p veryloose patch to 4.9" 
This reverts commit a82810c7a7.

Fixes #22695.
 2017-02-13 12:16:39 +01:00
Franz Pletz 9dec33dc4f
linux: 4.9.8 -> 4.9.9 2017-02-09 16:27:29 +01:00
Franz Pletz 9d8248517e
linux: 4.4.47 -> 4.4.48 2017-02-09 16:27:16 +01:00
Franz Pletz dced724c00
linux_3_18: remove due to EOL 2017-02-08 23:50:59 +01:00
Joachim Fasting bd46a375df
grsecurity: 4.9.8-201702060653 -> 201702071801 2017-02-08 01:31:18 +01:00
aszlig cf94e18627
linux-testing: 4.10-rc4 -> 4.10-rc7 
Tested via building the linux_testing attribute only, not in production.

Verified unpacked tarball with GnuPG:

gpg: Signature made Mon 06 Feb 2017 12:21:50 AM CET
gpg:                using RSA key 79BE3E4300411886
gpg: Good signature from "Linus Torvalds <torvalds@linux-foundation.org>" [unknown]
Primary key fingerprint: ABAF 11C6 5A29 70B1 30AB  E3C4 79BE 3E43 0041 1886

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2017-02-07 10:23:50 +01:00
Joachim Fasting 0d422c5db5
grsecurity: 4.8.17-201701151620 -> 4.9.8-201702060653 
The first release in the 4.9 branch.

I've also migrated my update scripts to SHA-512 so that'll
be the hash of choice for grsec packages going forward.
 2017-02-06 15:49:34 +01:00
Vladimír Čunát a2c867fd39
Merge branch 'staging' 2017-02-04 21:02:46 +01:00
Vladimír Čunát 73d798549f
protobuf, perf: fix my bad condition on gcc version 2017-02-04 20:58:47 +01:00
Tim Steinbach 949f9aff1d
linux: 3.12.69 -> 3.12.70 2017-02-04 09:18:50 -05:00
Tim Steinbach 7f69dc48b9
linux: 4.9.7 -> 4.9.8 2017-02-04 09:09:19 -05:00
Tim Steinbach 17b5ae4fe4
linux: 4.4.46 -> 4.4.47 2017-02-04 09:09:02 -05:00
Tim Steinbach 26e5b42106
linux: 4.4.45 -> 4.4.46 2017-02-03 18:36:50 -05:00
Vladimír Čunát e7c968fbf2
linuxPackages*.perf: fix build with default gcc 
Broken since 9842a107.
 2017-02-03 12:38:18 +01:00
Vladimír Čunát adab4cd58b
Merge branch 'master' into staging 2017-02-03 11:47:38 +01:00
Pascal Bach d1738c19bb kernel: 4.9.6 -> 4.9.7 2017-02-02 21:08:24 +01:00
Tuomas Tynkkynen 424cfe7686 Merge remote-tracking branch 'upstream/master' into staging 2017-01-29 02:16:29 +02:00
Tim Steinbach 99c9252e3f
kernel: 4.9.5 -> 4.9.6 2017-01-26 19:56:26 -05:00
Tim Steinbach 4345dfb5ba
kernel: 4.4.44 -> 4.4.45 2017-01-26 19:55:58 -05:00
Tuomas Tynkkynen be0e48e48f Merge remote-tracking branch 'upstream/master' into staging 2017-01-27 02:18:44 +02:00