nixpkgs

Author	SHA1	Message	Date
Joachim Fasting	cc396697a6	grsecurity: enable ability to lock in readonly mounts	2016-12-06 01:24:12 +01:00
Joachim Fasting	0e765c72e5	grsecurity: enable module hardening	2016-12-06 01:23:58 +01:00
Joachim Fasting	071fbcda24	grsecurity: enable optional sysfs restrictions Fairly severe, but can be disabled at bootup via grsec_sysfs_restrict=0. For the NixOS module we ensure that it is disabled, for systemd compatibility.	2016-12-06 01:23:36 +01:00
Joachim Fasting	8c1f5afdf3	grsecurity: delay toggling of sysctls until system is up We generally trust init, so there's little point in having these enabled during early bootup; it accomplishes little except fill our logs with spam.	2016-12-06 01:22:53 +01:00
Tuomas Tynkkynen	9ccc14b1bc	linux_rpi: Add some feature flags Copied from linux_4_4 (except for the EFI stub thing). Otherwise the firewall module fails to evaluate: Failed assertions: - This kernel does not support rpfilter	2016-12-04 18:18:06 +02:00
Tim Steinbach	4f8b74b401	Merge pull request #20866 from NeQuissimus/linux_4_8_12 linux: 4.8.11 -> 4.8.12	2016-12-02 18:28:46 -05:00
Tim Steinbach	853b6493c8	linux: 4.8.11 -> 4.8.12	2016-12-02 14:29:00 -05:00
Tim Steinbach	654f5df5dc	linux: 4.4.35 -> 4.4.36	2016-12-02 14:28:26 -05:00
Tim Steinbach	5afc6b506c	linux: 4.1.35 -> 4.1.36	2016-12-01 20:34:02 -05:00
Tim Steinbach	18a3225dac	linux: 3.12.67 -> 3.12.68	2016-11-29 17:40:17 -05:00
Joachim Fasting	b90ed0cc80	grsecurity: 4.8.10-201611232213 -> 4.8.11-201611271225	2016-11-28 11:41:10 +01:00
Joachim Fasting	4c7323545b	Revert "grsecurity: work around for #20490 " This reverts commit `e38b74ba89`. I failed to notice f19c961b4e461da045f2e72e73701059e5117be0; better use that fix instead.	2016-11-28 11:40:55 +01:00
Tim Steinbach	eecf76eaa2	linux: 4.9-rc6 -> 4.9-rc7	2016-11-27 19:48:24 -05:00
Tuomas Tynkkynen	86ea3126bc	linux_rpi: 1.20160620 -> 1.20161020	2016-11-28 00:24:00 +02:00
Tim Steinbach	b47307bd74	linux: 4.8.10 -> 4.8.11	2016-11-26 16:29:23 -05:00
Tim Steinbach	cc77360bed	linux: 4.4.34 -> 4.4.35	2016-11-26 16:28:58 -05:00
Jörg Thalheim	01172c2ccf	Merge pull request #20591 from NeQuissimus/linux_4_9_rc6 linux: 4.9-rc5 -> 4.9-rc6	2016-11-26 16:00:16 +01:00
Joachim Fasting	f9d787c67b	grsecurity: 4.8.10-201611210813 -> 201611232213	2016-11-24 12:08:12 +01:00
Franz Pletz	7974d7493a	linux: compress kernel image with xz	2016-11-23 02:24:13 +01:00
Tim Steinbach	e4a1b76457	linux: 4.8.9 -> 4.8.10	2016-11-21 18:07:17 -05:00
Tim Steinbach	d62069aca4	linux: 4.4.33 -> 4.4.34	2016-11-21 18:06:57 -05:00
Joachim Fasting	96194467e6	grsecurity: 4.8.8-201611150756 -> 4.8.10-201611210813	2016-11-21 23:15:14 +01:00
Tim Steinbach	f6bbc6c477	linux: 4.9-rc5 -> 4.9-rc6	2016-11-20 17:23:32 -05:00
Pascal Wittmann	f7e0bc2ae7	Make all meta.maintainers attributes lists	2016-11-20 18:06:03 +01:00
Tim Steinbach	13491f9f48	Merge pull request #20552 from NeQuissimus/linux_4_8_9 linux: 4.8.8 -> 4.8.9	2016-11-19 09:03:00 -05:00
Tim Steinbach	d3b8a77834	linux: 4.4.32 -> 4.4.33	2016-11-19 08:56:31 -05:00
Tim Steinbach	250224bf01	linux: 4.8.8 -> 4.8.9	2016-11-19 08:55:57 -05:00
Joachim Fasting	e38b74ba89	grsecurity: work around for #20490 In `scripts/Makefile.modinst`, the code that generates the list of modules to install passes file names via the command line. When installing a grsecurity kernel, this list appears to exceed the shell's argument list limit, as in make[2]: execvp: /nix/store/[...]-bash-4.3-p46/bin/bash: Argument list too long The build does not fail, however, but the list of modules to be installed ends up being empty. Thus, the resulting kernel package output contains no modules, rendering it useless. We work around this by patching the makefile to use `find -exec` to process files. Why this would occur for grsecurity and not other kernels is unknown, most likely there's something else that is actually causing this behaviour, so this is a temporary fix until that cause is found. Fixes https://github.com/NixOS/nixpkgs/issues/20490	2016-11-18 16:14:26 +01:00
Tim Steinbach	a4cd6f1378	Merge pull request #20441 from NeQuissimus/linux_4_4_32 linux: 4.4.31 -> 4.4.32	2016-11-15 17:49:00 -05:00
Tim Steinbach	819884119c	Merge pull request #20439 from NeQuissimus/linux_4_8_8 linux: 4.8.7 -> 4.8.8	2016-11-15 17:48:07 -05:00
Joachim Fasting	0d4e1b5edd	grsecurity: 4.8.7-201611142350 -> 4.8.8-201611150756	2016-11-15 22:57:25 +01:00
Tim Steinbach	24c342fde7	linux: 4.4.31 -> 4.4.32	2016-11-15 12:31:27 -05:00
Tim Steinbach	9e851d3b11	linux: 4.8.7 -> 4.8.8	2016-11-15 12:30:55 -05:00
Joachim Fasting	afab1a948e	grsecurity: 4.8.7-201611102210 -> 201611142350	2016-11-15 13:11:47 +01:00
Tim Steinbach	a87c8ad05f	linux: 4.9-rc4 -> 4.9-rc5	2016-11-14 09:40:27 -05:00
Joachim Fasting	cad9212813	grsecurity: 4.7.10-201611011946 -> 4.8.7-201611102210	2016-11-14 00:16:19 +01:00
Joachim Fasting	081a871771	Revert "Merge pull request #20302 from spacekitteh/patch-10" This reverts commit `e02173c70c`, reversing changes made to `c2b4a0d266`. Breaks all grsec packages; Not having binary substitutes for no good reason is disruptive to my workflow, so I'll just revert this for now.	2016-11-12 14:02:20 +01:00
Tim Steinbach	e02173c70c	Merge pull request #20302 from spacekitteh/patch-10 grsecurity_testing: 4.7.10 -> 4.8.7	2016-11-11 22:03:39 -05:00
Sophie Taylor	fa180d0d63	grsec: 4.8.6 -> 4.8.7	2016-11-12 12:54:47 +10:00
Tim Steinbach	c2b4a0d266	Merge pull request #20327 from NeQuissimus/linux_4_9_rc4 linux: 4.9-rc3 -> 4.9-rc4	2016-11-11 18:11:02 -05:00
Tim Steinbach	52cc30cd87	Merge pull request #20326 from NeQuissimus/linux_3_12_67 linux: 3.12.66 -> 3.12.67	2016-11-11 18:10:16 -05:00
Tim Steinbach	933dfca167	Merge pull request #20322 from NeQuissimus/linux_4_8_7 linux: 4.8.6 -> 4.8.7	2016-11-10 21:12:06 -05:00
Tim Steinbach	ad19b9bde5	linux: 4.9-rc3 -> 4.9-rc4	2016-11-10 21:08:28 -05:00
Tim Steinbach	0a1f39eb91	linux: 4.8.6 -> 4.8.7	2016-11-10 21:07:56 -05:00
Tim Steinbach	579f5fd9dd	linux: 4.4.30 -> 4.4.31	2016-11-10 21:07:24 -05:00
Tim Steinbach	cc62ecc2d9	linux: 3.12.66 -> 3.12.67	2016-11-10 21:06:54 -05:00
Tuomas Tynkkynen	74ecbbe4e3	kernel config: Ensure SECCOMP_FILTER is enabled As noted in `a97db109a2`, SECCOMP_FILTER must be enabled or systemd gets very unhappy.	2016-11-11 02:10:20 +02:00
Peter Hoeg	cb93b34999	SMB2 support for CIFS [tuomas: removed unneeded kernel version check] Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>	2016-11-11 02:10:20 +02:00
Sophie Taylor	6476f11f40	grsecurity patch update to kernel 4.8.6	2016-11-10 12:44:22 +10:00
Guillaume Maudoux	eb9d126d2c	linux_mptcp: 0.91 -> 0.91.2	2016-11-07 14:15:33 +01:00

1 2 3 4 5 ...

1766 commits