Felix Buehler
34950c7359
sinit: refactor
2022-01-16 16:23:21 +01:00
Jörg Thalheim
5a6a12256d
Merge pull request #154157 from yaxitech/sgx-ssl
...
sgx-ssl: init at lin_2.15.1_1.1.1l
2022-01-16 06:05:10 +00:00
Bernardo Meurer
4fa2647449
Merge pull request #154994 from mweinelt/kernel-disable-unpriv-ebpf
...
linux: enable BPF_UNPRIV_DEFAULT_OFF on 5.10 and later
2022-01-16 00:46:51 +00:00
Bernardo Meurer
00cd3d063c
Merge pull request #154976 from TredwellGit/linux
...
Kernels 2022-01-14
2022-01-16 00:41:11 +00:00
Martin Weinelt
3ee206291a
linux: enable BPF_UNPRIV_DEFAULT_OFF between 5.10 and 5.15
...
Disable unprivileged access to BPF syscalls to prevent denial of service
and privilege escalation via
a) potential speculative execution side-channel-attacks on unmitigated
hardware[0]
or
b) unvalidated memory access in ringbuffer helper functions[1].
Fixes: CVE-2021-4204, CVE-2022-23222
[0] https://ebpf.io/summit-2021-slides/eBPF_Summit_2021-Keynote-Daniel_Borkmann-BPF_and_Spectre.pdf
[1] https://www.openwall.com/lists/oss-security/2022/01/13/1
2022-01-15 23:44:19 +01:00
Vincent Haupert
6639cd8c65
sgx-ssl: don't run test app in installCheckPhase
...
Although we build the test app in SGX simulation mode which does not
require hardware SGX support, SGX SSL fails to initialize on non-Intel
CPUs. This is unexpected (and inconsistent with the `sgx-sdk` sample
code we run in the `installCheckPhase`) and subject to an upstream
issue: https://github.com/intel/intel-sgx-ssl/issues/113
Revert this commit as soon as the issue is resolved by Intel.
2022-01-15 13:08:31 +01:00
arcnmx
36026bb0c4
linuxPackages.kvmfr: patch for 5.16
2022-01-14 15:14:39 -08:00
Jonathan Ringer
97a8c7228a
linuxPackages.nvidia_x11_beta: 495.29.05 -> 510.39.01
2022-01-14 12:34:41 -08:00
R. RyanTM
162d4c51b3
ryzenadj: 0.8.2 -> 0.8.3
...
(#154582 )
2022-01-14 16:58:04 +01:00
markuskowa
eb7348fea9
Merge pull request #154872 from markuskowa/upd-rdma-core
...
rdma-core: 38.0 -> 38.1
2022-01-14 10:45:11 +01:00
TredwellGit
e19681509b
linux/hardened/patches/5.4: 5.4.170-hardened1 -> 5.4.171-hardened1
2022-01-14 02:25:10 +00:00
TredwellGit
ead5545be3
linux/hardened/patches/5.15: 5.15.12-hardened1 -> 5.15.14-hardened1
2022-01-14 02:25:01 +00:00
TredwellGit
f14a7feff2
linux/hardened/patches/5.10: 5.10.89-hardened1 -> 5.10.91-hardened1
2022-01-14 02:24:52 +00:00
TredwellGit
56224051e3
linux/hardened/patches/4.19: 4.19.224-hardened1 -> 4.19.225-hardened1
2022-01-14 02:24:42 +00:00
TredwellGit
230a6813d9
linux/hardened/patches/4.14: 4.14.261-hardened1 -> 4.14.262-hardened1
2022-01-14 02:24:34 +00:00
TredwellGit
c5f9bb4d21
linux-rt_5_4: 5.4.161-rt67 -> 5.4.170-rt68
2022-01-14 02:23:37 +00:00
Martin Weinelt
99ee04b5d1
cryptsetup: 2.4.2 -> 2.4.3
2022-01-13 18:24:48 +01:00
Sandro Jäckel
24e553ceab
maloader: use fetchFromGitHub
2022-01-13 17:16:39 +01:00
Markus Kowalewski
442dc01aac
rdma-core: 38.0 -> 38.1
2022-01-13 11:20:40 +01:00
Andreas Stührk
db091609ff
sgx-ssl: init at lin_2.15.1_1.1.1l
...
Co-authored-by: Vincent Haupert <mail@vincent-haupert.de>
2022-01-12 19:24:39 +01:00
Julian Stecklina
7a73bd3d08
linuxPackages.tuxedo-keyboard: update description to point to module
2022-01-12 11:47:53 +01:00
Julian Stecklina
ea9647d202
linuxPackages.tuxedo-keyboard: 3.0.8 -> 3.0.9
2022-01-12 11:47:53 +01:00
R. Ryantm
734af73298
bpftrace: 0.14.0 -> 0.14.1
2022-01-12 04:01:33 -06:00
Bobby Rong
b7c1fcea75
Merge pull request #154682 from IvarWithoutBones/bump/tuigreet
...
tuigreet: 0.6.1 -> 0.7.1
2022-01-12 17:11:27 +08:00
TredwellGit
61dd0c8e85
linux: 5.4.170 -> 5.4.171
2022-01-11 16:37:55 +00:00
TredwellGit
4cf69dc13a
linux: 5.15.13 -> 5.15.14
2022-01-11 16:37:49 +00:00
TredwellGit
caa8c4963d
linux: 5.10.90 -> 5.10.91
2022-01-11 16:37:40 +00:00
TredwellGit
84e167d8b3
linux: 4.9.296 -> 4.9.297
2022-01-11 16:37:32 +00:00
TredwellGit
e30d75558e
linux: 4.4.298 -> 4.4.299
2022-01-11 16:37:26 +00:00
TredwellGit
7bf2f23df2
linux: 4.19.224 -> 4.19.225
2022-01-11 16:37:20 +00:00
TredwellGit
169ed1335f
linux: 4.14.261 -> 4.14.262
2022-01-11 16:37:14 +00:00
R. Ryantm
9fd9e5e56e
android-udev-rules: 20210501 -> 20220102
2022-01-11 18:33:26 +03:00
Bobby Rong
1c22065e93
Merge pull request #154360 from r-ryantm/auto-update/autosuspend
...
autosuspend: 4.0.1 -> 4.1.0
2022-01-11 17:41:22 +08:00
R. Ryantm
de69cfae3c
autosuspend: 4.0.1 -> 4.1.0
2022-01-11 00:37:13 +00:00
Bernardo Meurer
5f36161ae1
linuxKernel.kernels: mark {IO_,}STRICT_DEVMEM optional to unbreak hardened kernels
2022-01-10 17:49:30 -03:00
Martin Weinelt
e2aab32379
batman-adv: 2021.1 -> 2021.4
...
https://www.open-mesh.org/news/106
https://www.open-mesh.org/news/105
https://www.open-mesh.org/news/104
2022-01-10 16:32:48 +00:00
Alyssa Ross
0a99fa0331
linux_latest: 5.15.12 -> 5.16
2022-01-10 16:32:48 +00:00
Bernardo Meurer
d72a2e7baf
firmwareLinuxNonfree -> linux-firmware
...
This renames our `firmwareLinuxNonfree` package to `linux-firmware`.
There is prior art for this in multiple other distros[1][2][3].
Besides making the package more discoverable by those searching for the
usual name, this also brings it in-line with the `kebab-case` we
normally see in `nixpkgs` pnames, and removes the `Nonfree` information
from the name, which I consider redundant given it's present in
`meta.license`.
The corresponding alias has been added, so this shouldn't break
anything.
[1]: https://archlinux.org/packages/core/any/linux-firmware/
[2]: https://src.fedoraproject.org/rpms/linux-firmware
[3]: https://packages.gentoo.org/packages/sys-kernel/linux-firmware
2022-01-10 12:28:03 -03:00
Bernardo Meurer
bbb703f8cf
Merge pull request #154287 from lovesegfault/linux-config-fix-soundwire
...
linuxKernel.kernels: also enable SND_SOC_SOF_INTEL_SOUNDWIRE_LINK after 5.10
2022-01-10 14:40:40 +00:00
Bernardo Meurer
a9eb0470c3
Merge pull request #153923 from qbit/vmm_clock
...
os-specific/linux/vmm_clock: add vmm_clock
2022-01-10 14:22:35 +00:00
Bernardo Meurer
c1376aedd7
linuxKernel.kernels: also enable SND_SOC_SOF_INTEL_SOUNDWIRE_LINK between 5.10-5.11
2022-01-10 11:15:24 -03:00
Aaron Bieber
40e761918d
vmm_clock: init at 0.1.0
2022-01-10 06:53:08 -07:00
Bernardo Meurer
c9248a6d87
Merge pull request #154274 from L-as/alsa-firmware
2022-01-10 13:14:36 +00:00
Bernardo Meurer
325f561c68
Merge pull request #154253 from brandonweeks/kspp
2022-01-10 12:57:53 +00:00
Las Safin
9968242e1e
alsa-firmware: 1.2.1 -> 1.2.4
...
Thanks @sternenseemann and @collares !
2022-01-10 11:43:10 +00:00
Bobby Rong
b426ea250c
Merge pull request #151649 from r-ryantm/auto-update/alsa-plugins
...
alsa-plugins: 1.2.5 -> 1.2.6
2022-01-10 19:36:19 +08:00
Brandon Weeks
8f200e0e38
linux: enable IO_STRICT_DEVMEM
2022-01-09 21:34:42 -08:00
Bernardo Meurer
0cd9bb5dc1
Merge pull request #154240 from alyssais/kvmfr-5.16
2022-01-10 04:57:48 +00:00
Bernardo Meurer
5eb3005275
Merge pull request #154179 from vcunat/p/liquidtux-broken
2022-01-10 04:48:37 +00:00
Bernardo Meurer
501a2c13cc
Merge pull request #154181 from brandonweeks/debug_list
2022-01-10 04:48:21 +00:00