Extracting headers from a grsecurity patched kernel triggers additional
build steps that require gcc plugins. For this to work, we'd need to
add gmp, libmpfr, and libmpc to the build inputs as well as run `make
prepare` before installing the headers (lest the build fail due to
missing files).
Out-of-tree modules use kernel.dev and user space should use the Linux
API headers used to build libc, not headers extracted from random
kernels, so fixing this for grsecurity is pointless.
This reverts commit b0adde8f8a.
Doesn't fix the issue for grsec kernels.
(cherry picked from commit 22bd9c12fe)
Signed-off-by: Domen Kožar <domen@dev.si>
The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow
In most cases, this just meant changing kernelDev (now removed from
linuxPackagesFor) to kernel.dev. Some packages needed more work (though
whether that was because of my changes or because they were already
broken, I'm not sure). Specifics:
* psmouse-alps builds on 3.4 but not 3.10, as noted in the comments that
were already there
* blcr builds on 3.4 but not 3.10, as noted in comments that were
already there
* open-iscsi, ati-drivers, wis-go7007, and openafsClient don't build on
3.4 or 3.10 on this branch or on master, so they're marked broken
* A version-specific kernelHeaders package was added
The following packages were removed:
* atheros/madwifi is superceded by official ath*k modules
* aufs is no longer used by any of our kernels
* broadcom-sta v6 (which was already packaged) replaces broadcom-sta
* exmap has not been updated since 2011 and doesn't build
* iscis-target has not been updated since 2010 and doesn't build
* iwlwifi is part of mainline now and doesn't build
* nivida-x11-legacy-96 hasn't been updated since 2008 and doesn't build
Everything not specifically mentioned above builds successfully on 3.10.
I haven't yet tested on 3.4, but will before opening a pull request.
Signed-off-by: Shea Levy <shea@shealevy.com>
Therefore I add recent linuxHeaders for it.
It's quite a hack to build it mixed with 2.6.35 headers and 3.3.5, but it builds at least.
svn path=/nixpkgs/trunk/; revision=34021
what the new nix thinks the fuloong is.
Anyone having the old nix should use a nixpkgs previous to this change to build
the new nix. And then, with the new nix, he can use any newer nixpkgs revision.
svn path=/nixpkgs/trunk/; revision=31751
some redundant builds (e.g., GMP was built three times).
* Updated GMP to 5.0.2.
* Updated PPL to 0.11.2.
* Remove ad hoc flags to build GCC's dependencies statically.
Instead, use the ‘makeStaticLibraries’ stdenv adapter.
* Build GMP with C++ support by default.
svn path=/nixpkgs/branches/stdenv-updates/; revision=30891
‘linuxPackages.kernel’, because then every minor kernel upgrade will
cause a rebuild of everything. So fix it at 2.6.35.
svn path=/nixpkgs/branches/stdenv-updates/; revision=30857
Makefile:1607: *** mixed implicit and normal rules. Stop.
This patch is probably required in other kernel versions, too. I don't
know for sure, though.
svn path=/nixpkgs/trunk/; revision=25442
I tried to fix some trivial conflicts.
I don't know if I merged well some more difficult conflicts on openssl/darwin_patch
or haskell-platform.
svn path=/nixpkgs/branches/stdenv-updates/; revision=22878
Updating the cross-build expressions, adding some flexibility.
Updated the linux headers used cross building, as 2.6.28 had bugs on endianness in
sparc64.
There were, as usual some bugs in gcc. Maybe not many make a cross compiler to
ultrasparc.
For the record, I could build an ultrasparc kernel with this base nix:
import /etc/nixos/nixpkgs/default.nix # The root nixpkgs default.nix
{
crossSystem = {
config = "sparc64-unknown-linux";
bigEndian = true;
arch = "sparc64";
float = "soft";
withTLS = true;
cpu = "ultrasparc";
};
config = pkgs: {
packageOverrides = pkgs : {
platform = {
name = "sparc64";
kernelHeadersBaseConfig = "sparc64_defconfig";
kernelBaseConfig = "sparc64_defconfig";
kernelArch = "sparc";
kernelAutoModules = false;
kernelTarget = "zImage";
uboot = null;
};
};
};
}
Although it did not boot directly in qemu-system-sparc64:
[sparc64] Kernel already loaded
Unhandled Exception 0x0000000000000020
PC = 0x0000000000404000 NPC = 0x0000000000404004
svn path=/nixpkgs/trunk/; revision=20269
sheevaplug kernel, so the kernel does not build in the sheevaplug right now.
I will try to fix that in next commits.
svn path=/nixpkgs/branches/stdenv-updates/; revision=19045