JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

linux_grsec_nixos: fix build

Browse Source 
The grsec patch fails to apply cleanly when combined with the hiddev CVE patch
(added in dde259dfb5).  To fix this and future
problems, we set all our patches explicitly rather than inherit from the base
kernel.
This commit is contained in:
Joachim Fasting 2016-07-15 13:21:58 +02:00
parent 9fc0347c93
commit e228023b14
No known key found for this signature in database
GPG Key ID: 4330820E1E04DCF4
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkgs/top-level/all-packages.nix
View File

@ -11186,7 +11186,12 @@ in
linux_grsec_nixos = callPackage ../build-support/grsecurity {
inherit (lib) overrideDerivation;
kernel = callPackage ../os-specific/linux/kernel/linux-grsecurity.nix {
inherit (self.linux_4_5) kernelPatches;
kernelPatches = with self.kernelPatches; [ bridge_stp_helper qat_common_Makefile ]
++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
kernelPatches.mips_fpu_sigill
kernelPatches.mips_ext3_n32
];
};
grsecPatch = self.kernelPatches.grsecurity_testing;
kernelPatches = [ self.kernelPatches.grsecurity_nixos_kmod ];