Commit Graph

6110 Commits

Author SHA1 Message Date
Tuomas Tynkkynen
424cfe7686 Merge remote-tracking branch 'upstream/master' into staging 2017-01-29 02:16:29 +02:00
Tuomas Tynkkynen
2f38d1fd1f kmscube: init at 2016-09-19 2017-01-29 02:08:04 +02:00
Kevin Cox
6dcc4623ac
libnl: 3.2.23 -> 2.3.29 to revert accidental downgrade.
libnl was accidentally downgrades to 2.3.29 in
8d342d20b5 instead of being upgraded to
2.3.29 so this fixes that.
2017-01-27 22:41:44 +00:00
Jörg Thalheim
c2a7c448da
android-udev-rules: 20170109 -> 20170125 2017-01-27 22:37:12 +01:00
Alexey Shmalko
e799e7b5d6
musl: build musl-gcc
The build of the wrapper was disabled in 93e44be (#21023) and is not
related to the CVE itself. (See comments in the mentioned PR.)
2017-01-27 21:54:27 +02:00
Tim Steinbach
99c9252e3f
kernel: 4.9.5 -> 4.9.6 2017-01-26 19:56:26 -05:00
Tim Steinbach
4345dfb5ba
kernel: 4.4.44 -> 4.4.45 2017-01-26 19:55:58 -05:00
Tuomas Tynkkynen
be0e48e48f Merge remote-tracking branch 'upstream/master' into staging 2017-01-27 02:18:44 +02:00
Robin Gloster
972749f1d4
systemd: fix repository url
Left-over from testing, sorry..
2017-01-26 17:57:10 +01:00
Robin Gloster
a38f1911d3
systemd: 231 -> 232
Includes adding some more upstream units and removing obsolete (-.slice) ones.
2017-01-26 17:52:52 +01:00
Tuomas Tynkkynen
e2a2f6d595 Merge pull request #22117 from dezgeg/aarch64-for-merge
Aarch64 (ARM64) support
2017-01-26 17:52:28 +02:00
Vladimír Čunát
6973c7739e
Merge branch 'master' into staging
There were some larger rebuilds because of security.
2017-01-26 16:49:41 +01:00
Franz Pletz
4276844cb0
powerstat: 0.2.10 -> 0.2.11 2017-01-26 03:52:50 +01:00
Franz Pletz
f4833ed484
smemstat: 0.01.14 -> 0.01.16 2017-01-26 03:52:50 +01:00
Franz Pletz
d14c7bf046
eventstat: 0.03.02 -> 0.03.03 2017-01-26 03:52:48 +01:00
Franz Pletz
96c35ad06a
fnotifystat: 0.01.14 -> 0.01.16 2017-01-26 03:52:47 +01:00
Franz Pletz
243272cd2e
forkstat: 0.01.14 -> 0.01.16 2017-01-26 03:52:47 +01:00
Graham Christensen
8d342d20b5
libnl: 3.2.28 -> 3.2.29 for CVE-2017-0386 2017-01-25 20:53:18 -05:00
Robin Gloster
9842a107da
linuxPackages.perf: fix build with gcc6 2017-01-25 20:12:38 +01:00
Franz Pletz
b9b95aa4d4 Merge pull request #22034 from mayflower/conntrack-helpers
Disable conntrack helper autoloading by default
2017-01-25 14:18:41 +01:00
Tuomas Tynkkynen
2bfd83ab6d platforms.nix: Add some aarch64-specific kernel config
This makes Raspberry Pi 3 and some Cavium ThunderX server hardware work.
2017-01-25 02:14:46 +02:00
Joachim Fasting
c50c551142
grsecurity: 4.8.16-201701062021 -> 4.8.17-201701151620 2017-01-25 00:58:57 +01:00
Joachim Fasting
482c67af70
grsecurity: adapt new to mirror url structure 2017-01-25 00:58:54 +01:00
Franz Pletz
403fdd737e
linux: remove canDisableNetfilterConntrackHelpers feature
This feature is available in all kernels in nixpkgs.
2017-01-25 00:28:55 +01:00
Tuomas Tynkkynen
3519244c72 raspberrypifw: Enable build on Aarch64
So that the boot blobs can be copied.

FIXME: This makes the dynamic linker of the ARM binaries point to a
aarch64 linker.
2017-01-25 00:01:54 +02:00
Tuomas Tynkkynen
8999ab9e56 fuse: Add Aarch64 patch from upstream git to fix build
See e.g. https://bugs.launchpad.net/linaro-oe/+bug/1087757
2017-01-25 00:01:54 +02:00
Nathan Zadoks
fcc51d3256 linux: fix installTargets for AArch64
[dezgeg: note that we are currently using just 'Image' instead of
'Image.gz' as U-Boot doesn't support the latter yet. We might switch
once it does since the kernel images are quite big]
2017-01-25 00:01:54 +02:00
Nathan Zadoks
bfff3d6e23 busybox: Fix in-store invocation of busybox
This fixes the usage for stdenv bootstrap.

Additionally, dezgeg ported the patch from 1.25.1 to 1.26.1
2017-01-25 00:01:52 +02:00
John Ericson
5ad696b067 Merge pull request #22107 from Ericson2314/cross-tepid
Somewhat saner cross-compiling through bootstrapping
2017-01-24 15:09:56 -05:00
Michael Raskin
e08cae373b Merge branch 'master' into kwm 2017-01-24 17:59:56 +00:00
Michael Raskin
2bcc678f5a Merge pull request #22070 from LnL7/khd
khd: init at v1.1.4
2017-01-24 17:58:50 +00:00
John Ericson
a1a798f017 top-level: crossSystem is no longer exposed to packages. Use *Platform. 2017-01-24 11:37:56 -05:00
John Ericson
bf17d6dacf top-level: Introduce buildPackages for resolving build-time deps
[N.B., this package also applies to the commits that follow it in the same
PR.]

In most cases, buildPackages = pkgs so things work just as before. For
cross compiling, however, buildPackages is resolved as the previous
bootstrapping stage. This allows us to avoid the mkDerivation hacks cross
compiling currently uses today.

To avoid a massive refactor, callPackage will splice together both package
sets. Again to avoid churn, it uses the old `nativeDrv` vs `crossDrv` to do
so. So now, whether cross compiling or not, packages with get a `nativeDrv`
and `crossDrv`---in the non-cross-compiling case they are simply the same
derivation. This is good because it reduces the divergence between the
cross and non-cross dataflow. See `pkgs/top-level/splice.nix` for a comment
along the lines of the preceding paragraph, and the code that does this
splicing.

Also, `forceNativeDrv` is replaced with `forceNativePackages`. The latter
resolves `pkgs` unless the host platform is different from the build
platform, in which case it resolves to `buildPackages`. Note that the
target platform is not important here---it will not prevent
`forcedNativePackages` from resolving to `pkgs`.

--------

Temporarily, we make preserve some dubious decisions in the name of preserving
hashes:

Most importantly, we don't distinguish between "host" and "target" in the
autoconf sense. This leads to the proliferation of *Cross derivations
currently used. What we ought to is resolve native deps of the cross "build
packages" (build = host != target) package set against the "vanilla
packages" (build = host = target) package set. Instead, "build packages"
uses itself, with (informally) target != build in all cases.

This is wrong because it violates the "sliding window" principle of
bootstrapping stages that shifting the platform triple of one stage to the
left coincides with the next stage's platform triple. Only because we don't
explicitly distinguish between "host" and "target" does it appear that the
"sliding window" principle is preserved--indeed it is over the reductionary
"platform double" of just "build" and "host/target".

Additionally, we build libc, libgcc, etc in the same stage as the compilers
themselves, which is wrong because they are used at runtime, not build
time. Fixing this is somewhat subtle, and the solution and problem will be
better explained in the commit that does fix it.

Commits after this will solve both these issues, at the expense of breaking
cross hashes. Native hashes won't be broken, thankfully.

--------

Did the temporary ugliness pan out? Of the packages that currently build in
`release-cross.nix`, the only ones that have their hash changed are
`*.gcc.crossDrv` and `bootstrapTools.*.coreutilsMinimal`. In both cases I
think it doesn't matter.

 1. GCC when doing a `build = host = target = foreign` build (maximally
    cross), still defines environment variables like `CPATH`[1] with
    packages.  This seems assuredly wrong because whether gcc dynamically
    links those, or the programs built by gcc dynamically link those---I
    have no idea which case is reality---they should be foreign. Therefore,
    in all likelihood, I just made the gcc less broken.

 2. Coreutils (ab)used the old cross-compiling infrastructure to depend on
    a native version of itself. When coreutils was overwritten to be built
    with fewer features, the native version it used would also be
    overwritten because the binding was tight. Now it uses the much looser
    `BuildPackages.coreutils` which is just fine as a richer build dep
    doesn't cause any problems and avoids a rebuild.

So, in conclusion I'd say the conservatism payed off. Onward to actually
raking the muck in the next PR!

[1]: https://gcc.gnu.org/onlinedocs/gcc/Environment-Variables.html
2017-01-24 11:37:56 -05:00
Eelco Dolstra
a82810c7a7
linux: Apply 9p veryloose patch to 4.9 2017-01-24 13:05:02 +01:00
Franz Pletz
7c5324f29a
nftables: disable broken xtables support 2017-01-24 11:47:34 +01:00
Daiderd Jordan
adfb7e1f13
kwm: init at 1.1.4 2017-01-24 08:31:11 +01:00
Shea Levy
4f9f00fcc9 Add function to build a ghc standalone archive (OSX/iOS only) 2017-01-23 18:35:03 -05:00
Daiderd Jordan
0f91cdc45f
kwm: init at 4.0.4 2017-01-23 21:45:01 +01:00
Daiderd Jordan
034d39b244
darwin: update shas, some sources where re-released with different metadata 2017-01-23 19:39:03 +01:00
Shea Levy
b82d6b3a0a ios-cross: Expose the SDK directory via ccCross 2017-01-23 08:23:43 -05:00
Franz Pletz
e10cd27269
Merge branch 'staging' 2017-01-23 11:06:41 +01:00
Tim Steinbach
fc8233a64f
kernel: 4.4.43 -> 4.4.44 2017-01-22 12:11:50 -05:00
Franz Pletz
b1e9acfb18 Merge pull request #21990 from Mic92/utillinux
utillinux: undo seccomp sandbox and improve purity
2017-01-22 14:15:01 +01:00
Franz Pletz
f09c5c9c45
nftables: 0.6 -> 0.7, enable xtables support 2017-01-22 13:01:01 +01:00
Franz Pletz
210f894c12
iptables: split out dev output 2017-01-22 13:01:01 +01:00
Franz Pletz
016a194ac8
conntrack_tools: 1.4.3 -> 1.4.4 2017-01-22 13:01:01 +01:00
Jörg Thalheim
7cb14d4353 Merge pull request #22020 from Mic92/zfs
ZfsUnstable: 0.7.0-rc2 -> 0.7.0-rc3
2017-01-21 23:50:28 +01:00
Franz Pletz
56c6a4391f
zfs: add hint to try unstable version, fix typo 2017-01-21 23:35:55 +01:00
Franz Pletz
61caacbf47
linux: 4.1.36 -> 4.1.38 2017-01-21 20:41:38 +01:00
Franz Pletz
ce3b98d08b
linux: 3.18.45 -> 3.18.47 2017-01-21 20:41:36 +01:00
Jörg Thalheim
adecd56871
splUnstable: 0.7.0-rc2 -> 0.7.0-rc3 2017-01-21 18:18:33 +01:00
Jörg Thalheim
c33e1e06fa
zfsUnstable: 0.7.0-rc2 -> 0.7.0-rc3 2017-01-21 18:18:17 +01:00
Michael Raskin
dc6413399c eudev: fix build with a fresh gperf 2017-01-21 08:55:17 +01:00
Daiderd Jordan
c7d49e5f69
darwin: fixed eval of frameworks 2017-01-21 01:01:46 +01:00
Robert Helgesson
ba4687c3ea
radeontop: 2016-07-04 -> 2016-10-28
This is actually version 1.0 but to support `nix-env -u` we continue
using the release date.
2017-01-20 23:14:53 +01:00
Shea Levy
e70dcf6818 ios-cross: Bump sdk version, verify sdk install at build time 2017-01-20 14:10:15 -05:00
Vladimír Čunát
6b6553c768
Merge branch 'staging'
It contains security updates.  I somehow forgot to push this yesterday.
2017-01-20 16:33:59 +01:00
Shea Levy
34c52896d1 linux 4.9.4 -> 4.9.5 2017-01-20 09:36:04 -05:00
Nikolay Amiantov
d75a3cfb29 Merge pull request #21995 from abbradar/opencl
Fix OpenCL support
2017-01-20 12:09:17 +03:00
Nikolay Amiantov
05eee18e7a linuxPackages.nvidia_x11: fix OpenCL support
* Move OpenCL .icd file to the right place;
* Remove libOpenCL.so (we use ocl-icd instead).
2017-01-20 03:37:51 +03:00
Robin Gloster
a6ebca448e
iproute: update fan patches 2017-01-19 17:28:22 +01:00
Jörg Thalheim
104a37a9fb
util-linux: improve purity by using login from shadow
replacing shutdown in postPatch phase is not necessary as rtcwake was already
patched to use the search path (the only user of shutdown)
2017-01-19 15:13:38 +01:00
Jörg Thalheim
4b9b1fa945
util-linux: remove seccomp sandbox for CVE-2016-2279
the patch for CVE-2016-2779 was reverted by upstream and was not adopted
by any other downstream distributions. Upstream waits for a better fix
in the kernel:
https://www.kernel.org/pub/linux/utils/util-linux/v2.28/v2.28-ReleaseNotes
2017-01-19 15:10:18 +01:00
Vladimír Čunát
40003aa2ed
Merge branch 'master' into staging 2017-01-18 15:54:04 +01:00
Tuomas Tynkkynen
9fc3ce73d1 kernel config: Enable BONDING and TMPFS_POSIX_ACL
Yet again something that's lacking on other platforms than x86.
2017-01-18 01:21:08 +02:00
Eelco Dolstra
e9109b1b97
linux: 4.4.42 -> 4.4.43 2017-01-17 12:02:46 +01:00
Eelco Dolstra
9a9be9296f
linux: 4.9.3 -> 4.9.4 2017-01-17 12:02:46 +01:00
Tuomas Tynkkynen
08ddb16865 linux_testing: 4.10-rc2 -> 4.10-rc4 2017-01-16 11:41:13 +02:00
Thomas Tuegel
04d11637cb
linux_4_9: enable support for amdgpu on older chipsets
Linux 4.9 includes experimental amdgpu support for AMD Southern Islands
chipsets. (By default, only Sea Islands and newer chipsets are supported.)
Southern Islands chips will still use radeon by default, but daring users may
set `services.xserver.videoDrivers = [ "amdgpu" ];` to try the experimental
driver.
2017-01-15 16:29:50 -06:00
Jörg Thalheim
12b2830446
wireguard: 0.0.20170105 -> 0.0.20170115 2017-01-15 17:33:54 +01:00
Daiderd Jordan
d6517b6e5e Merge pull request #21898 from matthewbauer/darwintools
DarwinTools: init at 1
2017-01-15 10:11:39 +01:00
Jörg Thalheim
2ab883c9da
sysdig: patch for linux >= 4.9.1 2017-01-15 00:08:12 +01:00
Tim Steinbach
e8d3c74b49
util-linux: 2.28.1 -> 2.29 2017-01-14 12:57:58 -05:00
Tim Steinbach
afb73be9f7 busybox: 1.26.1 -> 1.26.2 2017-01-14 17:19:43 +01:00
Tim Steinbach
295337ead5
linux: 4.9.2 -> 4.9.3 2017-01-14 11:02:26 -05:00
Tim Steinbach
9158b89fd3
linux: 4.4.41 -> 4.4.42 2017-01-14 11:01:52 -05:00
Franz Pletz
44efd447b6 Merge pull request #21816 from NeQuissimus/linux_4_8_removal
linux: Remove 4.8
2017-01-12 10:22:29 +01:00
Graham Christensen
d20d38e68d
nvidia_x11_legacy340: 340.96 -> 340.101 for CVE-2016-7382, CVE-2016-7389, CVE-2016-8826 2017-01-11 20:11:20 -05:00
Graham Christensen
9837dce6d2
nvidia_x11_legacy304: 304.131 -> 304.134 for CVE-2016-7382, CVE-2016-7389, CVE-2016-8826 2017-01-11 20:11:14 -05:00
Tim Steinbach
d483a871d1
linux: Remove 4.8 2017-01-11 16:59:29 -05:00
Jude Taylor
3f49c4f3ce reattach-to-user-namespace: fix version 2017-01-10 12:21:43 -08:00
Jude Taylor
f2713ce805 update reattach-to-user-namespace 2017-01-10 11:51:03 -08:00
David McFarland
b2da3d3050 amdgpu-pro: 16.40 -> 16.50 (#21502) 2017-01-10 15:24:21 +01:00
Michael Raskin
5b9d80646b mdadm4: init at 4.0
Would be just mdadm: 3.3.4 -> 4.0, but it doesn't look like there are
urgent bugfixes, and it is a major release, and wrong RAID handling
kills data, so let's let the early adopters test it a bit.
2017-01-10 14:09:20 +01:00
Franz Pletz
6b01b229c2
linux: 4.9.1 -> 4.9.2 2017-01-10 07:45:19 +01:00
Franz Pletz
3b17823187
linux: 4.8.16 -> 4.8.17 2017-01-10 07:45:19 +01:00
Franz Pletz
4c43937af0
linux: 4.4.40 -> 4.4.41 2017-01-10 07:45:18 +01:00
Pascal Wittmann
18c0b54981
linuxConsoleTools: 1.4.9 -> 1.6.0 2017-01-09 22:08:30 +01:00
Vladimír Čunát
c82baee8ac
sssd: fixup build after bind output changes #21685 2017-01-09 20:24:01 +01:00
Jörg Thalheim
87e1c49298
android-udev-rules: 20170106 -> 20170109 2017-01-09 13:40:31 +01:00
Jörg Thalheim
adbcb37db5
android-udev-rules: 20161014 -> 20170106 2017-01-08 23:40:40 +01:00
Michael Raskin
9653be493a firejail: 0.9.44.2 -> 0.9.44.4 2017-01-08 13:58:24 +01:00
Matthew Bauer
6f72be9962
DarwinTools: init at 1 2017-01-08 02:28:44 -06:00
Joachim Fasting
d6ff445f10
grsecurity: 4.8.15-201612301949 -> 4.8.16-201701062021 2017-01-07 08:01:41 +01:00
Tim Steinbach
c1d20ea50c
kernel: 4.9.0 -> 4.9.1 2017-01-06 16:15:18 -05:00
Tim Steinbach
ecf87b11f2
kernel: 4.8.15 -> 4.8.16 2017-01-06 16:15:02 -05:00
Tim Steinbach
8fda707027
kernel: 4.4.39 -> 4.4.40 2017-01-06 16:14:30 -05:00
Vladimír Čunát
07bf828bd9
Merge branch 'staging'; security /cc #21642 2017-01-06 16:32:47 +01:00
Jörg Thalheim
ca0d747d6d Merge pull request #21578 from Mic92/zfs
zfs: add unstable variant
2017-01-05 12:52:56 +01:00
Jason A. Donenfeld
1ba9a3cd9b wireguard: 0.0.20161230 -> 0.0.20170105
Version bump that contains some new tools.

fixes #21666
2017-01-05 10:38:58 +00:00