Austin Seipp
92abc4c610
kernel: enable AppArmor by default
...
AppArmor only requires a few patches to the 3.2 and 3.4 kernels in order
to work properly (with the minor catch grsecurity -stable includes the
3.2 patches.) This adds them to the kernel builds by default, removes
features.apparmor (since it's always true) and makes it the default MAC
system.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:09 -05:00
Austin Seipp
3efdeef6a3
linux-3.{4,10}: update
...
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:09 -05:00
Vladimír Čunát
9c8ee7a7e5
linux: minor updates, probably often fixing CVE-2014-0196
2014-05-13 20:00:21 +02:00
Austin Seipp
92f7781f00
kernel/grsecurity: stable/longterm/testing updates
...
kernels:
- longterm: 3.4.87 -> 3.4.88
- longterm: 3.10.37 -> 3.10.38
- stable: 3.13.10 -> 3.13.11
- stable: 3.14.1 -> 3.14.2
grsecurity:
- test: 3.0-3.14.1-201404241722 -> 3.0-3.14.2-201404270907
NOTE: technically the 3.13 stable kernel is now EOL. However, it will
become the long-term grsecurity stable kernel, and will have ongoing
support from Canonical.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-27 08:41:42 -05:00
Austin Seipp
ba2f861f05
kernel: stable/longterm updates
...
- stable: 3.14 -> 3.14.1
- longterm: 3.10.36 -> 3.10.37
- longterm: 3.4.86 -> 3.4.86
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-14 19:46:39 -05:00
Austin Seipp
05ec851050
kernel: longterm updates
...
- longterm: 3.4.85 -> 3.4.86
- longterm: 3.10.35 -> 3.10.36
- longterm: 3.12.15 -> 3.12.17
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-07 13:56:50 -05:00
Austin Seipp
19bc051ca1
kernel: stable/longterm updates
...
- longterm: 3.4.83 -> 3.4.85
- longterm: 3.10.33 -> 3.10.35
- longterm: 3.12.14 -> 3.12.15
- stable: 3.13.7 -> 3.13.8
NOTE: This will break the testing grsec kernel at the moment (there's
not a 3.13.8 patch yet), but it's destined to be upgraded to 3.14 soon
anyway.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-04-01 11:11:10 +02:00
Eelco Dolstra
c0f3f6e396
linux: Update to 3.4.83
2014-03-17 11:25:48 +01:00
Austin Seipp
a1dc5ea707
kernel: stable updates
...
- 3.13 stable: 3.13.3 -> 3.13.4
- 3.12 stable: 3.12.11 -> 3.12.12
- 3.10 longterm: 3.10.30 -> 3.10.31
- 3.4 longterm: 3.4.80 -> 3.4.81
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-20 20:21:11 -06:00
Evgeny Egorochkin
ad4e2bd499
linux_3_4: update from 3.4.79 to 3.4.80
2014-02-14 16:55:44 +02:00
Evgeny Egorochkin
69f4bdac6e
linux: add git repository and branch meta
2014-02-14 10:45:36 +02:00
Vladimír Čunát
24029ec478
linux: minor updates 3.12.10, 3.10.29, 3.4.79
2014-02-08 11:54:16 +01:00
Eelco Dolstra
b913a2eb81
linux: Update to 3.4.78
2014-01-31 18:00:13 +01:00
Vladimír Čunát
a9caafa0ea
linux kernel updates to 3.4.77, 3.10.28 and 3.12.9
...
I tested they still build on x86_64.
2014-01-26 17:07:31 +01:00
Eelco Dolstra
03ad7a081c
linux: Update to 3.4.76
2014-01-15 10:55:53 +01:00
Eelco Dolstra
c3db56527d
linux: Update to 3.4.75
2014-01-07 11:08:16 +01:00
Eelco Dolstra
82f39bd19e
linux: Fix hash
2013-12-17 13:27:03 +01:00
Eelco Dolstra
acac786868
linux: Update to 3.4.74
2013-12-16 14:46:21 +01:00
Eelco Dolstra
f74ca42ba6
linux: Update to 3.4.73
2013-12-11 14:28:37 +01:00
Eelco Dolstra
3b94410d86
linux: Update to 3.4.71
2013-12-01 18:20:39 -05:00
Eelco Dolstra
139c5b5069
linux: Update to 3.4.70
2013-11-26 11:46:41 +01:00
Eelco Dolstra
af7162b7a3
linux: Update to 3.4.69
2013-11-13 17:33:58 +01:00
Eelco Dolstra
07ccfe6af8
linux: Update to 3.4.68
2013-11-06 10:29:27 +01:00
Eelco Dolstra
8c65a2a181
linux: Update to 3.4.67
2013-10-24 14:52:09 +02:00
Eelco Dolstra
fc593e719d
linux: Update to 3.4.66
...
CVE-2013-2015
2013-10-14 12:52:22 +02:00
Mathijs Kwik
c242863da8
linux-3.4: upgrade to 3.4.65
2013-10-06 20:17:01 +02:00
Eelco Dolstra
02c11554d7
linux: Update to 3.4.63
2013-09-30 11:29:27 +02:00
Eelco Dolstra
2d14789920
linux: Update to 3.4.62
2013-09-16 17:51:18 +02:00
Eelco Dolstra
89fa23c43d
linux: Update to 3.4.61
2013-09-12 10:38:38 +02:00
Eelco Dolstra
207aa56201
linux: Update to 3.4.60
2013-09-05 11:11:02 +02:00
Eelco Dolstra
a1c74c5603
linux: Update to 3.4.59
2013-08-26 22:55:54 +02:00
Eelco Dolstra
5cb688eb52
linux: Update to 3.4.58
2013-08-16 12:05:42 +02:00
Eelco Dolstra
912146d764
linux: Update to 3.4.56, 3.10.5
2013-08-06 12:40:48 +02:00
Eelco Dolstra
7ce325f3e0
Unify the Linux kernel configurations
...
Having N different copies of the NixOS kernel configuration is bad
because these copies tend to diverge. For instance, our 3.10 config
lacked some modules that were enabled in older configs, probably
because the 3.10 config had been copied off an earlier version of some
older kernel config.
So now there is a single kernel config in common-config.nix. It has a
few conditionals to deal with new/removed kernel options, but
otherwise it's pretty straightforward.
Also, a lot of cut&paste boilerplate between the kernel Nix
expressions is gone (such as preConfigure).
2013-08-01 01:40:40 +02:00
Eelco Dolstra
3c462ded97
linux: Update to 3.2.49, 3.4.55
2013-07-30 16:52:12 +02:00
Eelco Dolstra
1386036457
linux: Update to 3.4.54
2013-07-23 22:35:49 +02:00
Eelco Dolstra
66b2ff1074
linux: Update to 3.4.53
2013-07-15 14:33:27 +02:00
Eelco Dolstra
ebe81d17d7
linux: Update to 3.2.48, 3.4.51
2013-07-02 14:40:08 +02:00
Rickard Nilsson
4800a33b88
Linux 3.4: Doesn't support CONFIG_RC_DEVICES option
2013-06-27 12:13:27 +02:00
Rickard Nilsson
b7ccfc258a
Linux 3.2-3.9: Add CONFIG_RC_DEVICES=y, to enable IR devices that can be used by lirc/devinput
2013-06-25 20:13:11 +02:00
Mathijs Kwik
d7911372a8
linux-3.4: upgrade to 3.4.47
2013-06-04 07:50:59 +02:00
Eelco Dolstra
a1a725d20d
linux: Set AUDIT_LOGINUID_IMMUTABLE
...
This prevents faking the loginuid even by root.
2013-05-13 11:53:00 +02:00
David Guibert
0e98cd4a65
update linux versions
2013-05-12 20:28:45 +02:00
Mathijs Kwik
1264fafe98
linux-3.4: upgrade to 3.4.44
2013-05-08 22:33:05 +02:00
David Guibert
008bb6935c
update kernels 3.0, 3.2, 3.4, 3.8 and 3.9-rc
2013-04-26 09:12:35 +02:00
Mathijs Kwik
384de84023
linux-3.4: upgrade to 3.4.41
2013-04-19 14:53:00 +02:00
Mathijs Kwik
e20d9d0a97
linux-3.4: upgrade to 3.4.40
2013-04-14 00:35:39 +02:00
Mathijs Kwik
4eff34e602
linux-3.4: upgrade to 3.4.39
2013-04-06 20:45:29 +02:00
Mathijs Kwik
d0c6308da7
linux-3.4: upgrade to 3.4.38
2013-04-04 22:18:07 +02:00
Eelco Dolstra
f0d45e2e25
Linux kernel: Enable CONFIG_FHANDLE
...
This enables the open_by_handle_at(2) and name_to_handle_at(2)
syscalls. Systemd kind of requires this.
2013-03-27 23:00:02 +01:00