Commit Graph

6094 Commits

Author SHA1 Message Date
Joachim Fasting
62f2a1c2be
linux_hardened: init
The rationale for this is to have a place to enable hardening features
that are either too invasive or that may be speculative/yet proven to be
worthwhile for general-purpose kernels.
2017-04-30 12:05:39 +02:00
Jörg Thalheim
6af952fac8
rtkit: fix meta attr 2017-04-29 10:49:12 +02:00
Dan Peebles
90b9719f4f treewide: fix the remaining issues with meta attributes 2017-04-29 04:24:34 +00:00
Joachim Fasting
32b8512e54
grsecurity: discontinue support
Upstream has decided to make -testing patches private, effectively ceasing
free support for grsecurity/PaX [1].  Consequently, we can no longer
responsibly support grsecurity on NixOS.

This patch turns the kernel and patch expressions into build errors and
adds a warning to the manual, but retains most of the infrastructure, in
an effort to make the transition smoother.  For 17.09 all of it should
probably be pruned.

[1]: https://grsecurity.net/passing_the_baton.php
2017-04-28 12:35:15 +02:00
Tim Steinbach
7f3b857d0d
linux: 4.4.63 -> 4.4.64 2017-04-27 22:12:35 -04:00
Tim Steinbach
08c44a5cac
linux: 4.10.12 -> 4.10.13 2017-04-27 22:10:06 -04:00
Tim Steinbach
903fec9922
linux: 4.9.24 -> 4.9.25 2017-04-27 22:07:34 -04:00
Kranium Gikos Mendoza
e57bcc7106 facetimehd-firmware: disable aarch64-linux builds 2017-04-26 03:09:24 +03:00
Kranium Gikos Mendoza
88be2f7080 facetimehd: disable aarch64-linux builds 2017-04-26 03:09:24 +03:00
Jörg Thalheim
bd47d04294 Merge pull request #25146 from zx2c4/remove-old-chromiumos
linux-chromiumos: remove 3.14
2017-04-25 07:32:51 +02:00
Daniel Peebles
3ae7f249da Merge pull request #25187 from obsidiansystems/remove-stray-kernel-headers
linux-headers: Remove stray linux headers 3.18 nix file
2017-04-24 23:07:58 -04:00
Vladimír Čunát
d965e119f2
Merge #24749: amdgpu-pro: 16.60 -> 17.10 2017-04-24 21:53:50 +02:00
John Ericson
d4fb8cfc09 linux-headers: Remove stray linux headers 3.18 nix file
In dced724c00 this derivation was
unexposed along (in all-packages.nix) with the removal of linux 3.18[1].
I think this file was left behind by mistake.

[1]: dced724c00 (diff-036410e9211b4336186fc613f7200b12L11174)
2017-04-24 15:25:52 -04:00
Jörg Thalheim
7c44277d38 Merge pull request #25127 from zx2c4/patch-3
wireguard: 0.0.20170409 -> 0.0.20170421
2017-04-24 19:28:23 +02:00
Tuomas Tynkkynen
84982c28de Merge remote-tracking branch 'upstream/master' into staging 2017-04-24 15:04:43 +03:00
evujumenuk
aef776836d zfs: Bump incompatibleKernelVersion to "4.11"
https://github.com/zfsonlinux/zfs/releases/tag/zfs-0.6.5.9 attests compatibility with kernel versions up to 4.10.x.
2017-04-23 16:05:38 +02:00
Jason A. Donenfeld
b1750d699c linux-chromiumos: remove 3.14
3.14 is no longer supported upstream by kernel.org and thus no longer
receives security patches. The git commit mentioned in this .nix isn't
even available in the linked repository --
https://chromium.googlesource.com/chromiumos/third_party/kernel -- so I
think this .nix might be dead anyway. Finally, it specifies 3.14.0,
which is so ridiculously old (the latest was 3.14.79) that nobody
develops for it.

Fixes: #25145
Supports: #25127
2017-04-23 15:47:46 +02:00
Jörg Thalheim
8deb0e104f
wireguard: do not fail on warning for older kernel 2017-04-23 13:36:02 +02:00
Jörg Thalheim
600a2f2746
wireguard: make myself maintainer 2017-04-23 13:35:52 +02:00
Frederik Rietdijk
4fc9b1852a Merge remote-tracking branch 'upstream/master' into HEAD 2017-04-23 11:26:47 +02:00
Jason A. Donenfeld
75608e1bb3 wireguard: 0.0.20170409 -> 0.0.20170421 2017-04-22 23:34:38 +02:00
Joachim Fasting
9e6c96f8fc
grsecurity: 4.9.24-201704210851 -> 4.9.24-2201704220732 2017-04-22 16:37:24 +02:00
Joachim Fasting
05911da7bb
grsecurity: 4.9.23-201704181901 -> 4.9.24-201704210851 2017-04-21 15:09:32 +02:00
Tim Steinbach
7fb1b54cc1
linux: 4.4.62 -> 4.4.63 2017-04-21 08:03:43 -04:00
Tim Steinbach
1b3282d52d
linux: 4.10.11 -> 4.10.12 2017-04-21 08:01:22 -04:00
Tim Steinbach
4dda88c89d
linux: 4.9.23 -> 4.9.24 2017-04-21 07:58:45 -04:00
Linus Heckemann
7e34a9c397 util-linux: fix path to umount in eject 2017-04-20 15:52:31 +01:00
Jörg Thalheim
b61e9f6d24
linuxPackages.broadcom-sta: patch file was not named correctly 2017-04-20 08:14:01 +02:00
Jörg Thalheim
f0f9cad9f2
linuxPackages.broadcom-sta: add patch to repo
fetchPatch was unreliable and the checksum kept breaking all the time
2017-04-20 07:05:50 +02:00
Joachim Fasting
9902d63e84
grsecurity: 4.9.22-201704120836 -> 4.9.23-201704181901 2017-04-20 00:21:41 +02:00
Tim Steinbach
7643c7c8cc
linux: 4.4.61 -> 4.4.62 2017-04-18 08:22:23 -04:00
Tim Steinbach
5283e644ce
linux: 4.10.10 -> 4.10.11 2017-04-18 08:20:40 -04:00
Tim Steinbach
1173fe0b49
linux: 4.9.22 -> 4.9.23 2017-04-18 08:15:48 -04:00
John Ericson
37e5e71fdf Merge pull request #24974 from Ericson2314/mapNullable
Introduce `mapNullable` into lib and use it in a few places
2017-04-17 17:12:14 -04:00
John Ericson
85aa5005af Introduce mapNullable into lib and use it in a few places
Also simply some configure flag logic my grep also alerted me too.
2017-04-17 17:04:04 -04:00
Tobias Pflug
d857b2d2fa broadcom-sta: fix linux-4.8 patch sha 2017-04-17 17:07:37 +02:00
Tim Steinbach
5a7b029fa9
linux: 4.11-rc6 -> 4.11-rc7 2017-04-17 07:41:19 -04:00
Victor Calvert
71d8ce6f4b nvidia: 340.101 -> 340.102 (#24694) 2017-04-16 22:08:20 +02:00
Vladimír Čunát
9ee2143912
treewide: remove unused buildEnv parameters 2017-04-16 10:29:49 +02:00
John Ericson
3bff114d95 Merge pull request #24871 from elitak/cross-staging
Various small crossDrv fixes
2017-04-15 01:27:05 -04:00
Eric Litak
f89504d067 kmod: crossDrv should use native xz 2017-04-14 18:03:49 -07:00
Tuomas Tynkkynen
3ed0d7e2df kernel-config: Explicitly enable CONFIG_NETFILTER
This is needed by the NixOS firewall, but isn't enabled by the ARM
defconfig nor kernelAutoModules (as 'm' doesn't seem to be an option)
2017-04-14 20:43:50 +03:00
Vladimír Čunát
2090aa4f65
Merge: fixup a bad merge
For details see:
https://github.com/NixOS/nixpkgs/commit/24444513fb5#commitcomment-21767916
2017-04-14 19:11:17 +02:00
Vladimír Čunát
6617c8bd87
A fixed version of commit eb750f9a7b
For detailed explanation see:
https://github.com/NixOS/nixpkgs/commit/24444513fb5#commitcomment-21767916
2017-04-14 18:59:36 +02:00
Vladimír Čunát
24444513fb
Merge branch 'staging' 2017-04-14 10:32:13 +02:00
Marco Maggesi
1dee38f259 BLCR 0.8.5b4 *do* work with Linux 3.10. 2017-04-13 14:15:27 +02:00
Joachim Fasting
3fa5605b41
grsecurity: 4.9.21-201704091948 -> 4.9.22-201704120836 2017-04-12 18:58:29 +02:00
Tim Steinbach
5f05792417
linux: 4.4.60 -> 4.4.61 2017-04-12 09:17:53 -04:00
Tim Steinbach
6860eedfd6
linux: 4.10.9 -> 4.10.10 2017-04-12 09:16:08 -04:00
Tim Steinbach
224a8f7358
linux: 4.9.21 -> 4.9.22 2017-04-12 09:13:56 -04:00