JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
221,780 Commits 2 Branches 0 Tags 12 GiB
8efe83c22e
Commit Graph

11246 Commits

Author SHA1 Message Date
Emily
8efe83c22e linux_*_hardened: don't set DEFAULT_MMAP_MIN_ADDR 
Upstreamed in anthraxx/linux-hardened@f1fe0a64dd.
 2020-04-17 16:13:39 +01:00
Emily
3d4c8ae901 linux_*_hardened: don't set VMAP_STACK 
This has been on by default upstream for as long as it's been an option.
 2020-04-17 16:13:39 +01:00
Emily
7d5352df31 linux_*_hardened: don't set X86_X32 
As far as I can tell, this has never defaulted to on upstream, and our
common kernel configuration doesn't turn it on, so the attack surface
reduction here is somewhat homeopathic.
 2020-04-17 16:13:39 +01:00
Emily
0d4f35efd4 linux_*_hardened: use linux-hardened patch set 
This is an updated version of the former upstream,
https://github.com/AndroidHardeningArchive/linux-hardened, and provides
a minimal set of additional hardening patches on top of upstream.

The patch already incorporates many of our hardened profile defaults,
and releases are timely (Linux 5.5.15 and 5.6.2 were released on
2020-04-02; linux-hardened patches for them came out on 2020-04-03 and
2020-04-04 respectively).
 2020-04-17 16:13:39 +01:00
Emily
3d01e802bd linux: explicitly enable SYSVIPC 
The linux-hardened patch set removes this default, probably because of
its original focus on Android kernel hardening.
 2020-04-17 16:12:29 +01:00
Tim Steinbach
e341107367
linux: 5.4.32 -> 5.4.33 2020-04-17 08:34:01 -04:00
Tim Steinbach
d9258d33be
linux: 4.19.115 -> 4.19.116 2020-04-17 08:34:01 -04:00
markuskowa
4289160b17
Merge pull request #85281 from r-ryantm/auto-update/rdma-core 
rdma-core: 28.0 -> 29.0
 2020-04-15 13:27:20 +02:00
R. RyanTM
d6d2b1ee6d rdma-core: 28.0 -> 29.0 2020-04-15 07:31:00 +00:00
Maximilian Bosch
401e07d419
Merge pull request #84551 from gnprice/pr-stripDebugList 
treewide: Fix types of stripDebugList attrs (and fix doc)
 2020-04-14 15:54:52 +02:00
Matthew Bauer
156c67858f
Merge pull request #85017 from r-ryantm/auto-update/android-udev-rules 
android-udev-rules: 20191103 -> 20200410
 2020-04-13 11:11:25 -04:00
Tim Steinbach
f6e64feb14
linux: 5.6.3 -> 5.6.4 2020-04-13 08:36:35 -04:00
Tim Steinbach
bba4a30f8c
linux: 5.5.16 -> 5.5.17 2020-04-13 08:36:27 -04:00
Tim Steinbach
2b6e16abe0
linux: 5.4.31 -> 5.4.32 2020-04-13 08:36:19 -04:00
Tim Steinbach
f47969645b
linux: 4.9.218 -> 4.9.219 2020-04-13 08:36:11 -04:00
Tim Steinbach
e06d2a4682
linux: 4.19.114 -> 4.19.115 2020-04-13 08:36:04 -04:00
Tim Steinbach
f717bfeedb
linux: 4.14.175 -> 4.14.176 2020-04-13 08:35:56 -04:00
Tim Steinbach
3a8f6159cb
linux: 4.4.218 -> 4.4.219 2020-04-13 08:35:32 -04:00
Maximilian Bosch
89d2967c9e
linuxPackages.bpftrace: 0.9.3 -> 0.9.4 
https://github.com/iovisor/bpftrace/releases/tag/v0.9.4
 2020-04-13 12:03:37 +02:00
R. RyanTM
b1d4fdad19 pam_krb5: 4.8 -> 4.9 2020-04-12 17:43:53 -07:00
R. RyanTM
1c0b645d7b
earlyoom: 1.5 -> 1.6 2020-04-12 09:09:57 +00:00
Edmund Wu
f9ac494891
rtkit: 0.11 -> 0.13 2020-04-11 21:36:43 -04:00
Edmund Wu
363004c7eb
rtkit: cleanup 2020-04-11 17:09:44 -04:00
R. RyanTM
64f80e3397 android-udev-rules: 20191103 -> 20200410 2020-04-11 18:24:40 +00:00
Andreas Stührk
9ddfde8977 v4l2loopback: 0.12.3 -> 0.12.4 2020-04-10 14:22:11 -07:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Dmitry Kalinkin
98790dab3b
Merge pull request #84680 from lovesegfault/nvidia-x11-440.82 
linuxPackages.nvidia_x11: 440.64 -> 440.82
 2020-04-09 00:16:46 -04:00
Bernardo Meurer
73ff54e7b9
linuxPackages.nvidia_x11: 440.64 -> 440.82 2020-04-08 20:01:41 -07:00
Peter Hoeg
f14b43a54c
Merge pull request #84716 from peterhoeg/p/g15daemon 
g15daemon: init at 1.9.5.3
 2020-04-09 09:56:26 +08:00
Michael Bishop
70308c5c56
device-tree_rpi: fix platforms 2020-04-08 12:54:58 -03:00
Jörg Thalheim
fe8875a363
Merge pull request #84597 from NixOS/acpi-call 
linuxPackages.acpi-call: switch to nix-community fork
 2020-04-08 15:34:01 +01:00
Jörg Thalheim
1ae03c9db1
linuxPackages.acpi-call: switch to nix-community fork 
This fixes also build against linux 5.6
We also took the opportunity to cleanup the build.
 2020-04-08 15:03:53 +01:00
Tim Steinbach
7bd91fe7af
linux: 5.6.2 -> 5.6.3 2020-04-08 08:51:08 -04:00
Tim Steinbach
1c637d2326
linux: 5.5.15 -> 5.5.16 2020-04-08 08:51:07 -04:00
Tim Steinbach
5653337922
linux: 5.4.30 -> 5.4.31 2020-04-08 08:51:07 -04:00
Peter Hoeg
0669cd72ae g15daemon: init at 1.9.5.3 2020-04-08 20:49:49 +08:00
Silvan Mosberger
b293421a69
Merge pull request #84129 from Infinisil/removing-python-from-grub 
Support removing python from zfs/grub closure
 2020-04-08 12:53:28 +02:00
Jörg Thalheim
b3a9a65955
Merge pull request #84595 from NixOS/zfs 
zfs: fix build against 5.6
 2020-04-08 10:14:11 +01:00
worldofpeace
d9a056953c
Merge pull request #81693 from lovesegfault/uvcdynctrl-udev 
uvcdynctrl: fix udev files
 2020-04-07 23:38:50 -04:00
worldofpeace
9fa5658672
Merge pull request #84161 from lovesegfault/ddcci-0.3.3 
ddcci: 0.3.2 -> 0.3.3
 2020-04-07 23:36:12 -04:00
R. RyanTM
53c6b76dc4 fwts: 20.02.00 -> 20.03.00 2020-04-07 19:35:21 -07:00
Silvan Mosberger
0a43c6e0f9
zfs: Add enablePython argument 
Reduces closure size with it disabled from 236.0M to 176.7M
 2020-04-08 02:29:03 +02:00
Jörg Thalheim
75c28ebdf7
zfs: fix build against 5.6 2020-04-07 13:00:55 +01:00
Bernardo Meurer
fe9b7e6281
uvcdynctrl: fix udev files 2020-04-07 00:35:53 -07:00
Bernardo Meurer
79045d9051
linuxPackages.ddcci-driver: 0.3.2 -> 0.3.3 2020-04-07 00:34:54 -07:00
Greg Price
7547cf9dfc treewide: Fix up stripDebugList attrs to be lists. 
The documentation says this should be a list, and it already is in
about half the expressions that set it.

The difference doesn't matter at present, because these values are all
space-free literals.  But it will in a future with __structuredAttrs .

(The similar attr stripAllList has no users in the nixpkgs tree, so
there's nothing to do to fix any of those up.)
 2020-04-06 21:26:52 -07:00
Dmitry Kalinkin
9b0d2f3fd1
Merge pull request #84163 from lovesegfault/nvidia-x11-440.64 
linuxPackages.nvidia_x11: 440.59 -> 440.64
 2020-04-06 18:24:27 -04:00
Jörg Thalheim
a737f030cf
Merge pull request #71481 from eadwu/bcachefs/update-10 
bcachefs: update 10
 2020-04-06 15:43:36 +01:00
Edmund Wu
04a5e5ab7c
linux_testing_bcachefs: 5.3.2020.03.25 -> 5.3.2020.04.04 2020-04-06 10:29:33 -04:00
Jörg Thalheim
b2aa0bbf46
Merge pull request #84422 from r-ryantm/auto-update/lxcfs 
lxcfs: 4.0.0 -> 4.0.1
 2020-04-06 13:17:41 +01:00