JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
347,093 Commits 2 Branches 0 Tags 12 GiB
c392f1e9cb
Commit Graph

5573 Commits

Author SHA1 Message Date
Sandro
c392f1e9cb
Merge pull request #155606 from SuperSandro2000/Lunarequest/master 2022-01-19 12:37:32 +01:00
nullrequest
eff260aaf2
linux config: enable Landlock LSM 2022-01-19 12:12:03 +01:00
TredwellGit
7c410af47e linux/hardened/patches/5.4: 5.4.171-hardened1 -> 5.4.172-hardened1 2022-01-19 01:35:46 +00:00
TredwellGit
632c0297ce linux/hardened/patches/5.15: 5.15.14-hardened1 -> 5.15.15-hardened1 2022-01-19 01:35:37 +00:00
TredwellGit
7bc3a9ee46 linux/hardened/patches/5.10: 5.10.91-hardened1 -> 5.10.92-hardened1 2022-01-19 01:35:28 +00:00
TredwellGit
3aec9d28ba linux: 5.4.171 -> 5.4.172 2022-01-19 01:34:30 +00:00
TredwellGit
ea3bccf3b8 linux: 5.16 -> 5.16.1 2022-01-19 01:34:23 +00:00
TredwellGit
05ad09bd54 linux: 5.15.14 -> 5.15.15 2022-01-19 01:34:15 +00:00
TredwellGit
0b04210a04 linux: 5.10.91 -> 5.10.92 2022-01-19 01:34:07 +00:00
Pavol Rusnak
6c18c013f4
Merge pull request #154348 from Stunkymonkey/treewide-pname-version-5 
treewide: rename name to pname&version
 2022-01-17 21:05:32 +01:00
Felix Buehler
6cbf83ba01 treewide: rename name to pname&version 2022-01-17 20:52:59 +01:00
Bernardo Meurer
4fa2647449
Merge pull request #154994 from mweinelt/kernel-disable-unpriv-ebpf 
linux: enable BPF_UNPRIV_DEFAULT_OFF on 5.10 and later
 2022-01-16 00:46:51 +00:00
Martin Weinelt
3ee206291a
linux: enable BPF_UNPRIV_DEFAULT_OFF between 5.10 and 5.15 
Disable unprivileged access to BPF syscalls to prevent denial of service
and privilege escalation via

a) potential speculative execution side-channel-attacks on unmitigated
hardware[0]

or

b) unvalidated memory access in ringbuffer helper functions[1].

Fixes: CVE-2021-4204, CVE-2022-23222

[0] https://ebpf.io/summit-2021-slides/eBPF_Summit_2021-Keynote-Daniel_Borkmann-BPF_and_Spectre.pdf
[1] https://www.openwall.com/lists/oss-security/2022/01/13/1
 2022-01-15 23:44:19 +01:00
TredwellGit
e19681509b linux/hardened/patches/5.4: 5.4.170-hardened1 -> 5.4.171-hardened1 2022-01-14 02:25:10 +00:00
TredwellGit
ead5545be3 linux/hardened/patches/5.15: 5.15.12-hardened1 -> 5.15.14-hardened1 2022-01-14 02:25:01 +00:00
TredwellGit
f14a7feff2 linux/hardened/patches/5.10: 5.10.89-hardened1 -> 5.10.91-hardened1 2022-01-14 02:24:52 +00:00
TredwellGit
56224051e3 linux/hardened/patches/4.19: 4.19.224-hardened1 -> 4.19.225-hardened1 2022-01-14 02:24:42 +00:00
TredwellGit
230a6813d9 linux/hardened/patches/4.14: 4.14.261-hardened1 -> 4.14.262-hardened1 2022-01-14 02:24:34 +00:00
TredwellGit
c5f9bb4d21 linux-rt_5_4: 5.4.161-rt67 -> 5.4.170-rt68 2022-01-14 02:23:37 +00:00
TredwellGit
61dd0c8e85 linux: 5.4.170 -> 5.4.171 2022-01-11 16:37:55 +00:00
TredwellGit
4cf69dc13a linux: 5.15.13 -> 5.15.14 2022-01-11 16:37:49 +00:00
TredwellGit
caa8c4963d linux: 5.10.90 -> 5.10.91 2022-01-11 16:37:40 +00:00
TredwellGit
84e167d8b3 linux: 4.9.296 -> 4.9.297 2022-01-11 16:37:32 +00:00
TredwellGit
e30d75558e linux: 4.4.298 -> 4.4.299 2022-01-11 16:37:26 +00:00
TredwellGit
7bf2f23df2 linux: 4.19.224 -> 4.19.225 2022-01-11 16:37:20 +00:00
TredwellGit
169ed1335f linux: 4.14.261 -> 4.14.262 2022-01-11 16:37:14 +00:00
Bernardo Meurer
5f36161ae1
linuxKernel.kernels: mark {IO_,}STRICT_DEVMEM optional to unbreak hardened kernels 2022-01-10 17:49:30 -03:00
Alyssa Ross
0a99fa0331 linux_latest: 5.15.12 -> 5.16 2022-01-10 16:32:48 +00:00
Bernardo Meurer
c1376aedd7
linuxKernel.kernels: also enable SND_SOC_SOF_INTEL_SOUNDWIRE_LINK between 5.10-5.11 2022-01-10 11:15:24 -03:00
Brandon Weeks
8f200e0e38 linux: enable IO_STRICT_DEVMEM 2022-01-09 21:34:42 -08:00
Bernardo Meurer
501a2c13cc
Merge pull request #154181 from brandonweeks/debug_list 2022-01-10 04:48:21 +00:00
Nelson Jeppesen
935303fd36 linux config: SND_SOC_INTEL_SOUNDWIRE_SOF_MACH >= 5.10 
Enable for SND_SOC_INTEL_SOUNDWIRE_SOF_MACH kernel module. This is used
on some 10/11th gen Intel laptops such as the XPS 17 97[00|10]

Enable SND_SOC_INTEL_USER_FRIENDLY_LONG_NAMES as well - this is required dep
 2022-01-09 19:28:24 -08:00
Brandon Weeks
b39c01b69c linux: enable DEBUG_LIST 2022-01-09 11:46:32 -08:00
Dmitry Kalinkin
477540469e
Merge branch 'master' into staging-next 
Conflicts:
	pkgs/development/python-modules/gradient-utils/default.nix
	pkgs/development/python-modules/gradient/default.nix
 2022-01-08 02:39:35 -05:00
TredwellGit
a40d8182da linux/hardened/patches/5.4: 5.4.169-hardened1 -> 5.4.170-hardened1 2022-01-07 22:02:22 +00:00
TredwellGit
2fe8933a62 linux/hardened/patches/4.19: 4.19.223-hardened1 -> 4.19.224-hardened1 2022-01-07 22:02:15 +00:00
TredwellGit
99a4be5a2d linux/hardened/patches/4.14: 4.14.260-hardened1 -> 4.14.261-hardened1 2022-01-07 22:02:08 +00:00
TredwellGit
fa0e80ce0d linux-rt_5_10: 5.10.87-rt59 -> 5.10.90-rt60 2022-01-07 22:01:23 +00:00
TredwellGit
4594d2494f linux: 5.4.169 -> 5.4.170 2022-01-07 22:00:30 +00:00
TredwellGit
066a0b1197 linux: 5.15.12 -> 5.15.13 2022-01-07 22:00:23 +00:00
TredwellGit
6bcc2e3529 linux: 5.10.89 -> 5.10.90 2022-01-07 22:00:15 +00:00
TredwellGit
b2ac2d62f8 linux: 4.9.295 -> 4.9.296 2022-01-07 22:00:07 +00:00
TredwellGit
0fb1f45869 linux: 4.4.297 -> 4.4.298 2022-01-07 22:00:01 +00:00
TredwellGit
e22fa956c3 linux: 4.19.223 -> 4.19.224 2022-01-07 21:59:56 +00:00
TredwellGit
ce05c553ad linux: 4.14.260 -> 4.14.261 2022-01-07 21:59:50 +00:00
github-actions[bot]
8a0e129af2
Merge master into staging-next 2022-01-06 06:01:38 +00:00
Bernardo Meurer
4d25f9d8e6
Merge pull request #153522 from TredwellGit/linux 
Kernels 2022-01-04
 2022-01-06 01:36:38 +00:00
github-actions[bot]
0d3fe41724
Merge master into staging-next 2022-01-05 18:01:06 +00:00
Vincent Haupert
8bedcacaf1 linux: enable X86_SGX{_KVM} on x86_64 only 
The config option X86_SGX is available on x86_64-linux only; i686-linux
is not supported.

https://github.com/torvalds/linux/blob/55a677b/arch/x86/Kconfig#L1914
 2022-01-05 00:36:55 +01:00
TredwellGit
babb121da8 linux/hardened/patches/5.4: 5.4.167-hardened1 -> 5.4.169-hardened1 2022-01-04 22:49:05 +00:00