Commit Graph

8962 Commits

Author SHA1 Message Date
Joachim Fasting
dfd77a046d
hardened-config: ensure STRICT_KERNEL_RWX
This is y in the default config, but enable it explicitly here to catch
situations where it has been disabled (explicitly or implicitly).
2019-01-05 14:07:35 +01:00
Joachim Fasting
1801aad7b8
hardened-config: clarify MODIFY_LDT_SYSCALL
This likely never worked; MODIFY_LDT_SYSCALL depends on EXPERT; enabling
EXPERT however seems to introduce quite a few changes that would need to be
properly vetted.

The version guard is unnecessary, however, as this config has been supported
since 4.3.
2019-01-05 14:07:34 +01:00
Joachim Fasting
abc8ed3fca
hardened-config: clarify readonly LSM hooks config
SECURITY_WRITABLE_HOOKS is implicitly controlled by SECURITY_SELINUX_DISABLE;
explicitly unsetting results in an error because the configfile builder fails
to detect that it has in fact been unset (reporting it as an unused option).
For now, leave WRITABLE_HOOKS as an "optional" config for documentation
purposes.
2019-01-05 14:07:33 +01:00
Joachim Fasting
c68e8b05f0
Revert "linux-hardened: Disable GCC_PLUGIN_RANDSTRUCT"
This reverts commit 5dda1324be.

Presumably this was done to work around build errors or something but it
works fine now.
2019-01-05 14:07:21 +01:00
Michael Weiss
e7e18206dd
fuse: 2.9.8 -> 2.9.9 2019-01-05 02:26:02 +01:00
Joachim F
893c51bda8
Merge pull request #53369 from delroth/kernel-hardening
Re-add security features based on GCC plugins in 4.18+ hardened kernels
2019-01-04 21:49:53 +00:00
Pierre Bourdon
0f7ca26a48
kernel/hardened-config.nix: add STACKLEAK plugin on 4.20+ 2019-01-04 22:24:50 +01:00
Pierre Bourdon
9dc0d94896
kernel/hardened-config.nix: re-enable GCC plugins 2019-01-04 22:24:50 +01:00
Pierre Bourdon
c789f642f0
kernel/generic.nix: provide required dependencies for GCC plugins builds 2019-01-04 22:24:50 +01:00
Dominik Xaver Hörl
b7967e9dc4 dbus-broker: 13 -> 17 2019-01-04 14:36:30 +01:00
Benno Fünfstück
7817aa3641
linux-rpi: set correct hydraPlatforms (#53325) 2019-01-03 22:42:14 +01:00
Jörg Thalheim
31682848cb
android-udev-rules: 20180112 -> 20181031 2019-01-03 20:56:39 +01:00
Joachim F
88c516dd55
Merge pull request #52606 from lopsided98/linux-hardkernel-update
linux_hardkernel_4_14: 4.14.85-152 -> 4.14.87-153
2019-01-02 18:16:47 +00:00
David Guibert
d8e907ba18 conky: 1.11.0 -> 1.11.1 (#53157)
This fixes #52797.
2019-01-02 09:54:22 +01:00
Jan Tojnar
b2b921bdca
Merge pull request #53149 from jtojnar/qrencode-cleanup
qrencode: merge with libqrencode
2019-01-02 02:18:22 +01:00
R. RyanTM
46e7ce0526 lxc: 3.0.2 -> 3.0.3 (#52239)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/lxc/versions
2019-01-01 20:35:37 +01:00
Jan Tojnar
c5c2ac4f45
qrencode: merge with libqrencode 2019-01-01 17:19:07 +01:00
Tim Steinbach
d6805baded
linux: 4.19.12 -> 4.19.13 2018-12-30 09:57:54 -05:00
Tim Steinbach
226eb52715
linux: 4.14.90 -> 4.14.91 2018-12-30 09:57:54 -05:00
Tim Steinbach
a7bd7a38ea
linux: 4.9.147 -> 4.9.148 2018-12-30 09:57:53 -05:00
Ivan Kozik
1c8fea18e2 kernel/patches.nix: remove hard tabs 2018-12-28 09:06:56 +01:00
Dmitry Kalinkin
3edd5cb227
Merge pull request #51294 from eadwu/nvidia_x11/legacy_390
nvidia: expose nvidia_x11_legacy390
2018-12-27 09:08:53 -05:00
markuskowa
98561c789c
Merge pull request #52597 from lopsided98/lvm2-no-parallel
lvm2: disable parallel building
2018-12-27 14:21:25 +01:00
Samuel Dionne-Riel
889ef35303 linuxPackages_4_{19,20}: works around bug with overlayfs.
See: https://github.com/NixOS/nixpkgs/issues/48828#issuecomment-445208626
2018-12-26 22:51:31 +00:00
Samuel Dionne-Riel
7093970e1d linuxPackages.ena: 1.5.2 -> 2.0.2 2018-12-26 11:03:10 +00:00
Samuel Dionne-Riel
d8cf1db93f linuxPackages.ndiswrapper: updated to fix build on recent kernels
While the upstream commit says 4.18, it builds for 4.19 and 4.20.
2018-12-26 11:03:10 +00:00
Craig Younkins
8b12b17df3
treewide: Fix broken Gmane URLs 2018-12-25 22:34:55 -05:00
Ben Wolsieffer
369af2f5b2 lvm2: disable parallel building 2018-12-24 15:10:48 -05:00
Michael Raskin
aac3ae3be6
Merge pull request #52762 from r-ryantm/auto-update/sysdig
linuxPackages.sysdig: 0.24.1 -> 0.24.2
2018-12-24 18:18:04 +00:00
Tim Steinbach
24cdaa7b48
linux-libre: 15715 -> 15814 2018-12-24 12:33:24 -05:00
Tim Steinbach
8f9c2f9726
linux: Add 4.20 2018-12-24 12:33:24 -05:00
R. RyanTM
4fa7bbf486 linuxPackages.sysdig: 0.24.1 -> 0.24.2
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/sysdig/versions
2018-12-24 02:17:58 -08:00
Michael Weiss
1259a24c05 fuse3: 3.3.0 -> 3.4.1 2018-12-22 17:56:42 +01:00
Tim Steinbach
af6c117fac
linux: 4.19.11 -> 4.19.12 2018-12-21 09:11:02 -05:00
Tim Steinbach
dea57f15e9
linux: 4.14.89 -> 4.14.90 2018-12-21 09:10:54 -05:00
Tim Steinbach
a5f447e16a
linux: 4.9.146 -> 4.9.147 2018-12-21 09:10:45 -05:00
Tim Steinbach
54ce2e016b
linux: 4.4.168 -> 4.4.169 2018-12-21 09:10:24 -05:00
Tim Steinbach
98ac5710bd
kernel-config: CIFS_POSIX no longer exists 2018-12-21 09:10:17 -05:00
Ben Wolsieffer
2b02350d39 linux_hardkernel_4_14: 4.14.85-152 -> 4.14.87-153 2018-12-20 21:15:07 -05:00
Maximilian Bosch
66bea3d206
Merge pull request #52538 from dtzWill/update/fwts-18.12.00
fwts: 18.11.00 -> 18.12.00
2018-12-20 19:35:58 +01:00
Tim Steinbach
1b84b9f725
linux: 4.19.10 -> 4.19.11 2018-12-20 10:46:17 -05:00
Will Dietz
76127c322d fwts: enable parallel building 2018-12-19 13:37:57 -06:00
Will Dietz
926965d4b1 fwts: 18.11.00 -> 18.12.00 2018-12-19 13:37:31 -06:00
Frederik Rietdijk
911d1853ca Merge master into staging-next 2018-12-19 08:57:41 +01:00
Tim Steinbach
4d14879081
linux: 4.4.167 -> 4.4.168 2018-12-18 09:12:34 -05:00
Frederik Rietdijk
826ab7026e Merge master into staging-next 2018-12-18 09:22:17 +01:00
Matthew Bauer
06bf67d7dd
Merge pull request #51018 from plchldr/rtl8821a
rtl8821a: init at 5.1.5
2018-12-17 23:36:36 -06:00
Tim Steinbach
31ddf1f136
linux: 4.19.9 -> 4.19.10 2018-12-17 09:19:41 -05:00
Tim Steinbach
c5234d7dbd
linux: 4.14.88 -> 4.14.89 2018-12-17 09:19:41 -05:00
Tim Steinbach
53c490a7ee
linux: 4.9.145 -> 4.9.146 2018-12-17 09:19:41 -05:00