Commit Graph

4721 Commits

Author SHA1 Message Date
Robin Gloster
7c206e8c4c linuxPackages.spl: no pic hardening 2016-02-07 22:45:34 +00:00
Robin Gloster
33a0e63fbf linuxPackages.v4l2loopback: no format/pic hardening 2016-02-07 22:45:28 +00:00
Robin Gloster
543dfcc686 disk_indicator: turn off hardening fortify 2016-02-07 19:26:33 +00:00
Robin Gloster
9229e9c656 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-07 11:17:57 +00:00
Eelco Dolstra
20b54bd989 Merge pull request #12724 from abbradar/udev-hwdb
udev service: generate hwdb database from all udev packages
2016-02-03 14:24:11 +01:00
Tuomas Tynkkynen
7db1cba057 kernel: Let the kernel build system strip modules
Since commit 48f51f1185 we let the kernel build system compress the
modules, which makes the original strip expression not work. Let the
kernel build system strip them as well so they get stripped.
2016-02-02 22:47:32 +02:00
Eelco Dolstra
7b772ae398 linux: Update to 3.10.96, 3.12.53, 3.14.60, 3.18.26, 4.1.17, 4.4.1 2016-02-02 16:38:42 +01:00
Eelco Dolstra
48f51f1185 linux: Compress kernel modules
This reduces the kernel package from 185 to 62 MiB, for a neglible
boot time cost.
2016-02-01 18:19:23 +01:00
Eelco Dolstra
72a30ae66f linux: Use $SOURCE_DATE_EPOCH as the build timestamp 2016-02-01 18:19:23 +01:00
Eelco Dolstra
0a7cd3c110 Remove unused file 2016-02-01 18:19:23 +01:00
Nikolay Amiantov
5404714997 systemd: add a notice to remove makeFlags on update 2016-02-01 20:15:29 +03:00
Robin Gloster
d2d9b7a7bc drbd: set DESTDIR 2016-02-01 18:11:36 +01:00
Lluís Batlle i Rossell
b2dc647c1e linux: adding PCI Expresscard Hotplug support 2016-02-01 11:07:08 +01:00
Peter Simons
b7badc6be0 powertop: call "xset" from $PATH
Patch the source code to find "xset" in $PATH rather than expecting the
hard-coded path "/usr/bin/xset" to work. I've decided *not* to hard-code
a proper path like "${xset}/bin/xset", because that reference greatly
increases the size of the powertop closure. Since "xset" is required
only for --calibrate (and that even seems to work fine without it), it
felt like an optional dependency is more appropriate in this case.

Thanks to @heydojo locating the source code file that needs patching.

Fixes https://github.com/NixOS/nixpkgs/issues/12662.
2016-01-31 21:44:36 +01:00
Arseniy Seroka
bc0b9b7eb0 Merge pull request #12696 from zimbatm/firmware-linux-nonfree
firmware-linux-nonfree: update to master
2016-01-31 15:31:36 +03:00
Tobias Geerinckx-Rice
d28a06553e pagemon: 1.01.06 -> 1.01.07
Changes:
  * Mix checksum up a bit more and return OK if nothing has changed
  * Optimize page reading, reduced by ~2% CPU
  * Add perf page statistics 'p' option
  * Add OOM score to VM stats
  * Optimize read_maps: don't re-scan page mapping if nothing changed
  * Reduce amount of seeks and reads on pagemap data

More: https://github.com/ColinIanKing/pagemon/blob/master/debian/changelog
2016-01-31 02:32:11 +01:00
zimbatm
de68a49259 firmware-linux-nonfree: update to master 2016-01-30 23:55:07 +00:00
Robin Gloster
cce1bad2e1 dmraid: add patch to build with format hardening 2016-01-30 16:36:57 +00:00
Robin Gloster
78a1ae85ed drbd: set DESTDIR 2016-01-30 16:36:57 +00:00
Robin Gloster
1581f25a07 multipath-tools: no format hardening 2016-01-30 16:36:57 +00:00
Robin Gloster
f6d3b7a2ae switch hardening flags 2016-01-30 16:36:57 +00:00
Franz Pletz
954e9903ad Use a hardened stdenv by default 2016-01-30 16:36:57 +00:00
Franz Pletz
bfded63cf8 Merge pull request #12676 from datakurre/datakurre-pam_2uf
pam_u2f: 1.0.1 -> 1.0.4
2016-01-30 15:54:58 +01:00
Asko Soukka
da79b5305e pam_u2f: 1.0.1 -> 1.0.4 2016-01-29 20:49:29 +02:00
Tobias Geerinckx-Rice
de43878f09 pagemon: init at 0.01.06 2016-01-27 04:42:12 +01:00
Tobias Geerinckx-Rice
32f4fb1ef5 nfs-utils: 1.3.2 -> 1.3.3
A very noisy change log is available for download at:
http://sourceforge.net/projects/nfs/files/nfs-utils/1.3.3/1.3.3-Changelog/download
2016-01-27 01:16:21 +01:00
Tobias Geerinckx-Rice
ac33b4724a More version attribute tidying where maintainers |= nckx 2016-01-25 20:08:34 +01:00
Tobias Geerinckx-Rice
9fb8020e4e Add version attribute where maintainers |= nckx
This will probably be mandatory soon, and is a step in the right
direction. Removes the deprecated meta.version, and move some meta
sections to the end of the file where I should have put them in
the first place.
2016-01-25 17:35:21 +01:00
Franz Pletz
c485ba1c66 batman-adv: 2015.2 -> 2016.0 2016-01-24 05:20:18 +01:00
Dan Peebles
ef1f64106f kernel: add back the patch I just removed by accident 2016-01-24 04:12:17 +00:00
Dan Peebles
78956c77c0 linux: 4.3.3 -> 4.34 (and update grsecurity patches, too) 2016-01-24 03:53:46 +00:00
Tobias Geerinckx-Rice
32d40f0f98 Remove no longer (or never) referenced patches
55 files changed, 6041 deletions. Tested with `nix-build -A tarball`.
2016-01-24 02:02:21 +01:00
Philipp Volguine
af2b47646c Merge remote-tracking branch 'philhub/master' 2016-01-23 21:19:34 +00:00
Philipp Volguine
7c4830f3b7 Version bump of e1000e driver (2.5.4 -> 3.3.1) 2016-01-23 21:17:56 +00:00
Austin Seipp
d787c2258b nixpkgs: systemd - add some more dependencies
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2016-01-23 17:48:41 +00:00
Dan Peebles
8f9aea9ccc grsecurity: fix kernel config and uncomment grsecurity kernels 2016-01-23 16:58:44 +00:00
Dan Peebles
bffc446394 paxtest: init at 0.9.14 2016-01-23 14:36:08 +00:00
Dan Peebles
33cf0792b1 grsecurity-testing: update patches and associated kernel version 2016-01-23 14:29:34 +00:00
Nikolay Amiantov
29785c5b7a Merge pull request #12309 from zohl/chromiumos-kernel
Add ChromiumOS kernels
2016-01-23 13:13:59 +03:00
Nikolay Amiantov
34769a3d72 Merge pull request #12508 from heydojo/ati-drivers-backport
ati-drivers: Restore opengl & direct rendering
2016-01-23 12:00:19 +03:00
Vladimír Čunát
0957359568 Merge branch 'staging' 2016-01-22 13:48:35 +01:00
aszlig
8c4256e651
lvm2: 2.02.132 -> 2.02.140
Upstream changelog can be found at:

https://git.fedorahosted.org/cgit/lvm2.git/tree/WHATS_NEW?h=v2_02_140&id=0faa27d4f55abcda5fa94ef92343eb44e95ada89

I have tested this with:

nix-build nixos/release.nix -A tests.installer.lvm.x86_64-linux

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-22 13:30:43 +01:00
Luca Bruno
4ac19877d7 Merge pull request #12522 from mbakke/bluez-5.37
bluez5: 5.36 -> 5.37
2016-01-21 21:21:27 +01:00
aszlig
05fed13de3
multipath_tools: Cleanup and update to v0.5.0
Previously, version 0.4.9 was a tarbomb and in version 0.5.0 this
fortunately isn't the case anymore so we don't need to set sourceRoot by
ourselves.

I've also moved the definition of makeFlagsArray to the attribute
makeFlags, because we can use $(var) to substitute shell variables
within make.

The references to /lib/udev/scsi_id no longer exist in version 0.5.0 and
it seems that libudev is used directly.

Nevertheless, there are still references to FHS paths such as /var/run,
/etc/multipath.conf and /etc/multipath but these are only relevant at
runtime and can be configured to point to a different path elsewhere.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-01-21 16:18:13 +01:00
Marius Bakke
889ebe6b28 bluez5: 5.36 -> 5.37 2016-01-21 14:39:52 +00:00
Tony White
722c616b8f ati-drivers: Restore opengl & direct rendering
- Removed a collision in the nix store
- Removed dependency on qt
- Fixed opengl and direct rendering by correcting some link paths
- Some code refactored in builder.sh
- Comments added/modified

This pull request fixes #11740 and I recommend that it be considered
as a hotfix for the stable channel due to the fact that opengl
and direct rendering are broken there too.
2016-01-20 19:51:52 +00:00
Vladimír Čunát
4824f73cb3 linux-4.2: remove as it's no longer maintained upstream
grsecurity still holds a reference to it,
but I prefer it to fail than to use a version
that is most likely not secure anymore.
2016-01-20 20:15:07 +01:00
Nathan Zadoks
23f5e3c90f linux: patch CVE-2016-0728 (close #12492)
The PoC provided successfully escalates privileges from a local user to
root. The vulnerability affects any Linux Kernel version 3.8 and higher.
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
2016-01-20 09:31:53 +01:00
Guillaume Maudoux
f8ff4691ed linux-mptcp: init at 0.90 (kernel 3.18.20), fixes #11149 2016-01-20 02:11:09 +01:00
Tuomas Tynkkynen
69ba6c1d30 mmc-utils: init at 2015-11-18, fixes #12489 2016-01-20 01:50:34 +01:00