Until now we merged kernel updates even if no hardened versions were
available yet. On one hand we don't want to delay patch-level updates,
on the other hand users of hardened kernels have frequent breakage now[1].
This change aims to provide a solution this issue:
* The hardened patchset now references the kernel version it's released
for (including a sha256 hash for the fixed-output path of the source
tarball).
* The `hardenedKernelFor`-function doesn't just append hardened patches
now, but also overrides version & src to match the kernel version the
patch was built & tested for.
Refs #140281
[1] https://hydra.nixos.org/job/nixos/trunk-combined/nixpkgs.linuxPackages_hardened.kernel.x86_64-linux/all
quicklisp: 2021-02-13 -> 2021-08-07
lispPackages: regenerate from fresher Quicklisp
sbcl: 2.1.2 -> 2.1.9 (switch default version)
lispPackages.mgl, lispPackages.mgl-mat: init
lispPackages.iolib: suppress network-reliant tests
lispPackages.esrap: apply upstream SBCL 2.1.9 compatibility patch
Removed packages caveman and clack-v1-compat that are removed.
Added more packages from Quicklisp.
* lisp-modules/shell.nix: Add openblas for MGL
* lisp-modules: Update README.txt
Mention that shell.nix needs to be updated when adding packages that
have external dependencies during package analysis, e.g. package :LLA that specifically wants to load libblas.so at compile-time.
* lisp-modules/define-package.nix: Fix package path deduplication
The deduplication of NIX_LISP_ASDF_PATHS was not working, apparently
due to a shell quoting bug causing the sort/uniq pipeline to run at
the wrong time. This is now deduplicated in a separate step.
This fixes a series problem where environments with many Lisp packages
would exhasut the available environment space on Linux, causing
obscure "too many arguments" error messages from the shell, because
the NIX_LISP_ASDF_PATHS list was bloated with ~90% duplicates.
Co-authored-by: Luke Gorrie <luke@nuddy.co>
- Drop graalvm8 since it was removed by upstream
- Add update.sh script to make it easier to generate hashes for all
platforms
- Fix GraalPython, broken since #141825 (sorry)
- Small refactorings and fixes
