Commit graph

71 commits

Author SHA1 Message Date
Austin Seipp
b43421221f kernel/grsec: updates; add mainline package for brave souls
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-06-05 06:06:19 -05:00
Austin Seipp
4f27ad14a1 grsec: refactor grsecurity packages
This now provides a handful of different grsecurity kernels for slightly
different 'flavors' of packages. This doesn't change the grsecurity
module to use them just yet, however.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:43 -05:00
Austin Seipp
92abc4c610 kernel: enable AppArmor by default
AppArmor only requires a few patches to the 3.2 and 3.4 kernels in order
to work properly (with the minor catch grsecurity -stable includes the
3.2 patches.) This adds them to the kernel builds by default, removes
features.apparmor (since it's always true) and makes it the default MAC
system.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-05-17 14:09:09 -05:00
Vladimír Čunát
9c8ee7a7e5 linux: minor updates, probably often fixing CVE-2014-0196 2014-05-13 20:00:21 +02:00
Ricardo M. Correia
c50abd0e13 linux: Update to 3.2.57 2014-04-10 00:37:33 +02:00
Ricardo M. Correia
e8c6c60b93 linux: Update to 3.2.56 2014-04-02 15:11:32 +02:00
Austin Seipp
8e349e721c linux: 3.2.54 -> 3.2.55
Signed-off-by: Austin Seipp <aseipp@pobox.com>
2014-02-17 07:27:51 -06:00
Evgeny Egorochkin
69f4bdac6e linux: add git repository and branch meta 2014-02-14 10:45:36 +02:00
Ricardo M. Correia
31fa2cd52b grsecurity: Fix building grsec-3.x.0 kernels 2014-02-08 15:16:40 +00:00
Ricardo M. Correia
acaadd9d2a linux: Update to 3.2.54 and 3.12.7 (close #1527) 2014-01-15 20:05:53 +01:00
Ricardo M. Correia
60ced497f6 linux: Update to 3.2.53 2013-12-04 15:28:20 +01:00
Ricardo M. Correia
69513d1480 linux: Update to 3.2.52 2013-10-29 13:32:53 +01:00
Ricardo M. Correia
72f49af65b linux: Update to 3.2.51 2013-09-13 05:13:18 +02:00
Ricardo M. Correia
2208c360ac linux: Update to 3.2.50 2013-08-05 18:19:48 +00:00
Eelco Dolstra
7ce325f3e0 Unify the Linux kernel configurations
Having N different copies of the NixOS kernel configuration is bad
because these copies tend to diverge.  For instance, our 3.10 config
lacked some modules that were enabled in older configs, probably
because the 3.10 config had been copied off an earlier version of some
older kernel config.

So now there is a single kernel config in common-config.nix.  It has a
few conditionals to deal with new/removed kernel options, but
otherwise it's pretty straightforward.

Also, a lot of cut&paste boilerplate between the kernel Nix
expressions is gone (such as preConfigure).
2013-08-01 01:40:40 +02:00
Eelco Dolstra
3c462ded97 linux: Update to 3.2.49, 3.4.55 2013-07-30 16:52:12 +02:00
Eelco Dolstra
ebe81d17d7 linux: Update to 3.2.48, 3.4.51 2013-07-02 14:40:08 +02:00
Rickard Nilsson
489040bf58 Linux 3.2: Doesn't support CONFIG_RC_DEVICES option 2013-06-25 22:17:13 +02:00
Rickard Nilsson
b7ccfc258a Linux 3.2-3.9: Add CONFIG_RC_DEVICES=y, to enable IR devices that can be used by lirc/devinput 2013-06-25 20:13:11 +02:00
Mathijs Kwik
c913054748 linux-3.2: upgrade to 3.2.47 2013-06-23 17:00:06 +02:00
Eelco Dolstra
cb5b198b51 linux: Update to 3.2.46 2013-06-04 11:00:19 +02:00
Rob Vermaas
000fddd10e Fix hash for linux 3.2.45 2013-05-15 08:37:33 +00:00
David Guibert
880a386c57 update linux 3.2.45 2013-05-14 21:33:14 +02:00
David Guibert
008bb6935c update kernels 3.0, 3.2, 3.4, 3.8 and 3.9-rc 2013-04-26 09:12:35 +02:00
Mathijs Kwik
7ab70b3a41 linux-3.2: upgrade to 3.2.43 2013-04-12 11:40:33 +02:00
Eelco Dolstra
df92d96871 linux: Update to 3.2.42 2013-03-28 13:10:38 +01:00
Eelco Dolstra
f0d45e2e25 Linux kernel: Enable CONFIG_FHANDLE
This enables the open_by_handle_at(2) and name_to_handle_at(2)
syscalls.  Systemd kind of requires this.
2013-03-27 23:00:02 +01:00
Mathijs Kwik
7560812cfa linux-3.2: upgrade to 3.2.41 2013-03-22 00:00:05 +01:00
Eelco Dolstra
bf8f39ff9b linux: Update to 3.2.39
CVE-2013-0228
2013-02-27 14:47:40 +01:00
Eelco Dolstra
76a5e89a1c linux: Update to 3.2.38 2013-02-11 15:34:30 +01:00
viric
39fa2f72ab Merge pull request #253 from rickynils/fscache
linux 3.2-3.7: enable NFS_FSCACHE and CIFS_FSCACHE
2013-01-27 12:39:25 -08:00
Eelco Dolstra
8faee15126 linux: Update to 3.2.37 2013-01-17 17:21:31 +01:00
Rickard Nilsson
97d6292deb linux 3.2-3.7: enable NFS_FSCACHE and CIFS_FSCACHE
NFS_FSCACHE and CIFS_FSCACHE are required to enable the local cache support for
NFS and CIFS (the 'fsc' mount option). The reasoning for enabling it from 3.2
and forward is that at least Ubuntu 12.04 (linux 3.2) has it turned on. Could
probably be enabled for earlier kernels too.
2013-01-09 18:14:54 +01:00
Eelco Dolstra
99897218f4 linux: Update to 3.2.36 2013-01-04 14:19:00 +01:00
Eelco Dolstra
88ca46bfa0 linux: Update to 3.2 2012-12-07 13:24:40 +01:00
Mathijs Kwik
0404c409cc linux-3.2: upgrade to 3.2.34 2012-11-18 11:13:04 +01:00
Eelco Dolstra
1d384b0fe0 linux: Update to 3.2.33 2012-10-31 13:48:04 +01:00
Eelco Dolstra
76c010b928 linux: Update to 3.2.32 2012-10-18 12:22:17 -04:00
Eelco Dolstra
ebd2b0e1ab linux: Update to 3.2.31 2012-10-10 21:51:36 -04:00
Eelco Dolstra
0874615fcc Remove User Mode Linux
It hasn't built in a long time and it's obsolete IMHO.
2012-09-21 13:32:37 -04:00
Eelco Dolstra
50aac3247a linux: Update to 3.2.30 2012-09-21 13:30:00 -04:00
Eelco Dolstra
080c0a5c20 linux: Update to 3.2.29 2012-09-13 10:10:26 -04:00
Eelco Dolstra
e91a4fb1e4 linux: Update to 3.2.28 2012-08-20 09:56:39 -04:00
Eelco Dolstra
e69a6c57bc linux: Update to 3.2.27 2012-08-10 18:54:10 -04:00
Eelco Dolstra
d6cc420fd7 linux: Update to 3.2.26 2012-08-06 09:57:21 -04:00
Eelco Dolstra
1b0abce6de linux: Update to 3.2.24 2012-07-26 11:32:53 -04:00
Eelco Dolstra
dc5ba23ab4 linux: Update to 3.2.23 2012-07-14 17:41:52 -04:00
Eelco Dolstra
0b07259865 linux: Update to 3.2.22 2012-07-10 09:18:12 -04:00
Eelco Dolstra
023e8f2fb9 * Linux 3.2.21.
svn path=/nixpkgs/trunk/; revision=34570
2012-06-20 12:42:56 +00:00
Eelco Dolstra
6551b822af * Enable devtmpfs since recent udev (systemd) versions need it.
svn path=/nixpkgs/trunk/; revision=34565
2012-06-19 19:10:54 +00:00