cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
100226 commits 1 branch 0 tags 3.7 GiB
Commit graph

1826 commits

Author SHA1 Message Date
Tim Steinbach
52cc30cd87 Merge pull request #20326 from NeQuissimus/linux_3_12_67 
linux: 3.12.66 -> 3.12.67
 2016-11-11 18:10:16 -05:00
Tim Steinbach
933dfca167 Merge pull request #20322 from NeQuissimus/linux_4_8_7 
linux: 4.8.6 -> 4.8.7
 2016-11-10 21:12:06 -05:00
Tim Steinbach
ad19b9bde5
linux: 4.9-rc3 -> 4.9-rc4 2016-11-10 21:08:28 -05:00
Tim Steinbach
0a1f39eb91
linux: 4.8.6 -> 4.8.7 2016-11-10 21:07:56 -05:00
Tim Steinbach
579f5fd9dd
linux: 4.4.30 -> 4.4.31 2016-11-10 21:07:24 -05:00
Tim Steinbach
cc62ecc2d9
linux: 3.12.66 -> 3.12.67 2016-11-10 21:06:54 -05:00
Tuomas Tynkkynen
74ecbbe4e3 kernel config: Ensure SECCOMP_FILTER is enabled 
As noted in a97db109a2, SECCOMP_FILTER must be enabled or systemd gets
very unhappy.
 2016-11-11 02:10:20 +02:00
Peter Hoeg
cb93b34999 SMB2 support for CIFS 
[tuomas: removed unneeded kernel version check]
Signed-off-by: Tuomas Tynkkynen <tuomas@tuxera.com>
 2016-11-11 02:10:20 +02:00
Sophie Taylor
6476f11f40 grsecurity patch update to kernel 4.8.6 2016-11-10 12:44:22 +10:00
Guillaume Maudoux
eb9d126d2c linux_mptcp: 0.91 -> 0.91.2 2016-11-07 14:15:33 +01:00
Joachim Fasting
d9b5cd41c5
grsecurity: 4.7.10-201610262029 -> 201611011946 2016-11-03 13:55:23 +01:00
Tim Steinbach
874abe694a
linux: 4.8.5 -> 4.8.6 2016-11-01 08:58:53 -04:00
Eelco Dolstra
ef1a188e07 linux: 4.4.28 -> 4.4.30 2016-11-01 11:31:00 +01:00
Vladimír Čunát
3be635b9b5
Merge linux kernel maintenance updates 
PRs: #19995 #19996 #19997
 2016-10-30 17:29:43 +01:00
Tim Steinbach
f154459cf4
linux: 4.9-rc2 -> 4.9-rc3 2016-10-30 10:30:07 -04:00
Tim Steinbach
1af5b2a80c
linux: 4.4.27 -> 4.4.28 2016-10-30 10:29:37 -04:00
Tim Steinbach
8073430d95
linux: 4.8.4 -> 4.8.5 2016-10-30 10:28:55 -04:00
Joachim Fasting
dfdaea1240
grsecurity: 4.7.10-201610222037 -> 201610262029 2016-10-27 15:03:27 +02:00
Graham Christensen
2f3b62375f Merge pull request #19891 from NeQuissimus/kernel_4_9_rc2 
kernel: 4.9-rc1 -> 4.9-rc2
 2016-10-27 08:36:23 -04:00
Graham Christensen
ad2deee7d1 Merge pull request #19894 from NeQuissimus/kernel_3_18_44 
kernel: 3.18.42 -> 3.18.44
 2016-10-27 08:36:17 -04:00
Graham Christensen
c654ec0f25 Merge pull request #19893 from NeQuissimus/kernel_3_12_66 
kernel: 3.12.63 -> 3.12.66
 2016-10-27 08:36:10 -04:00
Graham Christensen
00e2bc22db Merge pull request #19890 from NeQuissimus/kernel_3_10_104 
kernel: 3.10.103 -> 3.10.104
 2016-10-27 08:35:54 -04:00
Tim Steinbach
b02646f93b
kernel: 3.18.42 -> 3.18.44 2016-10-26 19:23:43 -04:00
Tim Steinbach
e5e84ecbbd
kernel: 3.12.63 -> 3.12.66 2016-10-26 19:17:46 -04:00
Tim Steinbach
e4773819f4
kernel: 3.10.103 -> 3.10.104 2016-10-26 19:13:21 -04:00
Tim Steinbach
e9a5cf3f6f
kernel: 4.9-rc1 -> 4.9-rc2 2016-10-26 09:11:00 -04:00
Tim Steinbach
89cd922a6a
kernel: 4.1.33 -> 4.1.35 2016-10-26 09:04:37 -04:00
Tim Steinbach
b3f7d626c1
kernel: remove 4.7 2016-10-24 21:30:00 -04:00
Joachim Fasting
5440c1a64c
grsecurity: 4.7.9-201610200819 -> 4.7.10-201610222037 
Notably, this pulls in the dirtycow fix from upstream (but I've been
unable to execute the POC exploits on grsec kernels without that fix
...)
 2016-10-23 17:14:40 +02:00
Tim Steinbach
a3989b87df Merge pull request #19772 from NeQuissimus/linux_4_8_4 
linux: 4.8.3 -> 4.8.4
 2016-10-22 12:14:59 -04:00
Tim Steinbach
72d91f95cb Merge pull request #19771 from NeQuissimus/linux_4_7_10 
linux: 4.7.9 -> 4.7.10
 2016-10-22 12:14:26 -04:00
Tim Steinbach
8d0ca31849
linux: 4.8.3 -> 4.8.4 2016-10-22 12:11:37 -04:00
Tim Steinbach
adbe0e0a13
linux: 4.7.9 -> 4.7.10 2016-10-22 12:11:09 -04:00
Tim Steinbach
4489454b83
linux: 4.4.26 -> 4.4.27 2016-10-22 12:10:34 -04:00
Joachim Fasting
ed5d146e9d
grsecurity: 4.7.7-201610101902 -> 4.7.9-201610200819 2016-10-21 01:50:53 +02:00
Vladimír Čunát
fabfb0a900 Merge #19725: kernel: 4.7.8 -> 4.7.9 2016-10-20 19:45:25 +02:00
Tim Steinbach
963804ba8e
kernel: 4.7.8 -> 4.7.9 2016-10-20 13:08:53 -04:00
Tim Steinbach
0c3e5217fc
kernel: 4.8.2 -> 4.8.3 2016-10-20 13:06:03 -04:00
Eelco Dolstra
76a57d83b5 linux: 4.4.25 -> 4.4.26 2016-10-20 13:37:19 +02:00
Tim Steinbach
dac481d999 Merge pull request #19648 from NeQuissimus/linux_4_7_8 
linux_4_7: 4.7.7 -> 4.7.8
 2016-10-19 14:48:47 -04:00
Tim Steinbach
84e4dcb34b Merge pull request #19649 from NeQuissimus/linux_4_8_2 
linux_4_8: 4.8.1 -> 4.8.2
 2016-10-19 14:38:11 -04:00
Tim Steinbach
70c8de0536 Merge pull request #19652 from NeQuissimus/linux_4_9_rc1 
linux_testing: 4.8-rc6 -> 4.9-rc1
 2016-10-19 14:35:21 -04:00
Eelco Dolstra
13f43c7ebc linux: 4.4.24 -> 4.4.25 2016-10-19 17:11:53 +02:00
Tuomas Tynkkynen
59f12d9394 kernel config: Add some filesystem options 
Enable encryption support for both F2FS and ext4. For ext4 this is a bit
tricky, since pre-4.8 the way to enable it as a module was just
"EXT4_ENCRYPTION=m" but after that it changed to "FS_ENCRYPTION=m &&
EXT4_ENCRYPTION=y".

Also make sure UDF is enabled.
 2016-10-19 16:44:08 +03:00
Tim Steinbach
51c9c2f851
linux_testing: 4.8-rc6 -> 4.9-rc1 2016-10-18 11:19:46 -04:00
Tim Steinbach
0acfbaa5b2
linux_4_8: 4.8.1 -> 4.8.2 2016-10-18 10:13:02 -04:00
Tim Steinbach
55adff59f1
linux_4_7: 4.7.7 -> 4.7.8 2016-10-18 10:12:26 -04:00
Joachim Fasting
ce73a3ea0f grsecurity: 4.7.6-201609301918 -> 4.7.7-201610101902 2016-10-11 13:15:16 +02:00
Aneesh Agrawal
f0602d2d36 kernel: Make SECURITY_YAMA optional 
It's highly recommended, but not required to run NixOS.
 2016-10-08 17:46:33 +02:00
Aneesh Agrawal
a000ed181c linux config: enable the Yama LSM (#14392) 
The Yama Linux Security Module restricts the use of ptrace so that
processes cannot ptrace processes that are not their children. This
prevents attackers from compromising one user-level processes and
snooping on the memory and runtime state of other processes owned
by the same user.
 2016-10-08 16:40:12 +02:00
Tim Steinbach
a699eb4798 linux: 4.4.23 -> 4.4.24 (#19346) 2016-10-08 07:02:07 +02:00
Tim Steinbach
9481edec56 linux: 4.7.6 -> 4.7.7 (#19345) 2016-10-08 07:01:51 +02:00
Tim Steinbach
07e67b33af linux: 4.8.0 -> 4.8.1 (#19344) 2016-10-08 07:01:27 +02:00
Marco Maggesi
435673b948 Revert "Revert "linux*: remove 3.14, as it's no longer maintained"" 
In the end, it is too dangerous to have an unmaintained kernel in
nixpkgs.  Revert the revert.

This reverts commit e921725176.
 2016-10-07 23:26:32 +02:00
Marco Maggesi
e921725176 Revert "linux*: remove 3.14, as it's no longer maintained" 
This is the simplest way to reenable the use of BLCR
(which at present requires linux version >3.12 <3.18)
until we find a better solution.

This reverts commit 6a9e765e27.
 2016-10-07 14:31:24 +02:00
Eelco Dolstra
a8b61b0aad Merge pull request #19278 from anderspapitto/local 
perf: add dependency on libaudit
 2016-10-06 11:45:54 +02:00
Anders Papitto
aa44330963 perf: add dependency on libaudit 
the `trace` subcommand of perf is only enabled when libaudit is
available at compile time
 2016-10-05 17:59:44 -07:00
Alexander Ried
96fbdf8594 kernel: Disable RT_GROUP_SCHED 
Follow systemd recommendation
fd74fa791f/README (L96-L103)
 2016-10-05 12:52:45 +02:00
Shea Levy
e54313d183 Revert "Revert "Linux 4.8"" 
Now featuring @aszlig's modinst_arg_list_too_long patch.

This reverts commit 43bedb970d.

Fixes #19213
 2016-10-04 10:10:36 -04:00
Shea Levy
43bedb970d Revert "Linux 4.8" 
This reverts commit e4958d54b1.
 2016-10-03 22:04:43 -04:00
Shea Levy
e4958d54b1 Linux 4.8 2016-10-03 08:45:45 -04:00
Joachim Fasting
9a9237e0aa
grsecurity: revamp nixos kernel config 
Cleanup:
- Restructure & add some commentary
- Remove redundant option specs given the auto config
  constraints (some are left in for documentation purposes)

Changes:
- GRKERNSEC_CONFIG_VIRT_HOST -> GUEST
  The former deselects paravirtualization and friends
- PAX_LATENT_ENTROPY n -> y (implied by auto)
- GRKERNSEC_ACL_HIDEKERN y -> n
  Possibly useless with redistribution
 2016-10-02 19:25:58 +02:00
Joachim Fasting
1bb7b44cd7
grsecurity: make GRKERNSEC y and PAX y implicit 
These options should always be specified. Note, an implication of this
change is that not specifying any grsec/PaX options results in a build
failure.
 2016-10-02 19:25:58 +02:00
Joachim Fasting
2ec9a1a955
grsecurity: 4.7.5-201609261522 -> 4.7.6-201609301918 2016-10-01 08:47:30 +02:00
Joachim Fasting
22108b7a10
linux_4_7: 4.7.5 -> 4.7.6 2016-10-01 08:46:31 +02:00
Eelco Dolstra
613a12a8bd linux: 4.4.22 -> 4.4.23 2016-09-30 14:41:19 +02:00
Graham Christensen
ff5cf3abff linux-3.10: fix build by upstream patch 2016-09-28 19:18:34 +02:00
Joachim Fasting
98a9d815e0
grsecurity: 4.7.4-201609211951 -> 4.7.5-201609261522 2016-09-27 01:43:50 +02:00
Franz Pletz
3a4a425728
linux: 4.7.4 -> 4.7.5 2016-09-25 14:20:46 +02:00
Franz Pletz
c83f8a536a
linux: 4.4.20 -> 4.4.22 2016-09-25 14:20:46 +02:00
Franz Pletz
fdf239fb83
linux: 4.1.31 -> 4.1.33 2016-09-25 14:20:45 +02:00
Franz Pletz
17402fc4a3
linux: 3.18.40 -> 3.18.42 2016-09-25 14:20:45 +02:00
Franz Pletz
31ff655e46
kernelPatches: remove unneeded patches 2016-09-25 14:20:45 +02:00
Franz Pletz
01f465c82b
linux: 3.12.62 -> 3.12.63 2016-09-25 14:20:45 +02:00
Franz Pletz
b1029abe56
linux: 3.10.102 -> 3.10.103 2016-09-25 14:20:45 +02:00
Franz Pletz
e8cd27dd8a
linux_4_6: remove, not maintained anymore 2016-09-25 14:20:39 +02:00
Nikolay Amiantov
ea4d517eb8 Merge pull request #18661 from NeQuissimus/kernel/zbud 
kernel-common: Add ZBUD
 2016-09-25 12:33:08 +04:00
Joachim Fasting
64816cd972
grsecurity: 4.7.4-201609152234 -> 201609211951 2016-09-22 23:40:50 +02:00
Joachim Fasting
e2659de1b2
kernelPatches: remove legacy grsecurity attrs 2016-09-18 15:26:57 +02:00
Vladimír Čunát
6a9e765e27 linux*: remove 3.14, as it's no longer maintained 2016-09-17 02:10:53 +02:00
Tuomas Tynkkynen
f5c9c4f18a Merge pull request #18659 from layus/fix-mptcp 
linux_mptcp: fix config options broken by b4a4a63cc4
 2016-09-16 21:06:54 +03:00
aszlig
a0b643ed06
linux-testing: 4.8-rc4 -> 4.8-rc6 
Built successfully on my machine, no runtime tests performed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Verified-with-PGP: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886
 2016-09-16 17:57:32 +02:00
Tim Steinbach
77e1be36b9
kernel-common: Add ZBUD, move ZSMALLOC into module space 2016-09-16 15:31:51 +00:00
Guillaume Maudoux
f0e519d26a linux_mptcp: fix config options broken by b4a4a63cc4 2016-09-16 13:15:50 +02:00
Joachim Fasting
d082a7c0fd
grsecurity: 4.7.3-201609072139 -> 4.7.4-201609152234 2016-09-16 11:18:42 +02:00
Joachim Fasting
2050f12f4e
linux_4_7: 4.7.3 -> 4.7.4 2016-09-16 11:18:42 +02:00
Kirill Boltaev
0f37287df5 treewide: explicitly specify gtk version 2016-09-13 21:09:24 +03:00
Tuomas Tynkkynen
0c0188c5d2 kernel config: Explicitly enable some NLS-related things 
Doesn't affect x86, but ARM can't mount VFAT filesystems without this on
a 3.18 kernel.
 2016-09-13 17:06:13 +03:00
Tuomas Tynkkynen
b4a4a63cc4 kernel generate-config.pl: Properly support string options 
Or we get something like:

option not set correctly: NLS_DEFAULT (wanted 'utf8', got '"utf8"')
 2016-09-13 17:06:13 +03:00
Tuomas Tynkkynen
246bd302ec kernel generate-config.pl: Be more verbose on errors 2016-09-13 17:06:13 +03:00
Joachim Fasting
91674b75d3
grsecurity: 4.7.2-201608312326 -> 4.7.3-201609072139 2016-09-10 17:06:42 +02:00
Eelco Dolstra
bc7e4e390a linux: 4.4.19 -> 4.4.20 2016-09-08 13:58:05 +02:00
Tim Steinbach
4829cd7f65
kernel: 4.7.2 -> 4.7.3 2016-09-08 01:51:28 +00:00
Joachim Fasting
0ce7b31b09
grsecurity: 4.7.2-201608211829 -> 201608312326 2016-09-01 14:51:33 +02:00
Tuomas Tynkkynen
8c4aeb1780 Merge staging into master 
Brings in:
    - changed output order for multiple outputs:
      https://github.com/NixOS/nixpkgs/pull/14766
    - audit disabled by default
      https://github.com/NixOS/nixpkgs/pull/17916

 Conflicts:
	pkgs/development/libraries/openldap/default.nix
 2016-09-01 13:27:27 +03:00
Tuomas Tynkkynen
d3dc3d4130 Merge remote-tracking branch 'dezgeg/shuffle-outputs' into staging 
https://github.com/NixOS/nixpkgs/pull/14766
 2016-08-30 12:43:37 +03:00
aszlig
f19c961b4e
linux-testing: Fix arg list too long in modinst 
With the default kernel and thus with the build I have tested in
74ec94bfa2, we get an error during
modules_install:

make[2]: execvp: /nix/store/.../bin/bash: Argument list too long

I haven't noticed this build until I actually tried booting using this
kernel because make didn't fail here.

The reason this happens within Nix and probably didn't yet surface in
other distros is that programs only have a limited amount of memory
available for storing the environment and the arguments.

Environment variables however are quite common on Nix and thus we
stumble on problems like this way earlier - in this case Linux 4.8 - but
I have noticed this in 4.7-next as well already.

The fix is far from perfect and suffers performance overhead because we
now run grep for every *.mod file instead of passing all *.mod files
into one single invocation of grep.

But comparing the performance overhead (around 1s on my machine) with
the overall build time of the kernel I think the overhead really is
neglicible.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-08-30 06:55:52 +02:00
aszlig
74ec94bfa2
linux/kernel/testing: 4.8-rc3 -> 4.8-rc4 
Tested by only building the linux_testing attribute, but haven't yet
tested it in production.

I've also fixed the extraMeta.branch attribute.

Verified-with-PGP: ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-08-29 20:52:19 +02:00
aszlig
42e1ec215e
linux/kernel: Remove MLX4_EN_VXLAN for 4.8 
This option is no longer needed and has been removed in upstream commit
torvalds/linux@a831274a13.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-08-29 20:52:19 +02:00
aszlig
0bce188ec1
linux/kernel: Remove KVM_APIC_ARCHITECTURE for 4.8 
The option is no longer needed and has been removed upstream in
torvalds/linux@557abc40d1.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-08-29 20:52:19 +02:00
Tuomas Tynkkynen
0e26cf84fc kernel: Remove propagatedBuildOutputs 
Not needed after the shuffle.
 2016-08-29 14:49:52 +03:00
obadz
b74793bd1c Merge branch 'master' into staging 
Conflicts:
	pkgs/tools/system/facter/default.nix
 2016-08-29 12:44:17 +01:00
Joachim Fasting
e5c3a52afc
grsecurity: fix features.grsecurity 
Previously, features.grsecurity wasn't actually set due to a bug in the
grsec builder. We now rely on the generic kernel builder to set features
from kernelPatches.
 2016-08-29 04:09:40 +02:00
Joachim Fasting
fcf5a24d8c
kernel config: set DEBUG_STACKOVERFLOW regardless of features.grsecurity 
features.grsecurity has actually been unset for a long time, with no
ill effect on grsec kernel builds so this conditional looks useless.
 2016-08-29 04:08:39 +02:00
Robin Gloster
e17bc25943
Merge remote-tracking branch 'upstream/master' into staging 2016-08-29 00:24:47 +00:00
Tuomas Tynkkynen
c004c6e14d kernel config: Explicitly enable some stuff not enabled by 'make alldefconfig' 
List of what to enable taken from https://lwn.net/Articles/672587/.
This doesn't change the resulting x86 configs, but is more useful for
other architectures. For instance, POSIX_MQUEUE is currently missing
on ARM.
 2016-08-29 03:07:11 +03:00
obadz
3de6e5be50 Merge branch 'master' into staging 
Conflicts:
      pkgs/applications/misc/navit/default.nix
      pkgs/applications/networking/mailreaders/alpine/default.nix
      pkgs/applications/networking/mailreaders/realpine/default.nix
      pkgs/development/compilers/ghc/head.nix
      pkgs/development/libraries/openssl/default.nix
      pkgs/games/liquidwar/default.nix
      pkgs/games/spring/springlobby.nix
      pkgs/os-specific/linux/kernel/perf.nix
      pkgs/servers/sip/freeswitch/default.nix
      pkgs/tools/archivers/cromfs/default.nix
      pkgs/tools/graphics/plotutils/default.nix
 2016-08-27 23:54:54 +01:00
Bjørn Forsman
daa9d5edca perf: unbreak build since glibc 2.24 upgrade 
glibc 2.24 deprecated readdir_r, breaking the perf build:

  $ nix-build -A linuxPackages.perf
  ...
    CC       util/event.o
    CC       util/evlist.o
  util/event.c: In function '__event__synthesize_thread':
  util/event.c:448:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
    while (!readdir_r(tasks, &dirent, &next) && next) {
    ^
  In file included from /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/features.h:368:0,
                   from /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/stdint.h:25,
                   from /nix/store/jsazxc1b86g2ww569ziwhhvkz8z43vjd-gcc-5.4.0/lib/gcc/x86_64-unknown-linux-gnu/5.4.0/include/stdint.h:9,
                   from /tmp/nix-build-perf-linux-4.4.19.drv-0/linux-4.4.19/tools/include/linux/types.h:6,
                   from util/event.c:1:
  /nix/store/8ic0jwg3p5vcwx52k4781n987hmv0bks-glibc-2.24-dev/include/dirent.h:189:12: note: declared here
   extern int __REDIRECT (readdir_r,
              ^
  util/event.c: In function 'perf_event__synthesize_threads':
  util/event.c:586:2: error: 'readdir_r' is deprecated [-Werror=deprecated-declarations]
    while (!readdir_r(proc, &dirent, &next) && next) {

Fix by adding -Wno-error=deprecated-declarations compile flag.
 2016-08-27 10:21:57 +02:00
Gabriel Ebner
131cd8f45d Merge pull request #18005 from gebner/kernel-amd-powerplay 
kernel: config: enable DRM_AMD_POWERPLAY
 2016-08-26 19:04:54 +02:00
Franz Pletz
40e0e5fb0b
linux_testing: 4.7-rc7 -> 4.8-rc3 2016-08-26 14:47:45 +02:00
Franz Pletz
aacf6651c1
linux: 4.4.18 -> 4.4.19 2016-08-26 14:47:45 +02:00
Franz Pletz
90251478ec
linux: 4.1.30 -> 4.1.31 2016-08-26 14:47:45 +02:00
Franz Pletz
377c851395
linux: 3.18.36 -> 3.18.40 2016-08-26 14:47:45 +02:00
Franz Pletz
dc37edb36c
linux: 3.14.73 -> 3.14.77 2016-08-26 14:47:45 +02:00
Franz Pletz
458d477215
linux: 3.12.61 -> 3.12.62 2016-08-26 14:47:45 +02:00
Gabriel Ebner
7b01df18a2 kernel: config: enable DRM_AMD_POWERPLAY 2016-08-26 08:45:49 +02:00
Shea Levy
2b1fa9da8b Add initial patches for CPU Controller on Control Group v2 2016-08-25 13:01:40 -04:00
Robin Gloster
c26de11551 linuxPackages.perf: fix build with new glibc and remove hack 
elfutils now adds a eu- prefix to avoid collisions
 2016-08-24 19:19:02 +00:00
obadz
0e8d2725dc Merge branch 'master' into staging 2016-08-23 18:50:06 +01:00
Joachim Fasting
cf592a8969
grsecurity: 4.7.1-201608161813 -> 4.7.2-201608211829 2016-08-23 01:49:34 +02:00
obadz
24a9183f90 Merge branch 'hardened-stdenv' into staging 
Closes #12895

Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
 2016-08-22 01:19:35 +01:00
obadz
ba50fd7170 Merge branch 'master' into staging 2016-08-22 01:18:11 +01:00
Tim Steinbach
175028582c
linux: 4.7.1 -> 4.7.2 2016-08-21 13:56:45 +00:00
Nikolay Amiantov
ff22705793 treewide: replace several /sbin paths by /bin 2016-08-19 17:56:45 +03:00
Tuomas Tynkkynen
bd68309643 kernel config: Enable SECCOMP 
This is used by systemd >= 231 and is not enabled in the ARM
multiplatform defconfig.
 2016-08-18 16:33:46 +03:00
Joachim Fasting
ba20363f11
grsecurity: 4.7-201608151842 -> 4.7.1-201608161813 2016-08-17 15:19:27 +02:00
Franz Pletz
2571438988 linux: 4.7 -> 4.7.1 2016-08-17 05:46:00 +02:00
Franz Pletz
7a4407461b linux: 4.6.6 -> 4.6.7 
Fixes CVE-2016-5696.
 2016-08-17 05:45:59 +02:00
Franz Pletz
da95fb368c linux: 4.4.17 -> 4.4.18 
Fixes CVE-2016-5696.
 2016-08-17 05:45:59 +02:00
Franz Pletz
2104d28bcd linux: 4.1.27 -> 4.1.30 
Fixes CVE-2016-5696.
 2016-08-17 05:45:59 +02:00
Joachim Fasting
d82ddd6dc0
grsecurity: 4.7-201608131240 -> 4.7-201608151842 2016-08-16 17:50:37 +02:00
Joachim Fasting
b1cceeda84
grsecurity: enable pax size overflow plugin 2016-08-16 17:50:36 +02:00
Joachim Fasting
3fcb9e6f57
grsecurity: support non-enforcing mode 
Until we've made sure that most things actually work out of the box, we
need to give people a way of continuing to use the system without
completely disabling grsecurity.

Set sysctl kernel.pax.softmode=1 or boot with pax.softmode=1
 2016-08-16 17:50:36 +02:00
Robin Gloster
33e1c78ae3 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-16 07:54:01 +00:00
Shea Levy
9adad8612b Revert "Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs" 
Was meant to go into staging, sorry

This reverts commit 57b2d1e9b0, reversing
changes made to 760b2b9048.
 2016-08-15 19:05:52 -04:00
Shea Levy
57b2d1e9b0 Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs 2016-08-15 19:01:44 -04:00
Nikolay Amiantov
1afd250676 treewide: replace several /sbin paths by /bin 2016-08-16 00:19:25 +03:00
Joachim Fasting
9062c67914
grsecurity: 4.6.5-201607312210 -> 4.7-201608131240 2016-08-15 20:36:46 +02:00
Franz Pletz
64c79e8526 linux: 4.6.5 -> 4.6.6 2016-08-15 04:28:08 +02:00
Franz Pletz
2a8718fb0b linux_4_5: remove, not support by upstream anymore 2016-08-15 04:28:02 +02:00
Franz Pletz
bd4490e277 Merge branch 'master' into hardened-stdenv 2016-08-13 16:59:55 +02:00
obadz
b2efe2babd Revert "linux kernel 4.4: fix race during build" 
Removes patch. Was fixed upstream.

This reverts commit 4788ec1372.
 2016-08-12 16:42:25 +01:00
Guillaume Maudoux
b1817fa8a3 linux_mptcp: 0.90.1 (kernel 3.18) -> 0.91 (kernel 4.1) (#17675) 2016-08-12 15:14:24 +02:00
Robin Gloster
b7787d932e Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-08-12 09:46:53 +00:00
obadz
18947c9e36 Revert "ecryptfs: fix kernel bug introduced in 4.4.14" 
The Linux 4.4.17 release fixes the underlying issue

This reverts commit fad9a8841b.
 2016-08-11 17:15:54 +01:00
Eelco Dolstra
e26ac7afd4 linux: 4.4.16 -> 4.4.17 2016-08-11 15:20:07 +02:00
Tuomas Tynkkynen
088bcf4ec4 kernel config: Fix 3.10, 3.12, 3.14 builds 2016-08-06 17:06:45 +03:00
Tuomas Tynkkynen
44f462bf4d generate-config.pl: Be more verbose about missing options 
For instance, the current 3.10 kernel build fails at the end with:

unused option: BRCMFMAC_PCIE
unused option: FW_LOADER_USER_HELPER_FALLBACK
unused option: KEXEC_FILE
unused option: RANDOMIZE_BASE

However, it's not obvious that only the _last_ one is actually fatal to
the build. After this change it's at least somewhat better:

warning: unused option: BRCMFMAC_PCIE
warning: unused option: FW_LOADER_USER_HELPER_FALLBACK
warning: unused option: KEXEC_FILE
error: unused option: RANDOMIZE_BASE
 2016-08-06 17:06:45 +03:00
Michal Rus
7281740c2e
linux: enable DRM_GMA600 and DRM_GMA3600 
Adds basic support for Intel GMA3600/3650 (Intel Cedar Trail) platforms
and support for GMA600 (Intel Moorestown/Oaktrail) platforms with LVDS
ports via the gma500_gfx module.

Resolves #14727 Closes #17519
 2016-08-05 19:07:40 +02:00
Franz Pletz
2d6b7aa545 linux: enable some useful networking options 
All options are enabled by default on Debian and some other
distributions, so these should be safe.
 2016-08-05 04:07:31 +02:00