cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
121586 commits 1 branch 0 tags 3.7 GiB
Commit graph

360 commits

Author SHA1 Message Date
William A. Kennington III
b25930c4c8 kernel: 4.0.6 -> 4.0.7 2015-06-30 11:20:41 -07:00
William A. Kennington III
b08d384da8 kernel: 3.14.44 -> 3.14.45 2015-06-24 18:12:20 -07:00
William A. Kennington III
2f255eafd9 kernel: 4.0.5 -> 4.0.6 2015-06-24 18:11:25 -07:00
Ricardo M. Correia
e26bfbe26f grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201506021902 -> 3.1-3.14.44-201506082249
test:   3.1-4.0.4-201506021902   -> 3.1-4.0.5-201506082251
 2015-06-10 18:33:28 +02:00
Ricardo M. Correia
07c26ee680 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505272112 -> 3.1-3.14.43-201506021902
test:   3.1-4.0.4-201505272113   -> 3.1-4.0.4-201506021902
 2015-06-03 19:38:05 +02:00
Ricardo M. Correia
b59d52daf7 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505222221 -> 3.1-3.14.43-201505272112
test:   3.1-4.0.4-201505222222   -> 3.1-4.0.4-201505272113
 2015-05-29 19:49:46 +02:00
Ricardo M. Correia
c0f09411e8 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505191737 -> 3.1-3.14.43-201505222221
test:   3.1-4.0.4-201505182014   -> 3.1-4.0.4-201505222222
 2015-05-27 20:27:43 +02:00
Ricardo M. Correia
5277bf945d grsecurity: Update stable patch from 3.1-3.14.43-201505181929 -> 3.1-3.14.43-201505191737 2015-05-21 14:45:56 +02:00
Ricardo M. Correia
0cb3c2d684 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505171736 -> 3.1-3.14.43-201505181929
test:   3.1-4.0.4-201505171737   -> 3.1-4.0.4-201505182014
 2015-05-19 19:21:31 +02:00
William A. Kennington III
9265918fea kernel: 3.14.42 -> 3.14.43 2015-05-18 01:45:49 -07:00
William A. Kennington III
4a7a3cd8a5 kernel: 4.0.3 -> 4.0.4 2015-05-18 01:43:03 -07:00
William A. Kennington III
fcf15de248 kernel: 3.14.41 -> 3.14.42 2015-05-15 18:38:14 -07:00
William A. Kennington III
90659e2735 kernel: 4.0.2 -> 4.0.3 2015-05-15 18:38:14 -07:00
Ricardo M. Correia
aa75bb25d8 grsecurity: Update stable and test patches 
stable: 3.1-3.14.41-201505072056 -> 3.1-3.14.41-201505101121
test:   3.1-4.0.2-201505072057   -> 3.1-4.0.2-201505101122
 2015-05-11 02:45:38 +02:00
William A. Kennington III
8209d3f78b kernel: 3.14.40 -> 3.14.41 2015-05-07 20:34:26 -07:00
William A. Kennington III
0e4057b167 kernel: 4.0.1 -> 4.0.2 2015-05-07 20:32:24 -07:00
Ricardo M. Correia
b95fa1c852 grsecurity: Update stable and test patches 
stable: 3.1-3.14.40-201504290821 -> 3.1-3.14.40-201504302118
test:   3.1-3.19.6-201504290821  -> 3.1-3.19.6-201504302119
 2015-05-02 01:03:05 +02:00
William A. Kennington III
084d1143e6 kernel: 3.14.39 -> 3.14.40 2015-04-29 14:34:11 -07:00
William A. Kennington III
dfd7b26e3a kernel: 3.19.5 -> 3.19.6 2015-04-29 14:33:23 -07:00
William A. Kennington III
dbaeb7c428 kernel: 3.14.38 -> 3.14.39 2015-04-20 22:41:47 -07:00
William A. Kennington III
2c35a4aa39 kernel: 3.19.4 -> 3.19.5 2015-04-20 22:40:31 -07:00
William A. Kennington III
0fd4774781 kernel: 3.14.37 -> 3.14.38 2015-04-15 16:22:42 -07:00
William A. Kennington III
2ded7833ed kernel: 3.19.3 -> 3.19.4 2015-04-15 16:22:42 -07:00
Nikolay Amiantov
285d64d2f0 kernel: add patch to fix btrfs deadlocks to affected kernels 2015-04-08 20:49:12 +03:00
Ricardo M. Correia
6566738b29 grsecurity: Update stable and test patches 
stable: 3.1-3.14.37-201503270048 -> 3.1-3.14.37-201504051405
test:   3.1-3.19.3-201503270049  -> 3.1-3.19.3-201504021826
 2015-04-06 18:26:05 +02:00
William A. Kennington III
304b3c077c kernel: 3.14.36 -> 3.14.37 2015-03-27 10:45:13 -07:00
William A. Kennington III
ca12b0b304 kernel: 3.19.2 -> 3.19.3 2015-03-27 10:44:19 -07:00
Ricardo M. Correia
0f5a5cae76 grsecurity: Update test patch from 3.1-3.19.2-201503182219 -> 3.1-3.19.2-201503201903 2015-03-21 06:23:26 +01:00
William A. Kennington III
36ada70250 kernel: 3.14.35 -> 3.14.36 2015-03-20 14:21:39 -07:00
William A. Kennington III
a7c32c8ea5 kernel: 3.19.1 -> 3.19.2 2015-03-20 14:19:49 -07:00
Eelco Dolstra
cb7b0f3c1b Merge pull request #6898 from joachifm/redundant-params 
kernelPatches: remove unused parameters
 2015-03-19 15:31:03 +01:00
Joachim Fasting
cd55b6b5bb kernelPatches: remove unused parameters 2015-03-19 14:08:16 +01:00
Ricardo M. Correia
7c8247a8c5 grsecurity: Update stable and test patches 
stable: 3.1-3.14.35-201503071140 -> 3.1-3.14.35-201503092203
test:   3.1-3.18.9-201503071142  -> 3.1-3.19.1-201503122205
 2015-03-15 03:49:58 +01:00
William A. Kennington III
6b666dca7c kernel: 3.14.34 -> 3.14.35 2015-03-08 14:58:46 -07:00
William A. Kennington III
cf9d5ceda1 kernel: 3.18.8 -> 3.18.9 2015-03-08 14:57:44 -07:00
William A. Kennington III
24f25e6f9a kernel: 3.18.7 -> 3.18.8 2015-03-02 19:52:26 -08:00
William A. Kennington III
103f9820f6 kernel: 3.14.33 -> 3.14.34 2015-03-02 19:52:26 -08:00
Ricardo M. Correia
e196cd5611 grsecurity: Update stable and test patches 
stable: 3.0-3.14.33-201502200812 -> 3.1-3.14.33-201502222137
test:   3.0-3.18.7-201502200813  -> 3.1-3.18.7-201502222138
 2015-02-23 18:38:13 +01:00
Ricardo M. Correia
50bf56fd09 grsecurity: Update stable and test patches 
stable: 3.0-3.14.33-201502181906 -> 3.0-3.14.33-201502200812
test:   3.0-3.18.7-201502180834  -> 3.0-3.18.7-201502200813
 2015-02-20 14:29:45 +01:00
Ricardo M. Correia
99eb8705cd grsecurity: Update stable patch from 3.0-3.14.33-201502180832 -> 3.0-3.14.33-201502181906 2015-02-19 04:47:44 +01:00
Ricardo M. Correia
c5a7115721 grsecurity: Update stable and test patches 
stable: 3.0-3.14.32-201502062101 -> 3.0-3.14.33-201502180832
test:   3.0-3.18.6-201502062100  -> 3.0-3.18.7-201502180834
 2015-02-18 17:24:53 +01:00
Vladimír Čunát
57f2d329ac linux_3_{10,12,14}: fix upstream regression, fixes #6231 
Some modules wouldn't load crc32c dependency due to module renaming.
 2015-02-10 13:45:20 +01:00
William A. Kennington III
c4d21cf1c4 kernel: 3.14.31 -> 3.14.32 2015-02-07 12:08:09 -08:00
William A. Kennington III
f103b0f78b kernel: 3.18.5 -> 3.18.6 2015-02-07 12:07:17 -08:00
William A. Kennington III
bbd6384f62 kernel: 3.14.29 -> 3.14.31 2015-01-31 18:55:09 -08:00
William A. Kennington III
8a2f7375d6 kernel: 3.18.3 -> 3.18.5 2015-01-31 18:54:59 -08:00
Ricardo M. Correia
23ffd6ad22 grsecurity: Update stable and test patches 
stable: 3.0-3.14.29-201501182217 -> 3.0-3.14.29-201501211943
test:   3.0-3.18.3-201501182219  -> 3.0-3.18.3-201501211944
 2015-01-22 05:39:01 +01:00
William A. Kennington III
fb921695b6 kernel: Fix grsec patch for 3.18.3 2015-01-18 21:11:07 -08:00
William A. Kennington III
2c02b7caff kernel: 3.14.28 -> 3.14.29 2015-01-18 21:11:07 -08:00
Ricardo M. Correia
1f28bfa284 grsecurity: Update stable and test patches 
stable: 3.0-3.14.28-201501120819 -> 3.0-3.14.28-201501142323
test:   3.0-3.18.2-201501120821  -> 3.0-3.18.2-201501142325
 2015-01-16 02:47:12 +01:00
William A. Kennington III
1ec68e0d13 kernel: Fix path to stp bridge helper 2015-01-14 10:34:28 -08:00
William A. Kennington III
3d4b315d91 Revert "kernel: Add a patch to remove checks for bridge stp helpers" 
This reverts commit f64c3ce18d.
 2015-01-13 15:34:26 -08:00
William A. Kennington III
f64c3ce18d kernel: Add a patch to remove checks for bridge stp helpers 2015-01-13 15:24:02 -08:00
Ricardo M. Correia
757071af5b grsecurity: Update stable and test patches 
stable: 3.0-3.14.28-201501111421 -> 3.0-3.14.28-201501120819
test:   3.0-3.18.2-201501111422  -> 3.0-3.18.2-201501120821
 2015-01-12 18:21:22 +01:00
William A. Kennington III
97783b87c0 kernel: 3.14.27 -> 3.14.28 2015-01-11 23:59:13 -08:00
William A. Kennington III
33651bb865 kernel: 3.18.1 -> 3.18.2 2015-01-11 23:58:19 -08:00
Ricardo M. Correia
e90bfba2f6 grsecurity: Update stable and test patches 
stable: 3.0-3.14.27-201412280859 -> 3.0-3.14.27-201501042018
test:   3.0-3.18.1-201412281149  -> 3.0-3.18.1-201501042021
 2015-01-07 05:49:56 +01:00
Ricardo M. Correia
1d44322d53 grsecurity: Update stable and test patches 
stable: 3.0-3.14.27-201412211908 -> 3.0-3.14.27-201412280859
test:   3.0-3.17.7-201412211910  -> 3.0-3.18.1-201412281149
 2014-12-29 03:00:47 +01:00
Ricardo M. Correia
a8e33da2dd grsecurity: Update stable and test patches 
stable: 3.0-3.14.27-201412170659 -> 3.0-3.14.27-201412211908
test:   3.0-3.17.7-201412170700  -> 3.0-3.17.7-201412211910
 2014-12-22 20:33:00 +01:00
William A. Kennington III
7e8c5b578a kernel: 3.14.26 -> 3.14.27 2014-12-17 14:36:38 -08:00
William A. Kennington III
eea5383b48 kernel: 3.17.6 -> 3.17.7 2014-12-17 14:36:29 -08:00
William A. Kennington III
042f266e10 kernel: 3.14.25 -> 3.14.26 2014-12-08 23:24:50 -08:00
William A. Kennington III
c8abfe37ab kernel: 3.17.4 -> 3.17.6 2014-12-08 23:23:42 -08:00
Ricardo M. Correia
7ce1cbed93 grsecurity: Update stable and test patches 
stable: 3.0-3.14.25-201411260106 -> 3.0-3.14.25-201412040016
test:   3.0-3.17.4-201411260107  -> 3.0-3.17.4-201412040017
 2014-12-05 18:26:21 +01:00
Ricardo M. Correia
6f31905563 grsecurity: Update stable and test patches 
stable: 3.0-3.14.25-201411231452 -> 3.0-3.14.25-201411260106
test:   3.0-3.17.4-201411231452  -> 3.0-3.17.4-201411260107
 2014-11-27 18:36:01 +01:00
Ricardo M. Correia
c07f81ce89 grsecurity: Update stable and test patches 
stable: 3.0-3.14.25-201411220954 -> 3.0-3.14.25-201411231452
test:   3.0-3.17.4-201411220955  -> 3.0-3.17.4-201411231452
 2014-11-24 03:53:28 +01:00
William A. Kennington III
d1493bc1ee kernel: 3.14.24 -> 3.14.25 2014-11-23 02:47:36 -08:00
Jonathan Rudenberg
30578e30d8 kernel: 3.17.3 -> 3.17.4 2014-11-22 16:50:16 -05:00
William A. Kennington III
f4a27311b7 kernel: 3.14.23 -> 3.14.24 2014-11-14 23:03:54 -08:00
William A. Kennington III
0ef4ee5d06 kernel: 3.17.2 -> 3.17.3 2014-11-14 23:03:47 -08:00
Ricardo M. Correia
c108ab47be grsecurity: Update stable and test patches 
stable: 3.0-3.14.23-201411062033 -> 3.0-3.14.23-201411091053
test:   3.0-3.17.2-201411062034  -> 3.0-3.17.2-201411091054
 2014-11-10 19:34:00 +01:00
Ricardo M. Correia
5701e40681 grsecurity: Update stable and test patches 
stable: 3.0-3.14.23-201410312212 -> 3.0-3.14.23-201411062033
test:   3.0-3.17.2-201410312213  -> 3.0-3.17.2-201411062034
 2014-11-09 02:47:54 +01:00
Ricardo M. Correia
268c72b92b grsecurity: Update stable and test patches 
stable: 3.0-3.14.22-201410250026 -> 3.0-3.14.23-201410312212
test:   3.0-3.17.1-201410281754  -> 3.0-3.17.2-201410312213
 2014-11-01 17:25:22 +01:00
Ricardo M. Correia
a9170c0dba grsecurity: Update stable and test patches 
stable: 3.0-3.14.22-201410192047 -> 3.0-3.14.22-201410250026
test:   3.0-3.17.1-201410192051  -> 3.0-3.17.1-201410281754
 2014-10-30 12:47:36 +01:00
Alexander Kjeldaas
005bb796e6 Updated grsec. 2014-10-22 02:18:41 +02:00
Ricardo M. Correia
c615793317 grsecurity: Update stable and test patches 
stable: 3.0-3.14.19-201409282024 -> 3.0-3.14.20-201410062037
test:   3.0-3.16.3-201409282025  -> 3.0-3.16.4-201410062041
 2014-10-07 16:55:49 +02:00
Ricardo M. Correia
bbdc35d4dd grsecurity: Update stable and test patches 
stable: 3.0-3.14.19-201409180900 -> 3.0-3.14.19-201409282024
test:   3.0-3.16.3-201409180901  -> 3.0-3.16.3-201409282025
 2014-09-29 14:44:20 +02:00
Ricardo M. Correia
cf61fa8013 grsecurity: Update stable and test patches 
stable: 3.0-3.14.18-201409060013 -> 3.0-3.14.19-201409180900
test:   3.0-3.16.2-201409060014  -> 3.0-3.16.3-201409180901
 2014-09-25 23:37:26 +02:00
Ricardo M. Correia
238a84ac78 grsecurity: Update stable and test patches 
stable: 3.0-3.14.17-201408260041 -> 3.0-3.14.18-201409060013
test:   3.0-3.15.10-201408212335 -> 3.0-3.16.2-201409060014
 2014-09-08 15:16:38 +02:00
Austin Seipp
2dc2699ca4 linux/grsec: updates 
3.15.10 is EOL soon, but grsecurity/unstable hasn't moved to 3.16.x yet.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-08-27 15:14:19 -05:00
Ricardo M. Correia
b50074929e grsecurity: Update stable and test patches 
stable: 3.0-3.14.9-201406262057 -> 3.0-3.14.10-201407012152
test:   3.0-3.15.2-201406262058 -> 3.0-3.15.3-201407012153
 2014-07-03 11:37:19 +02:00
Austin Seipp
dd56bfbd00 kernel/grsec: updates 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-06-27 00:52:12 -05:00
Austin Seipp
0399c5ee24 grsecurity: update stable/testing kernels, refactoring 
This updates the new stable kernel to 3.14, and the new testing kernel
to 3.15.

This also removes the vserver kernel, since it's probably not nearly as
used.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-06-22 22:29:10 -05:00
Austin Seipp
b8ede68b25 kernel/grsec: updates 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-06-21 22:13:49 -05:00
Austin Seipp
b43421221f kernel/grsec: updates; add mainline package for brave souls 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-06-05 06:06:19 -05:00
Austin Seipp
cb894d4fc3 grsec: updates 
Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-05-17 14:09:09 -05:00
Austin Seipp
92abc4c610 kernel: enable AppArmor by default 
AppArmor only requires a few patches to the 3.2 and 3.4 kernels in order
to work properly (with the minor catch grsecurity -stable includes the
3.2 patches.) This adds them to the kernel builds by default, removes
features.apparmor (since it's always true) and makes it the default MAC
system.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-05-17 14:09:09 -05:00
Austin Seipp
92f7781f00 kernel/grsecurity: stable/longterm/testing updates 
kernels:

  - longterm: 3.4.87  -> 3.4.88
  - longterm: 3.10.37 -> 3.10.38
  - stable:   3.13.10 -> 3.13.11
  - stable:   3.14.1  -> 3.14.2

grsecurity:

  - test: 3.0-3.14.1-201404241722 -> 3.0-3.14.2-201404270907

NOTE: technically the 3.13 stable kernel is now EOL. However, it will
become the long-term grsecurity stable kernel, and will have ongoing
support from Canonical.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-04-27 08:41:42 -05:00
Ricardo M. Correia
efae8ce543 grsecurity: Update all patches 
stable:  3.0-3.2.57-201404182109            -> 3.0-3.2.57-201404241714
test:    3.0-3.14.1-201404201132            -> 3.0-3.14.1-201404241722
vserver: 3.0-3.2.57-vs2.3.2.16-201404182110 -> 3.0-3.2.57-vs2.3.2.16-201404241715
 2014-04-25 04:41:58 +02:00
Ricardo M. Correia
5d5ca7b260 grsecurity: Update all patches 
stable:  3.0-3.2.57-201404131252            -> 3.0-3.2.57-201404182109
test:    3.0-3.13.10-201404141717           -> 3.0-3.14.1-201404201132
vserver: 3.0-3.2.57-vs2.3.2.16-201404131253 -> 3.0-3.2.57-vs2.3.2.16-201404182110
 2014-04-21 18:46:41 +02:00
Ricardo M. Correia
1b113178ee grsecurity: Update test patch from 3.0-3.13.9-201404131254 -> 3.0-3.13.10-201404141717 2014-04-15 00:16:29 +02:00
Austin Seipp
788d9a13fb grsecurity: stable/vserver/testing updates 
- stable:  201404111812            -> 201404131252
 - vserver: vs2.3.2.16-201404111814 -> vs2.3.2.16-201404131253
 - testing: 201404111815            -> 201404131254

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-04-13 13:11:17 -05:00
Austin Seipp
172dc1336f nixos: add grsecurity module (#1875) 
This module implements a significant refactoring in grsecurity
configuration for NixOS, making it far more usable by default and much
easier to configure.

 - New security.grsecurity NixOS attributes.
   - All grsec kernels supported
   - Allows default 'auto' grsec configuration, or custom config
   - Supports custom kernel options through kernelExtraConfig
   - Defaults to high-security - user must choose kernel, server/desktop
     mode, and any virtualisation software. That's all.
   - kptr_restrict is fixed under grsecurity (it's unwriteable)
 - grsecurity patch creation is now significantly abstracted
   - only need revision, version, and SHA1
   - kernel version requirements are asserted for sanity
   - built kernels can have the uname specify the exact grsec version
     for development or bug reports. Off by default (requires
     `security.grsecurity.config.verboseVersion = true;`)
 - grsecurity sysctl support
   - By default, disabled.
   - For people who enable it, NixOS deploys a 'grsec-lock' systemd
     service which runs at startup. You are expected to configure sysctl
     through NixOS like you regularly would, which will occur before the
     service is started. As a result, changing sysctl settings requires
     a reboot.
 - New default group: 'grsecurity'
   - Root is a member by default
   - GRKERNSEC_PROC_GID is implicitly set to the 'grsecurity' GID,
     making it possible to easily add users to this group for /proc
     access
 - AppArmor is now automatically enabled where it wasn't before, despite
   implying features.apparmor = true

The most trivial example of enabling grsecurity in your kernel is by
specifying:

    security.grsecurity.enable          = true;
    security.grsecurity.testing         = true;      # testing 3.13 kernel
    security.grsecurity.config.system   = "desktop"; # or "server"

This specifies absolutely no virtualisation support. In general, you
probably at least want KVM host support, which is a little more work.
So:

    security.grsecurity.enable = true;
    security.grsecurity.stable = true; # enable stable 3.2 kernel
    security.grsecurity.config = {
      system   = "server";
      priority = "security";
      virtualisationConfig   = "host";
      virtualisationSoftware = "kvm";
      hardwareVirtualisation = true;
    }

This module has primarily been tested on Hetzner EX40 & VQ7 servers
using NixOps.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-04-11 22:43:51 -05:00
Ricardo M. Correia
5dfc6584a5 grsecurity: Update stable patch from 3.0-3.2.56-201404062126 -> 3.0-3.2.57-201404091758 2014-04-10 00:37:33 +02:00
Ricardo M. Correia
807fad571a grsecurity: Update stable and test patches 
stable: 3.0-3.2.56-201404012135 -> 3.0-3.2.56-201404062126
test:   3.0-3.13.8-201404011912 -> 3.0-3.13.9-201404062127
 2014-04-07 15:31:12 +02:00
Ricardo M. Correia
52d233af22 grsecurity: Update stable patch from 3.0-3.2.55-201403300851 -> 3.0-3.2.56-201404012135 2014-04-02 15:11:33 +02:00
Ricardo M. Correia
407a6857c6 grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201403252026 -> 3.0-3.2.55-201403300851
test:   3.0-3.13.7-201403252047 -> 3.0-3.13.8-201404011912
 2014-04-02 02:16:59 +02:00
Ricardo M. Correia
911f332279 grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201403202347 -> 3.0-3.2.55-201403252026
test:   3.0-3.13.6-201403202349 -> 3.0-3.13.7-201403252047
 2014-03-26 23:07:57 +00:00
Ricardo M. Correia
9db587bf7d grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201403172027 -> 3.0-3.2.55-201403202347
test:   3.0-3.13.6-201403172032 -> 3.0-3.13.6-201403202349
 2014-03-21 15:41:32 +01:00
Shea Levy
e4961c63f7 Remove sec_perm patch that was needed by AUFS 
Now the kernel is unpatched by default on non-MIPS!
 2014-03-21 04:37:23 -04:00
Ricardo M. Correia
cc69228119 grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201403142107 -> 3.0-3.2.55-201403172027
test:   3.0-3.13.6-201403142112 -> 3.0-3.13.6-201403172032
 2014-03-18 16:51:25 +01:00
Ricardo M. Correia
ceec014020 grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201403122114 -> 3.0-3.2.55-201403142107
test:   3.0-3.13.6-201403122116 -> 3.0-3.13.6-201403142112
 2014-03-15 04:15:28 +01:00
Ricardo M. Correia
86b8cf954a grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201403072107 -> 3.0-3.2.55-201403122114
test:   3.0-3.13.6-201403072241 -> 3.0-3.13.6-201403122116
 2014-03-13 02:28:58 +01:00
Ricardo M. Correia
d999872b8d grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201403022154 -> 3.0-3.2.55-201403072107
test:   3.0-3.13.5-201403031445 -> 3.0-3.13.6-201403072241
 2014-03-10 17:23:17 +01:00
Austin Seipp
c4d5757e29 grsecurity updates 
- stable:  3.0-3.2.55-201402241936 -> 3.0-3.2.55-201403022154
  - testing: 3.0-3.13.5-201402241943 -> 3.0-3.13.5-201403031445

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-03-04 01:13:22 +01:00
Ricardo M. Correia
69a83ba99f grsecurity: Update stable and test patches 
stable: 3.0-3.2.55-201402221305 -> 3.0-3.2.55-201402241936
test:   3.0-3.13.4-201402221308 -> 3.0-3.13.5-201402241943
 2014-03-03 02:16:58 +01:00
Austin Seipp
7f4b97d495 grsecurity: stable/testing updates 
- stable:  3.0-3.2.55-201402201903 -> 3.0-3.2.55-201402221305
 - testing: 3.0-3.13.4-201402201908 -> 3.0-3.13.4-201402221308

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-02-22 20:29:25 +01:00
Austin Seipp
18f65f3640 grsecurity: stable/testing updates 
- stable:  3.0-3.2.55-201402192249 -> 3.0-3.2.55-201402201903
  - testing: 3.0-3.13.3-201402192252 -> 3.0-3.13.4-201402201908

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-02-20 20:21:16 -06:00
Austin Seipp
58e08a1a4f grsecurity: stable/testing updates 
- stable:  3.0-3.2.55-201402152203 -> 3.0-3.2.55-201402192249
  - testing: 3.0-3.13.3-201402152204 -> 3.0-3.13.3-201402192252

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-02-20 04:53:19 -06:00
Austin Seipp
c137015328 grsecurity updates. 
- stable:  3.0-3.2.54-201402062221 -> 3.0-3.2.55-201402152203
  - testing: 3.0-3.13.3-201402132113 -> 3.0-3.13.3-201402152204

Signed-off-by: Austin Seipp <aseipp@pobox.com>
 2014-02-17 07:27:51 -06:00
Evgeny Egorochkin
daa2827b99 grsecurity: update patch 2014-02-14 18:13:05 +02:00
Ricardo M. Correia
b31547654d grsecurity: Update stable and test patches 
stable: 3.0-3.2.54-201401191012 -> 3.0-3.2.54-201402062221
test:   3.0-3.12.8-201401191015 -> 3.0-3.13.2-201402062224
 2014-02-08 16:16:58 +01:00
Ricardo M. Correia
aeda8d63b9 grsecurity: Update stable and test patches 
stable: 3.0-3.2.53-201312021727 -> 3.0-3.2.54-201401191012
test:   3.0-3.12.2-201312021733 -> 3.0-3.12.8-201401191015
 2014-01-22 02:14:35 +01:00
Shea Levy
a589bfae17 Update and fix kernel packages to new kernel build 
In most cases, this just meant changing kernelDev (now removed from
linuxPackagesFor) to kernel.dev. Some packages needed more work (though
whether that was because of my changes or because they were already
broken, I'm not sure). Specifics:

* psmouse-alps builds on 3.4 but not 3.10, as noted in the comments that
  were already there
* blcr builds on 3.4 but not 3.10, as noted in comments that were
  already there
* open-iscsi, ati-drivers, wis-go7007, and openafsClient don't build on
  3.4 or 3.10 on this branch or on master, so they're marked broken
* A version-specific kernelHeaders package was added

The following packages were removed:

* atheros/madwifi is superceded by official ath*k modules
* aufs is no longer used by any of our kernels
* broadcom-sta v6 (which was already packaged) replaces broadcom-sta
* exmap has not been updated since 2011 and doesn't build
* iscis-target has not been updated since 2010 and doesn't build
* iwlwifi is part of mainline now and doesn't build
* nivida-x11-legacy-96 hasn't been updated since 2008 and doesn't build

Everything not specifically mentioned above builds successfully on 3.10.
I haven't yet tested on 3.4, but will before opening a pull request.

Signed-off-by: Shea Levy <shea@shealevy.com>
 2014-01-04 21:17:04 -05:00
Ricardo M. Correia
61adb5962c grsecurity: Update to 3.0-3.2.53-201312021727 and 3.0-3.12.2-201312021733 2013-12-04 15:28:21 +01:00
Ricardo M. Correia
2106191003 grsecurity: Fix module loading during boot due to path restrictions 2013-11-27 01:32:50 +01:00
Ricardo M. Correia
36955aa721 grsecurity: Update to 3.0-3.2.52-201311261307 and add patch for 3.12 2013-11-27 01:32:14 +01:00
Cillian de Róiste
a34354ef81 TuxOnIce: Add a 3.10 linux kernel with the TuxOnIce hibernation patch 2013-11-23 17:21:19 +01:00
Shea Levy
504ea7662c Remove EOL'd kernels 
Signed-off-by: Shea Levy <shea@shealevy.com>
 2013-11-01 11:10:05 -04:00
Ricardo M. Correia
57e9fd8bcf grsecurity: Update to 2.9.1-3.2.52-201310271550 2013-10-29 13:32:53 +01:00
Ricardo M. Correia
d32636dac4 grsecurity: Update to 2.9.1-3.2.51-201309281102 2013-10-20 08:14:28 +03:00
Ricardo M. Correia
90a2341300 grsecurity: generate linuxPackages and declare that apparmor is included 2013-10-20 08:14:28 +03:00
Ricardo M. Correia
342fcfc82f grsecurity: Update to 2.9.1-3.2.51-201309101928 2013-09-13 05:13:25 +02:00
Mathijs Kwik
273689bcbd linux-3.10: remove the btrfs send patch 
it helps, but is incomplete.
more fixes are coming, but including these would change too much
generic btrfs code, which might cause trouble for others.

so the best advice is not to use btrfs send yet and wait for 3.11 or 3.12
 2013-08-19 07:04:18 +02:00
Evgeny Egorochkin
27dcd771c3 Merge pull request #802 from wizeman/kernel_update 
Kernel update
 2013-08-11 15:08:45 -07:00
Mathijs Kwik
59025453e7 linux-3.10: backport a fix for "btrfs send" 
It has been submitted for inclusion in mainline, so it will probably
make it into 3.11 (or 3.12 as 3.11 is fairly close to release).

It is very local, only affecting people who use the "send" feature.
Without it, send is unstable/unsafe to use incrementally.

It can probably be applied to 3.9 and 3.8 as well, but as I only
tested it against 3.10, so I didn't bother.
 2013-08-10 13:53:17 +02:00
Ricardo M. Correia
36c2711f8b linux: update grsecurity patch 2013-08-06 02:21:00 +00:00
Eelco Dolstra
c564d012f8 Style fix 2013-08-01 01:40:41 +02:00
Eelco Dolstra
b976e00ff2 linux: Remove obsolete AUFS 3.7 patch 2013-08-01 01:40:40 +02:00
Eelco Dolstra
ff99631753 linux: Remove CIFS timeout patch 
We longer use CIFS in the VM tests so we don't need this anymore.
 2013-08-01 01:40:40 +02:00
Eelco Dolstra
956d71f843 linux: Remove some unused patches 2013-08-01 01:40:40 +02:00
Rob Vermaas
af2a127551 Add linux 3.2.48 with grsecurity patches 2013-07-22 21:44:31 +02:00
Ricardo M. Correia
22689567ed apparmor: Update to kernel 3.4 series (the current default) 2013-07-22 18:03:26 +02:00
Mathijs Kwik
e18f4eb50f apparmor patch: should have a name, broke nixpkgs tarball 2013-05-12 13:11:49 +02:00
Evgeny Egorochkin
8d7e1a79cc AppArmor: add a sample patched kernel. 2013-05-11 08:50:34 +03:00
Eelco Dolstra
916c1adb84 Delete all kernels older than 2.6.39 
Systemd doesn't support those kernels, so there is no point in keeping
them around.
 2013-03-27 23:00:02 +01:00
Shea Levy
af26af6fc7 Remove EOL'd Linux 3.6 2013-02-14 14:33:42 -05:00
Shea Levy
0ad870eb5e Remove EOL'd Linux 3.5 2013-02-14 14:32:44 -05:00
Shea Levy
c23084906b Remove EOL'd Linux 3.3 2013-02-14 14:30:31 -05:00
Shea Levy
0178a3b7b1 Remove EOL'd Linux 3.1 2013-02-14 14:28:53 -05:00
Mathijs Kwik
caf561d41a aufs3: upgrade to 1210 release, add linux-3.7 support 2012-12-13 14:00:28 +01:00
David Guibert
c604ff045e add cifs_timeout to kernel 3.5 2012-11-15 07:41:11 +01:00
Lluís Batlle i Rossell
bb3b603ea7 mips linux: Adding a patch to fix an ext3 bug in 3.5 and 3.6 
I made it apply to all Mips, although the bug works only for n32 and o32 ABIs.
We don't support any n64 by now.
 2012-11-06 00:16:13 +01:00
Mathijs Kwik
8f480e3035 linux-3.6: upgrade to 3.6.1 
- enable aufs3 patch
- check other patches needing upgrade/enable
 2012-10-09 16:05:24 +02:00
Mathijs Kwik
ce3e42df72 linux aufs3: upgrade patch and utils to 20120827 for all 3.x kernels 2012-09-16 13:05:52 +02:00
Mathijs Kwik
192b29181b linux-3.4: upgrade to 3.4.9 
- aufs patch: upgrade to latest stable 3.4
 2012-08-21 10:27:13 +02:00
Mathijs Kwik
6e9a6a5924 linux-3.3: upgrade to 3.3.8 
- aufs patch: upgrade to latest stable 3.3
 2012-08-21 10:26:44 +02:00
Mathijs Kwik
03228d60fe linux-3.5: upgrade aufs3 patch to latest stable 2012-08-16 12:00:25 +02:00
Lluís Batlle i Rossell
734bb84f09 linux-3.5: fix perf build with a patch from the perf mailing list 2012-08-10 09:41:43 +02:00
Mathijs Kwik
fb99c24d7c kernel-3.5: add aufs3 patch 2012-08-05 01:55:31 +02:00
Peter Simons
82b2588e35 Linux no-xsave.patch: commit patch into Nixpkgs since fetchurl no longer works 
Patch submitted by Jan Malakhovski <oxij@oxij.org>.
 2012-07-02 16:53:53 +02:00
Eelco Dolstra
1582276602 * Drop some old obsolete kernels and unused patches. 
svn path=/nixpkgs/trunk/; revision=34558
 2012-06-19 15:56:17 +00:00
Lluís Batlle i Rossell
3874e5812d Adding two kernel patches for mips, that make the life easier on loongson2f 
(less sigill, less sigbus). Related to bad handling of FPU instructions.

I apply them only to linux 3.4, although I think they can apply to many older kernels too.


svn path=/nixpkgs/trunk/; revision=34522
 2012-06-16 10:49:03 +00:00
Mathijs Kwik
46beccef20 linux kernel aufs (needed for livecd): added to 3.4 
upgraded 3.3 version to stable

svn path=/nixpkgs/trunk/; revision=34468
 2012-06-11 17:41:05 +00:00
Shea Levy
497a4afe72 We no longer need the bootstub config patch 
svn path=/nixpkgs/trunk/; revision=33987
 2012-05-05 14:26:20 +00:00
Shea Levy
50a0b839af Linux 3.3.3 
This incorporates the btrfs fix, so remove that patch. Also, I will test
that this builds after committing, and fix it if it fails

svn path=/nixpkgs/trunk/; revision=33885
 2012-04-23 00:12:47 +00:00
Lluís Batlle i Rossell
b35d2c6b89 Adding a patch for linux 3.3 for btrfs regarding ENOSPC. 
This should solve the problem I had, where I could not boot either 3.3 or 3.3.1
in my system, as I got ENOSPC all the time.


svn path=/nixpkgs/trunk/; revision=33714
 2012-04-09 21:02:17 +00:00
Shea Levy
dfcd4dd559 Add a kernel patch for the efi boot stub to read a config file when booted without arguments, and base removable media booting off of that patch 
The patch is currently being discussed on LKML and hopefully will be included
in mainline in some form in the future. Note that booting from the livecd has
to do a lot of work before anything is output to the console, so if the drive
is still busy don't assume the boot has hanged

svn path=/nixpkgs/trunk/; revision=33235
 2012-03-18 17:14:52 +00:00
Shea Levy
76832793f2 Linux 3.3-rc7 
svn path=/nixpkgs/trunk/; revision=33007
 2012-03-12 02:19:05 +00:00
Yury G. Kudryashov
38e3d7bc86 svn merge ^/nixpkgs/trunk 
Not merged r32497 (tree conflict, glibc GNU Hurd update). Ludovic, could you
please look at this?

svn path=/nixpkgs/branches/stdenv-updates/; revision=32520
 2012-02-23 20:06:21 +00:00
Peter Simons
9db6840814 linux kernel 3.2 : added aufs patches 
svn path=/nixpkgs/trunk/; revision=32483
 2012-02-22 20:29:18 +00:00
Eelco Dolstra
0beb6c6266 * Remove some obsolete patches. 
svn path=/nixpkgs/branches/stdenv-updates/; revision=32379
 2012-02-17 23:53:49 +00:00
Eelco Dolstra
752203c3ca * Remove broken tux-on-ice kernels. 
svn path=/nixpkgs/trunk/; revision=30619
 2011-11-29 14:49:32 +00:00
Shea Levy
c65ff0d37d Update aufs3.0, add aufs3.1 
svn path=/nixpkgs/trunk/; revision=30329
 2011-11-08 16:00:19 +00:00
Shea Levy
5e5dd16842 Remove the efi stub patch 
svn path=/nixpkgs/trunk/; revision=30264
 2011-11-06 17:38:51 +00:00
Shea Levy
72f41379be Add a patch to enable adding efi stub code to the linux kernel 
svn path=/nixpkgs/trunk/; revision=29555
 2011-10-01 23:00:48 +00:00
Shea Levy
f979d3de4e Add features.aufs2 to old kernels 
svn path=/nixpkgs/trunk/; revision=29536
 2011-09-28 22:13:59 +00:00
Shea Levy
ed38cc3545 aufs3-util 
svn path=/nixpkgs/trunk/; revision=29535
 2011-09-28 21:59:07 +00:00
Shea Levy
4add420a48 aufs3 kernelPackage 
svn path=/nixpkgs/trunk/; revision=29534
 2011-09-28 21:46:07 +00:00
Shea Levy
2e012018bb makeAufs3StandalonePatch: Don't unpack the kernel source 
svn path=/nixpkgs/trunk/; revision=29533
 2011-09-28 21:09:54 +00:00
Shea Levy
60b155479d linux-3.0: Add aufs3 patch 
svn path=/nixpkgs/trunk/; revision=29532
 2011-09-28 20:48:08 +00:00
David Guibert
4b3530f55d apply aufs patch to other kernels. 
svn path=/nixpkgs/trunk/; revision=28708
 2011-08-20 07:55:53 +00:00
David Guibert
db3eb9de85 utrace: fix urls. 
But it still does not apply to recent 2.6.32 kernels.

svn path=/nixpkgs/trunk/; revision=28707
 2011-08-20 06:47:13 +00:00
David Guibert
22ee5aba7a aufs for 2.6.36/39 and 3.0 
svn path=/nixpkgs/trunk/; revision=28705
 2011-08-20 06:39:29 +00:00
Ludovic Stordeur
e381c7c385 Added CIFS timeout patch for Linux 2.6.15 
svn path=/nixpkgs/trunk/; revision=27715
 2011-07-11 14:00:01 +00:00
Ludovic Stordeur
388ba0981b Added CIFS timeout patch for Linux 2.6.{25 --> 28} 
svn path=/nixpkgs/trunk/; revision=27713
 2011-07-11 13:59:54 +00:00
Ludovic Stordeur
b2cf02eb5e Renamed cifs-timeout-2.6.{32 --> 29} patch 
Renamed cifs-timeout-2.6.32 patch to cifs-timeout-2.6.29 as this is the
older kernel version this patch applies to.

svn path=/nixpkgs/trunk/; revision=27711
 2011-07-11 13:59:47 +00:00
Ludovic Stordeur
c551998c82 Added CIFS timeout patch for Linux 2.6.{35 --> 38} 
svn path=/nixpkgs/trunk/; revision=27710
 2011-07-11 13:59:43 +00:00
Ludovic Stordeur
df0a6394b3 Suffixed cifs timeout patch with kernel version. 
Currently suffixed with 2.6.32.
This pre-patch prepares the landing of several versions of this patch to
support other Linux kernel versions.

svn path=/nixpkgs/trunk/; revision=27709
 2011-07-11 13:59:40 +00:00
Shea Levy
dedd972a16 Add fbcondecor for 2.6.38 
svn path=/nixpkgs/trunk/; revision=26876
 2011-04-18 15:13:04 +00:00
Shea Levy
d86630472b Add aufs2.1 for 2.6.38 
svn path=/nixpkgs/trunk/; revision=26811
 2011-04-12 18:36:33 +00:00
Ludovic Courtès
16d86dcbe2 Linux 2.6.{25,28}: Allow compilation with recent Glibc. 
svn path=/nixpkgs/trunk/; revision=26741
 2011-04-07 13:57:43 +00:00
Lluís Batlle i Rossell
6eaaa06077 Committing on behalf of Shea Levy: 
This patch adds a "features.aufs2_1" to the aufs-2.1 patch for Linux
2.6.37 to prevent aufs2_1 and aufs2_1_util from being options for
kernels without an aufs 2.1 patch. There were several Hydra build
failures as a result of attempting to build aufs2.1 against older
kernels.

svn path=/nixpkgs/trunk/; revision=26597
 2011-03-30 08:16:44 +00:00
Lluís Batlle i Rossell
1357904982 Committing the aufs2.1 patch by Shea Levy. His comments: 
* My motivation for this patch is that kernels < 2.6.36 contain an
     e1000e that does not support the ethernet card that is part of the
     chipset for the second-generation Core-i Intel CPUs, so in order
     to have a more useful livecd I needed to get aufs working with a
     newer kernel, and 2.6.37 is the latest kernel with an official
     aufs release.
   * All sources are downloaded with fetchgit. This is because the aufs
     upstream doesn't provide release tarballs, they just add a tag to
     their git tree for an official release.
   * The make target for the aufs2.1 headers uses a Makefile in the
     kernel build directory that requires that unifdef be in the
     scripts/ subdirectory of the build directory. The way I've dealt
     with this here is by adding "make $makeFlags -C scripts unifdef"
     to the postBuild in the kernel builder. Since the builder is used
     by all kernel versions, this will require rebuilding every kernel
     and kernel-dependent package if the patch is accepted, so one
     alternative I thought of would be to create a fake kernel build
     directory where everything is symlinked to the real build
     directory except scripts/, which is first copied and then make
     unifdef is run before building aufs2.1. If that more complicated
     solution is preferred, or if anyone has ideas for another one, I
     can do that and submit a new patch.
   * The patch was tested by building a livecd ISO that uses it, then
     running the ISO from within virtualbox and installing aufs2.1-util
     from within the livecd environment.
   * The livecd was built using installation-cd-minimal.nix, with two
     changes to the Nixos tree:
        1. boot.kernelPackages = pkgs.linuxPackages_2_6_37 was added to
           profiles/minimal.nix
        2. config.boot.kernelPackages.aufs2 was changed to
           config.boot.kernelPackages.aufs2_1 in iso-image.nix
     I would have preferred to keep all changes within
     profiles/minimal.nix, but I couldn't figure out how to override
     iso-image.nix's definition of boot.extraModulePackages. Livecds
     that use an older kernel can't be built with this iso-image.nix,
     since we don't have aufs2.1 for them (just aufs2). If someone can
     point me to how I can override things set in iso-image.nix, I'd
     appreciate it.

make -C scripts unifdef compiles the unifdef application in the
scripts/ directory, and when Nix copies over the build tree to
$out/lib/modules/$version/build for kernel modules to reference, it
copies over all of scripts/ except the .o files. I can't speak for
other kernel versions, but at the least for 2.6.37.1 unifdef is not
built by default. If you look at the Makefile in scripts, unifdef is
listed  under a comment saying that the following programs are only
built on-demand.

svn path=/nixpkgs/trunk/; revision=26548
 2011-03-27 15:18:39 +00:00
Lluís Batlle i Rossell
f6e3d3e10d Adding tuxonice for some recent kernels. 
svn path=/nixpkgs/trunk/; revision=26447
 2011-03-21 15:53:22 +00:00
Lluís Batlle i Rossell
84ca32b293 Adding tuxonice for 2.6.35 
svn path=/nixpkgs/trunk/; revision=26446
 2011-03-21 15:42:21 +00:00
Lluís Batlle i Rossell
8ab38a2828 Adding the fbcondecor patch for 2.6.37, by Shea Levy 
svn path=/nixpkgs/trunk/; revision=26428
 2011-03-19 20:44:45 +00:00
Eelco Dolstra
5cc5e16104 * Remove the xen-pvclock-resume patch, which has finally been merged 
into 2.6.32.

svn path=/nixpkgs/trunk/; revision=26149
 2011-03-03 15:36:13 +00:00
Lluís Batlle i Rossell
13a8b34a81 Fix for a syscall restart bug on linux-mips 
svn path=/nixpkgs/branches/stdenv-updates/; revision=24791
 2010-11-21 15:26:36 +00:00
Lluís Batlle i Rossell
f4f84af4ab Updating from trunk. I only had to take away the usual stdenv2 in 
all-packages.nix


svn path=/nixpkgs/branches/stdenv-updates/; revision=24553
 2010-10-31 19:30:31 +00:00
Eelco Dolstra
85a0cd1385 * A better fix for the Xen clock problem. 
svn path=/nixpkgs/trunk/; revision=24488
 2010-10-26 13:08:51 +00:00
Eelco Dolstra
5762edd607 * Linux 2.6.32: revert upstream patch 
489fb490dbf8dab0249ad82b56688ae3842a79e8.  It causes the DomU clock
  to jump into the future and freeze after being saved and restored
  across a Dom0 reboot.  See 

    http://lists.xensource.com/archives/html/xen-devel/2010-10/msg00498.html
    http://lists.xensource.com/archives/html/xen-devel/2010-10/msg01174.html

svn path=/nixpkgs/trunk/; revision=24473
 2010-10-25 16:36:42 +00:00
Lluís Batlle i Rossell
bf6f39fb7c Adding a patch fixing ARM trouble on the recent linux 2.6.35 
svn path=/nixpkgs/branches/stdenv-updates/; revision=24158
 2010-10-07 22:10:28 +00:00
Lluís Batlle i Rossell
2c5de61327 Updating from trunk. 
svn path=/nixpkgs/branches/stdenv-updates/; revision=23840
 2010-09-17 19:10:21 +00:00
Ludovic Courtès
078353fc15 Linux: Add GuruPlug-related patches. 
svn path=/nixpkgs/trunk/; revision=23833
 2010-09-17 15:56:42 +00:00
Lluís Batlle i Rossell
a42e571e33 Trying to fix an URL for a patch (the previous URL did not work anyamore) 
svn path=/nixpkgs/branches/stdenv-updates/; revision=23700
 2010-09-09 17:07:12 +00:00
Lluís Batlle i Rossell
bd17763fbb Fixing an url on kernel patches 
svn path=/nixpkgs/branches/stdenv-updates/; revision=23639
 2010-09-05 05:59:55 +00:00
Michael Raskin
d3d44dc6d3 Add AUFS patch for 2.6.35 
svn path=/nixpkgs/trunk/; revision=23288
 2010-08-20 20:46:12 +00:00
Yury G. Kudryashov
10c5146a78 Add fbcondecor-2.6.35 
svn path=/nixpkgs/trunk/; revision=23286
 2010-08-20 20:12:03 +00:00
Eelco Dolstra
3f287cfb1d * Ensure that the dell-bluetooth device does not stay in the "hard 
blocked" state.

svn path=/nixpkgs/branches/x-updates/; revision=22730
 2010-07-25 12:15:59 +00:00