From b43421221ff3ea7069de175845be80075f31d2a8 Mon Sep 17 00:00:00 2001 From: Austin Seipp Date: Thu, 5 Jun 2014 06:06:19 -0500 Subject: [PATCH] kernel/grsec: updates; add mainline package for brave souls Signed-off-by: Austin Seipp --- pkgs/os-specific/linux/kernel/linux-3.10.nix | 4 ++-- pkgs/os-specific/linux/kernel/linux-3.2.nix | 4 ++-- pkgs/os-specific/linux/kernel/linux-3.4.nix | 4 ++-- .../os-specific/linux/kernel/linux-testing.nix | 17 +++++++++++++++++ pkgs/os-specific/linux/kernel/patches.nix | 18 +++++++++--------- pkgs/top-level/all-packages.nix | 10 ++++++++++ 6 files changed, 42 insertions(+), 15 deletions(-) create mode 100644 pkgs/os-specific/linux/kernel/linux-testing.nix diff --git a/pkgs/os-specific/linux/kernel/linux-3.10.nix b/pkgs/os-specific/linux/kernel/linux-3.10.nix index de8fa4f5413..ac2ba611386 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.10.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, ... } @ args: import ./generic.nix (args // rec { - version = "3.10.40"; + version = "3.10.41"; extraMeta.branch = "3.10"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0a56hh47a9x8mg1rxlckfnrjcphwz9hraxj2fgran95vb33hsq5a"; + sha256 = "0rpz2nxay0a4573dnnb8szq3ly3bhjd6wrz5z6iw3kpj19crs0r1"; }; features.iwlwifi = true; diff --git a/pkgs/os-specific/linux/kernel/linux-3.2.nix b/pkgs/os-specific/linux/kernel/linux-3.2.nix index 1ff3b48676f..d5fd820cac0 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.2.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.2.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, ... } @ args: import ./generic.nix (args // rec { - version = "3.2.58"; + version = "3.2.59"; extraMeta.branch = "3.2"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "1mszzixiv4k61m241dl2n5s8rca26l6hc40v23lha814nrahjkn1"; + sha256 = "0a62nmn90k3g48m8g3y27q6a0qwa3k2s6synss7378kdi4f938i4"; }; # We don't provide these patches if grsecurity is enabled, because diff --git a/pkgs/os-specific/linux/kernel/linux-3.4.nix b/pkgs/os-specific/linux/kernel/linux-3.4.nix index 63d0d490402..165baf0a17f 100644 --- a/pkgs/os-specific/linux/kernel/linux-3.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-3.4.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, ... } @ args: import ./generic.nix (args // rec { - version = "3.4.90"; + version = "3.4.91"; extraMeta.branch = "3.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz"; - sha256 = "0kh4y1sbsjm3awplfsd0i59rz7wc1dj23mcs5rwwhc0p7i8w4r75"; + sha256 = "003l9i14m5ci2232wl68nxbgi0ipkzq00yfgxfp9cmh2sipxy1dk"; }; kernelPatches = args.kernelPatches ++ diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix new file mode 100644 index 00000000000..d58610a38cd --- /dev/null +++ b/pkgs/os-specific/linux/kernel/linux-testing.nix @@ -0,0 +1,17 @@ +{ stdenv, fetchurl, ... } @ args: + +import ./generic.nix (args // rec { + version = "3.15-rc8"; + extraMeta.branch = "3.15"; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v3.x/testing/linux-${version}.tar.xz"; + sha256 = ""; + }; + + features.iwlwifi = true; + features.efiBootStub = true; + features.needsCifsUtils = true; + features.canDisableNetfilterConntrackHelpers = true; + features.netfilterRPFilter = true; +} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index a4ebc689b2f..c0cca64967c 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -60,24 +60,24 @@ rec { }; grsecurity_stable = grsecPatch - { kversion = "3.2.58"; - revision = "201405112002"; + { kversion = "3.2.59"; + revision = "201406042136"; branch = "stable"; - sha256 = "107jbgl1lz6blrk5rxm10jjhbywav9s56bs7zfs3m1618bff7p7v"; + sha256 = "01frz80n7zl3yyl11d1i517n0rw8ivb46cl0swp3zgjx29adwc8s"; }; grsecurity_vserver = grsecPatch - { kversion = "3.2.58"; - revision = "vs2.3.2.16-201405112004"; + { kversion = "3.2.59"; + revision = "vs2.3.2.16-201406042138"; branch = "vserver"; - sha256 = "0xi7c1q0qsvdvs9vw3iclfz8ykjf56cc9wds6419z1lcgcaykb9w"; + sha256 = "1vlmcf2fshxvhsparmvwlbn3gpccc8zjc341sjwsmyc3i8csmysr"; }; grsecurity_unstable = grsecPatch - { kversion = "3.14.4"; - revision = "201405141623"; + { kversion = "3.14.5"; + revision = "201406021708"; branch = "test"; - sha256 = "0k9f3n1hxxqa2l10mjk7hy7w9p0mmiqv6s6cbiji2hyvakm5s7p4"; + sha256 = "002sbbcmvg6wa41a1q8vgf3zcjakns72dc885b6jml0v396hb5c6"; }; grsec_fix_path = diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 24d977d5148..dc21997dbf1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7196,6 +7196,15 @@ let ]; }; + linux_testing = makeOverridable (import ../os-specific/linux/kernel/linux-testing.nix) { + inherit fetchurl stdenv perl buildLinux; + kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips") + [ kernelPatches.mips_fpureg_emu + kernelPatches.mips_fpu_sigill + kernelPatches.mips_ext3_n32 + ]; + }; + /* grsec configuration We build several flavors of 'default' grsec kernels. These are @@ -7339,6 +7348,7 @@ let linuxPackages_3_12 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_12 linuxPackages_3_12); linuxPackages_3_13 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_13 linuxPackages_3_13); linuxPackages_3_14 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_3_14 linuxPackages_3_14); + linuxPackages_testing = recurseIntoAttrs (linuxPackagesFor pkgs.linux_testing linuxPackages_testing); # grsecurity flavors # Stable kernels