From e4961c63f7153f9e9661a61fd0e2228424d6d362 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Fri, 21 Mar 2014 04:36:15 -0400 Subject: [PATCH] Remove sec_perm patch that was needed by AUFS Now the kernel is unpatched by default on non-MIPS! --- pkgs/os-specific/linux/kernel/patches.nix | 6 ----- .../linux/kernel/sec_perm-2.6.24.patch | 16 ----------- pkgs/top-level/all-packages.nix | 27 ++++--------------- 3 files changed, 5 insertions(+), 44 deletions(-) delete mode 100644 pkgs/os-specific/linux/kernel/sec_perm-2.6.24.patch diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index 2d1fb6e2818..d7c9e126598 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -44,12 +44,6 @@ rec { features.apparmor = true; }; - sec_perm_2_6_24 = - { name = "sec_perm-2.6.24"; - patch = ./sec_perm-2.6.24.patch; - features.secPermPatch = true; - }; - no_xsave = { name = "no-xsave"; patch = ./no-xsave.patch; diff --git a/pkgs/os-specific/linux/kernel/sec_perm-2.6.24.patch b/pkgs/os-specific/linux/kernel/sec_perm-2.6.24.patch deleted file mode 100644 index de9b29949c3..00000000000 --- a/pkgs/os-specific/linux/kernel/sec_perm-2.6.24.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: linux-2.6.24-rc3/security/security.c -=================================================================== -RCS file: /ext1/sysadm/transparent/repository/linux-2.6.24-rc3/security/security.c,v -retrieving revision 1.1 -retrieving revision 1.2 -diff -u -p -r1.1 -r1.2 ---- linux-2.6.24-rc3/security/security.c 21 Nov 2007 13:03:11 -0000 1.1 -+++ linux-2.6.24-rc3/security/security.c 21 Nov 2007 13:07:55 -0000 1.2 -@@ -409,6 +409,7 @@ int security_inode_permission(struct ino - return 0; - return security_ops->inode_permission(inode, mask, nd); - } -+EXPORT_SYMBOL(security_inode_permission); - - int security_inode_setattr(struct dentry *dentry, struct iattr *attr) - { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 88d1a054f69..f0ba9b3c29e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6767,9 +6767,6 @@ let linux_3_2 = makeOverridable (import ../os-specific/linux/kernel/linux-3.2.nix) { inherit fetchurl stdenv perl buildLinux; - kernelPatches = - [ kernelPatches.sec_perm_2_6_24 - ]; }; grsecurityOverrider = args: { @@ -6817,9 +6814,7 @@ let linux_3_4 = makeOverridable (import ../os-specific/linux/kernel/linux-3.4.nix) { inherit fetchurl stdenv perl buildLinux; - kernelPatches = - [ kernelPatches.sec_perm_2_6_24 - ] ++ lib.optionals ((platform.kernelArch or null) == "mips") + kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips") [ kernelPatches.mips_fpureg_emu kernelPatches.mips_fpu_sigill ]; @@ -6839,10 +6834,7 @@ let linux_3_10 = makeOverridable (import ../os-specific/linux/kernel/linux-3.10.nix) { inherit fetchurl stdenv perl buildLinux; - kernelPatches = - [ - kernelPatches.sec_perm_2_6_24 - ] ++ lib.optionals ((platform.kernelArch or null) == "mips") + kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips") [ kernelPatches.mips_fpureg_emu kernelPatches.mips_fpu_sigill kernelPatches.mips_ext3_n32 @@ -6860,10 +6852,7 @@ let linux_3_11 = makeOverridable (import ../os-specific/linux/kernel/linux-3.11.nix) { inherit fetchurl stdenv perl buildLinux; - kernelPatches = - [ - kernelPatches.sec_perm_2_6_24 - ] ++ lib.optionals ((platform.kernelArch or null) == "mips") + kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips") [ kernelPatches.mips_fpureg_emu kernelPatches.mips_fpu_sigill kernelPatches.mips_ext3_n32 @@ -6872,10 +6861,7 @@ let linux_3_12 = makeOverridable (import ../os-specific/linux/kernel/linux-3.12.nix) { inherit fetchurl stdenv perl buildLinux; - kernelPatches = - [ - kernelPatches.sec_perm_2_6_24 - ] ++ lib.optionals ((platform.kernelArch or null) == "mips") + kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips") [ kernelPatches.mips_fpureg_emu kernelPatches.mips_fpu_sigill kernelPatches.mips_ext3_n32 @@ -6884,10 +6870,7 @@ let linux_3_13 = makeOverridable (import ../os-specific/linux/kernel/linux-3.13.nix) { inherit fetchurl stdenv perl buildLinux; - kernelPatches = - [ - kernelPatches.sec_perm_2_6_24 - ] ++ lib.optionals ((platform.kernelArch or null) == "mips") + kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips") [ kernelPatches.mips_fpureg_emu kernelPatches.mips_fpu_sigill kernelPatches.mips_ext3_n32