jolheiser/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
82,943 Commits 266 Branches 122 Tags 5.3 GiB
52477b0a0b
Commit Graph

244 Commits

Author SHA1 Message Date
Joachim Fasting
52477b0a0b
kernelPatches.grsecurity_4_5: 201605060852 -> 201605080858 2016-05-09 16:38:44 +02:00
Joachim Fasting
27061905bd
linuxPackages_grsec_4_5: 3.1-4.5.2-201604290633 -> 3.1-4.5.3-201605060852 2016-05-06 16:37:25 +02:00
Joachim Fasting
0bd31bce10
grsecurity: drop support for 4.4 kernels 
From now on, only the testing branch of grsecurity will be supported.
Additionally, use only patches from upstream.

It's impossible to provide meaningful support for grsecurity stable.
First, because building and testing \(m \times n \times z) [1], packages
is infeasible.  Second, because stable patches are only available from
upstream for-pay, making us reliant on third-parties for patches. In
addition to creating yet more work for the maintainers, using stable
patches provided by a third-party goes against the wishes of upstream.

nixpkgs provides the tools necessary to build grsecurity kernels for any
version the user chooses, however, provided they pay for, or otherwise
acquire, the patch themselves.

Eventually, we'll want to remove the now obsolete top-level attributes,
but leave them in for now to smoothe migration (they have been removed
from top-level/release.nix, though, because it makes no sense to have
them there).

[1]: where \(m\) is the number of grsecurity flavors, \(n\) is the
number of kernel versions, and z is the size of the `linuxPackages` set
 2016-05-04 01:07:53 +02:00
Joachim Fasting
7893cb1aea
linuxPackages_grsec_4_1: delete 
Upstream supports 3.14, 4.4, and 4.5
 2016-05-02 11:28:05 +02:00
Joachim Fasting
fecb56fc3f
linuxPackages_grsec_4_5: init at 3.1-4.5.2-201604290633 2016-05-02 11:28:05 +02:00
obadz
4788ec1372 linux kernel 4.4: fix race during build 
Patch drivers/crypto/qat/qat_common/Makefile so that qat_asym_algs.o
explicitly depends on headers qat_rsaprivkey-asn1.h and qat_rsapubkey-asn1.h

Hopefully fixes #14595
 2016-04-12 22:45:57 +01:00
Charles Strahan
ad7b1e24c2 fan-networking: updated patches from Ubuntu 
This pulls in updated Fan Networking patches from Ubuntu.
(https://wiki.ubuntu.com/FanNetworking)

closes #14328
 2016-04-10 16:07:03 -04:00
Domen Kožar
b95a1c4f77 kernel: fix build of 3.10 and 3.12 on i686 
(cherry picked from commit 23730413fef4be7fe365f452fcaef16c5f4e4b1b)
Signed-off-by: Domen Kožar <domen@dev.si>
 2016-04-06 10:36:04 +01:00
Tim Steinbach
a5d8256df4 grsecurity: 4.4.4 -> 4.4.5 2016-03-14 21:29:42 +00:00
Franz Pletz
255d710757 grsecurity: 4.4.2 -> 4.4.4 
See #13505.
 2016-03-08 01:03:47 +01:00
tg(x)
be3bd972d5 grsecurity: add 4.1 kernel 2016-02-28 15:00:16 +01:00
tg(x)
38614d3f6a grsecurity: use kernel version instead of testing / stable 2016-02-28 04:10:59 +01:00
tg(x)
4e3d6d3e90 grsecurity: separate fix patches for testing & stable 2016-02-27 19:54:55 +01:00
tg(x)
75f353ffbd grsecurity: decouple from mainline 2016-02-27 19:33:35 +01:00
tg(x)
7547960546 grsecurity: move version information to one place 2016-02-27 18:36:12 +01:00
tg(x)
d95321b83e grsecurity: 4.3.4 -> 4.4.2 2016-02-27 18:36:12 +01:00
tg(x)
42deddb17a grsecurity: use source URL from a scraped repository as grsecurity.net only has the latest version 2016-02-10 00:46:11 +01:00
Dan Peebles
78956c77c0 linux: 4.3.3 -> 4.34 (and update grsecurity patches, too) 2016-01-24 03:53:46 +00:00
Dan Peebles
33cf0792b1 grsecurity-testing: update patches and associated kernel version 2016-01-23 14:29:34 +00:00
Al Zohali
a3a5bc6095 linux_chromiumos_3_14: init at 3.14.0 
Co-authored-by: Nikolay Amiantov <ab@fmap.me>
 2016-01-13 22:43:19 +03:00
Al Zohali
ee9e7b7224 linux_chromiumos_3_18: init at 3.18.0 
Co-authored-by: Nikolay Amiantov <ab@fmap.me>
 2016-01-13 22:43:19 +03:00
William A. Kennington III
194357ad20 grsecurityUnstable: 4.1.7 -> 4.2.3 2015-10-15 10:41:04 -07:00
Paul Colomiets
84c0098117 Unprivileged overlayfs mounts kernel patch from ubuntu 
This allows to create overlayfs mounts by unprivileged containers (i.e.
in user and mount namespace). It's super-useful for containers.

The patch is trivial as I understand from the patch description it's
does not have security implications (on top of what user namespaces
already have). And it's enabled in ubuntu long time ago. Here is a proof:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1357025
 2015-09-26 00:42:16 +03:00
William A. Kennington III
84505bd36a grsecurity: Update patches 2015-09-16 13:35:41 -07:00
William A. Kennington III
d70c01daec grsecurity: Update patches 2015-08-18 21:06:45 -07:00
Charles Strahan
c1ee8fefd4 nixos: add support for Ubuntu Fan Networking 
This provides support for Ubuntu Fan Networking [1].

This includes:

* The fanctl package, and a corresponding NixOS service.
* iproute patches.
* kernel patches.

closes #9188

1: https://wiki.ubuntu.com/FanNetworking
 2015-08-13 14:27:14 -04:00
William A. Kennington III
52e55d85cb kernel: 3.14.49 -> 3.14.50 2015-08-10 23:35:43 -07:00
William A. Kennington III
974b9cc8cc kernel: 4.1.4 -> 4.1.5 2015-08-10 23:34:31 -07:00
William A. Kennington III
04f1b451d7 kernel: 3.14.48 -> 3.14.49 2015-08-04 13:30:08 -07:00
William A. Kennington III
a5d6e61c2f grsecurity: Push testing from 4.0 -> 4.1 2015-08-04 13:28:16 -07:00
William A. Kennington III
0245b28796 kernel: 3.14.47 -> 3.14.48 2015-07-11 20:15:05 -07:00
William A. Kennington III
3284b216a4 kernel: 4.0.7 -> 4.0.8 2015-07-11 20:15:05 -07:00
Eelco Dolstra
5c9f437d2f linux: 3.14.46 -> 3.14.47 
CVE-2014-7822
 2015-07-09 15:10:12 +02:00
William A. Kennington III
d64b3c8a5c kernel: 3.14.45 -> 3.14.46 2015-06-30 11:28:59 -07:00
William A. Kennington III
b25930c4c8 kernel: 4.0.6 -> 4.0.7 2015-06-30 11:20:41 -07:00
William A. Kennington III
b08d384da8 kernel: 3.14.44 -> 3.14.45 2015-06-24 18:12:20 -07:00
William A. Kennington III
2f255eafd9 kernel: 4.0.5 -> 4.0.6 2015-06-24 18:11:25 -07:00
Ricardo M. Correia
e26bfbe26f grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201506021902 -> 3.1-3.14.44-201506082249
test:   3.1-4.0.4-201506021902   -> 3.1-4.0.5-201506082251
 2015-06-10 18:33:28 +02:00
Ricardo M. Correia
07c26ee680 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505272112 -> 3.1-3.14.43-201506021902
test:   3.1-4.0.4-201505272113   -> 3.1-4.0.4-201506021902
 2015-06-03 19:38:05 +02:00
Ricardo M. Correia
b59d52daf7 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505222221 -> 3.1-3.14.43-201505272112
test:   3.1-4.0.4-201505222222   -> 3.1-4.0.4-201505272113
 2015-05-29 19:49:46 +02:00
Ricardo M. Correia
c0f09411e8 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505191737 -> 3.1-3.14.43-201505222221
test:   3.1-4.0.4-201505182014   -> 3.1-4.0.4-201505222222
 2015-05-27 20:27:43 +02:00
Ricardo M. Correia
5277bf945d grsecurity: Update stable patch from 3.1-3.14.43-201505181929 -> 3.1-3.14.43-201505191737 2015-05-21 14:45:56 +02:00
Ricardo M. Correia
0cb3c2d684 grsecurity: Update stable and test patches 
stable: 3.1-3.14.43-201505171736 -> 3.1-3.14.43-201505181929
test:   3.1-4.0.4-201505171737   -> 3.1-4.0.4-201505182014
 2015-05-19 19:21:31 +02:00
William A. Kennington III
9265918fea kernel: 3.14.42 -> 3.14.43 2015-05-18 01:45:49 -07:00
William A. Kennington III
4a7a3cd8a5 kernel: 4.0.3 -> 4.0.4 2015-05-18 01:43:03 -07:00
William A. Kennington III
fcf15de248 kernel: 3.14.41 -> 3.14.42 2015-05-15 18:38:14 -07:00
William A. Kennington III
90659e2735 kernel: 4.0.2 -> 4.0.3 2015-05-15 18:38:14 -07:00
Ricardo M. Correia
aa75bb25d8 grsecurity: Update stable and test patches 
stable: 3.1-3.14.41-201505072056 -> 3.1-3.14.41-201505101121
test:   3.1-4.0.2-201505072057   -> 3.1-4.0.2-201505101122
 2015-05-11 02:45:38 +02:00
William A. Kennington III
8209d3f78b kernel: 3.14.40 -> 3.14.41 2015-05-07 20:34:26 -07:00
William A. Kennington III
0e4057b167 kernel: 4.0.1 -> 4.0.2 2015-05-07 20:32:24 -07:00