nixpkgs/pkgs/os-specific/linux/kernel/patches.nix
Ricardo M. Correia c5a7115721 grsecurity: Update stable and test patches
stable: 3.0-3.14.32-201502062101 -> 3.0-3.14.33-201502180832
test:   3.0-3.18.6-201502062100  -> 3.0-3.18.7-201502180834
2015-02-18 17:24:53 +01:00

91 lines
2.2 KiB
Nix

{ stdenv, fetchurl, fetchgit, apparmor }:
let
makeTuxonicePatch = { version, kernelVersion, sha256,
url ? "http://tuxonice.nigelcunningham.com.au/downloads/all/tuxonice-for-linux-${kernelVersion}-${version}.patch.bz2" }:
{ name = "tuxonice-${kernelVersion}";
patch = stdenv.mkDerivation {
name = "tuxonice-${version}-for-${kernelVersion}.patch";
src = fetchurl {
inherit url sha256;
};
phases = [ "installPhase" ];
installPhase = ''
source $stdenv/setup
bunzip2 -c $src > $out
'';
};
};
grsecPatch = { grversion ? "3.0", kversion, revision, branch, sha256 }:
{ name = "grsecurity-${grversion}-${kversion}";
inherit grversion kversion revision;
patch = fetchurl {
url = "http://grsecurity.net/${branch}/grsecurity-${grversion}-${kversion}-${revision}.patch";
inherit sha256;
};
features.grsecurity = true;
};
in
rec {
bridge_stp_helper =
{ name = "bridge-stp-helper";
patch = ./bridge-stp-helper.patch;
};
no_xsave =
{ name = "no-xsave";
patch = ./no-xsave.patch;
features.noXsave = true;
};
mips_fpureg_emu =
{ name = "mips-fpureg-emulation";
patch = ./mips-fpureg-emulation.patch;
};
mips_fpu_sigill =
{ name = "mips-fpu-sigill";
patch = ./mips-fpu-sigill.patch;
};
mips_ext3_n32 =
{ name = "mips-ext3-n32";
patch = ./mips-ext3-n32.patch;
};
tuxonice_3_10 = makeTuxonicePatch {
version = "2013-11-07";
kernelVersion = "3.10.18";
sha256 = "00b1rqgd4yr206dxp4mcymr56ymbjcjfa4m82pxw73khj032qw3j";
};
grsecurity_stable = grsecPatch
{ kversion = "3.14.33";
revision = "201502180832";
branch = "stable";
sha256 = "1hg8zs6p5fy312ksz3ygffa8vd5pl2l2xbdyxdgcdiakzpqjgfgc";
};
grsecurity_unstable = grsecPatch
{ kversion = "3.18.7";
revision = "201502180834";
branch = "test";
sha256 = "03gl2l4wjdba03nnr0195yx76h6i3kn40ls22g5hbfg6p3y1risa";
};
grsec_fix_path =
{ name = "grsec-fix-path";
patch = ./grsec-path.patch;
};
crc_regression =
{ name = "crc-backport-regression";
patch = ./crc-regression.patch;
};
}