diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2014-01-28 03:41:05 -0800 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2014-01-28 03:41:05 -0800 |
commit | 9739171cd46735777137652db948ee76eabc5df6 (patch) | |
tree | 53adce6c7d0de796a45478ee2a923e23d8e63a0b | |
parent | 197de444dfaad1137b45b7ad61cd36e16a5c0852 (diff) | |
parent | aeda8d63b92dd5059f32b3b79567e714211f1c65 (diff) | |
download | nixlib-9739171cd46735777137652db948ee76eabc5df6.tar nixlib-9739171cd46735777137652db948ee76eabc5df6.tar.gz nixlib-9739171cd46735777137652db948ee76eabc5df6.tar.bz2 nixlib-9739171cd46735777137652db948ee76eabc5df6.tar.lz nixlib-9739171cd46735777137652db948ee76eabc5df6.tar.xz nixlib-9739171cd46735777137652db948ee76eabc5df6.tar.zst nixlib-9739171cd46735777137652db948ee76eabc5df6.zip |
Merge pull request #1567 from wizeman/u/grsec-upd-and-fix
grsecurity: Fix build and update patches
-rw-r--r-- | pkgs/os-specific/linux/kernel/patches.nix | 20 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 11 |
2 files changed, 14 insertions, 17 deletions
diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index efa23f67846b..8b658a6030ec 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -78,25 +78,25 @@ rec { }; - grsecurity_3_0_3_2_53 = - { name = "grsecurity-3.0-3.2.53"; + grsecurity_3_0_3_2_54 = + { name = "grsecurity-3.0-3.2.54"; patch = fetchurl { - url = https://grsecurity.net/stable/grsecurity-3.0-3.2.53-201312021727.patch; - sha256 = "1ifndcbpz552d0n2dgb38di8lhqd4x2msshdbdx33jlfdl7mk6x4"; + url = https://grsecurity.net/stable/grsecurity-3.0-3.2.54-201401191012.patch; + sha256 = "10kfdk46fgd1awys8f8520w7kanc4m0ckn28xg36473fi76i6snx"; }; features.grsecurity = true; - # The grsec kernel patch seems to include the apparmor patches as of 3.0-3.2.53 + # The grsec kernel patch seems to include the apparmor patches as of 3.0-3.2.54 features.apparmor = true; }; - grsecurity_3_0_3_12_2 = - { name = "grsecurity-3.0-3.12.2"; + grsecurity_3_0_3_12_8 = + { name = "grsecurity-3.0-3.12.8"; patch = fetchurl { - url = https://grsecurity.net/test/grsecurity-3.0-3.12.2-201312021733.patch; - sha256 = "0xcsq6778rk9afg3078d772iflz7p4ahvr6wdq5c4s3jyssam783"; + url = https://grsecurity.net/test/grsecurity-3.0-3.12.8-201401191015.patch; + sha256 = "0dy7daar873jp0afkf48l8ij1ii8cgcc9z5pn50h1fvhc9ap1j4f"; }; features.grsecurity = true; - # The grsec kernel patch seems to include the apparmor patches as of 3.0-3.12.2 + # The grsec kernel patch seems to include the apparmor patches as of 3.0-3.12.8 features.apparmor = true; }; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 9b3c86cd29c2..dbaddaca1956 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6592,11 +6592,6 @@ let }; grsecurityOverrider = args: { - # Install gcc plugins. These are needed for compiling dependant packages. - postInstall = '' - ${args.postInstall or ""} - cp "tools/gcc/"*.so $out/lib/modules/$version/build/tools/gcc/ - ''; # Apparently as of gcc 4.6, gcc-plugin headers (which are needed by PaX plugins) # include libgmp headers, so we need these extra tweaks buildInputs = args.buildInputs ++ [ gmp ]; @@ -6612,11 +6607,13 @@ let # config options you need (e.g. by overriding extraConfig). See list of options here: # https://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options linux_3_2_grsecurity = lowPrio (lib.overrideDerivation (linux_3_2.override (args: { - kernelPatches = args.kernelPatches ++ [ kernelPatches.grsecurity_3_0_3_2_53 kernelPatches.grsec_path ]; + modDirVersion = "${linux_3_2.version}-grsec"; + kernelPatches = args.kernelPatches ++ [ kernelPatches.grsecurity_3_0_3_2_54 kernelPatches.grsec_path ]; })) (args: grsecurityOverrider args)); linux_3_12_grsecurity = lowPrio (lib.overrideDerivation (linux_3_12.override (args: { - kernelPatches = args.kernelPatches ++ [ kernelPatches.grsecurity_3_0_3_12_2 kernelPatches.grsec_path ]; + modDirVersion = "${linux_3_12.version}-grsec"; + kernelPatches = args.kernelPatches ++ [ kernelPatches.grsecurity_3_0_3_12_8 kernelPatches.grsec_path ]; })) (args: grsecurityOverrider args)); linux_3_2_apparmor = lowPrio (linux_3_2.override { |