Merge remote-tracking branch 'upstream/master' into hardened-stdenv

author: Robin Gloster <mail@glob.in> 2016-07-21 00:56:43 +0000
committer: Robin Gloster <mail@glob.in> 2016-07-21 00:56:43 +0000
commit: 1f04b4a566d3c8f8de5354ed09dee46557c4abe3 (patch)
tree: b8239cfc8cced160642aa698e18048844164ccc6 /pkgs/os-specific
parent: cc540843fe88a5e490e07e861f8dbb8f4714ece7 (diff)
parent: db7b4fb073d25832ecc4e216d410ad2dde153c43 (diff)
download: nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar
nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.gz
nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.bz2
nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.lz
nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.xz
nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.zst
nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.zip
5 files changed, 30 insertions, 27 deletions
diff --git a/pkgs/os-specific/linux/busybox/default.nix b/pkgs/os-specific/linux/busybox/default.nix
index 182b8c01c391..eaf45745f024 100644
--- a/pkgs/os-specific/linux/busybox/default.nix
+++ b/pkgs/os-specific/linux/busybox/default.nix
@@ -66,7 +66,11 @@ stdenv.mkDerivation rec {
     EOF
 
     make oldconfig
-  '' + lib.optionalString useMusl ''
+
+    runHook postConfigure
+  '';
+
+  postConfigure = lib.optionalString useMusl ''
     makeFlagsArray+=("CC=gcc -isystem ${musl}/include -B${musl}/lib -L${musl}/lib")
   '';
 
@@ -75,10 +79,11 @@ stdenv.mkDerivation rec {
   crossAttrs = {
     extraCrossConfig = ''
       CONFIG_CROSS_COMPILER_PREFIX "${stdenv.cross.config}-"
-    '' +
-      (if stdenv.cross.platform.kernelMajor == "2.4" then ''
-        CONFIG_IONICE n
-      '' else "");
+    '';
+
+    postConfigure = stdenv.lib.optionalString useMusl ''
+      makeFlagsArray+=("CC=$crossConfig-gcc -isystem ${musl.crossDrv}/include -B${musl.crossDrv}/lib -L${musl.crossDrv}/lib")
+    '';
   };
 
   enableParallelBuilding = true;
diff --git a/pkgs/os-specific/linux/gfxtablet/default.nix b/pkgs/os-specific/linux/gfxtablet/default.nix
index 36397b77b77d..9fc052c5ac1b 100644
--- a/pkgs/os-specific/linux/gfxtablet/default.nix
+++ b/pkgs/os-specific/linux/gfxtablet/default.nix
@@ -1,32 +1,30 @@
-{stdenv, fetchgit, linuxHeaders}:
-let
-  s = # Generated upstream information
-  rec {
-    version="git-2013-10-21";
-    name = "gfxtablet-uinput-driver-${version}";
-    rev = "c4e337ae0b53a8ccdfe11b904ff129714bd25ec4";
-    sha256 = "14ll9rls2mamllmpwjiv2dc6165plazv7ny9cliylafrwgb55l7p";
-    url = "https://github.com/rfc2822/GfxTablet.git";
-  };
+{stdenv, fetchFromGitHub, linuxHeaders}:
+
+stdenv.mkDerivation rec {
+  version = "1.4";
+  name = "gfxtablet-uinput-driver-${version}";
+
   buildInputs = [
     linuxHeaders
   ];
-in
-stdenv.mkDerivation {
-  inherit (s) name version;
-  inherit buildInputs;
-  src = fetchgit {
-    inherit (s) url sha256 rev;
+
+  src = fetchFromGitHub {
+    owner = "rfc2822";
+    repo = "GfxTablet";
+    rev = "android-app-${version}";
+    sha256 = "1i2m98yypfa9phshlmvjlgw7axfisxmldzrvnbzm5spvv5s4kvvb";
   };
+
   preBuild = ''cd driver-uinput'';
+
   installPhase = ''
     mkdir -p "$out/bin"
     cp networktablet "$out/bin"
     mkdir -p "$out/share/doc/gfxtablet/"
     cp ../*.md "$out/share/doc/gfxtablet/"
   '';
+
   meta = {
-    inherit (s) version;
     description = ''Uinput driver for Android GfxTablet tablet-as-input-device app'';
     license = stdenv.lib.licenses.mit ;
     maintainers = [stdenv.lib.maintainers.raskin];
diff --git a/pkgs/os-specific/linux/kernel/grsecurity-nixos-config.nix b/pkgs/os-specific/linux/kernel/grsecurity-nixos-config.nix
index 894f2d8e3641..67bad8aeb401 100644
--- a/pkgs/os-specific/linux/kernel/grsecurity-nixos-config.nix
+++ b/pkgs/os-specific/linux/kernel/grsecurity-nixos-config.nix
@@ -14,7 +14,7 @@ GRKERNSEC_CONFIG_VIRT_KVM y
 GRKERNSEC_CONFIG_PRIORITY_SECURITY y
 
 PAX_PT_PAX_FLAGS y
-PAX_XATTR_PAX_FLAGS n
+PAX_XATTR_PAX_FLAGS y
 PAX_EI_PAX n
 
 GRKERNSEC_PROC_GID 0
diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix
index 7b2feaf84a80..ddb1ccce91b9 100644
--- a/pkgs/os-specific/linux/kernel/patches.nix
+++ b/pkgs/os-specific/linux/kernel/patches.nix
@@ -94,8 +94,8 @@ rec {
 
   grsecurity_testing = grsecPatch
     { kver   = "4.6.4";
-      grrev  = "201607112205";
-      sha256 = "16j01qqa7yi5yvli1lkl8ffybhy4697nyi18lbl5329zd09xq2ww";
+      grrev  = "201607192040";
+      sha256 = "14l52halck6lwbpahz3fmv7q5cx22r77k1hqfnn29a66ws9ra6sz";
     };
 
   # This patch relaxes grsec constraints on the location of usermode helpers,
diff --git a/pkgs/os-specific/linux/sysdig/default.nix b/pkgs/os-specific/linux/sysdig/default.nix
index 18c0c16cef65..27e41825b98f 100644
--- a/pkgs/os-specific/linux/sysdig/default.nix
+++ b/pkgs/os-specific/linux/sysdig/default.nix
@@ -2,14 +2,14 @@
 let
   inherit (stdenv.lib) optional optionalString;
   baseName = "sysdig";
-  version = "0.9.0";
+  version = "0.10.0";
 in
 stdenv.mkDerivation {
   name = "${baseName}-${version}";
 
   src = fetchurl {
     url = "https://github.com/draios/sysdig/archive/${version}.tar.gz";
-    sha256 = "198x1zmlydvi4i1sfvs8xjh9z5pb47l6xs4phrnkwwak46rhka3j";
+    sha256 = "0hs0r9z9j7padqdcj69bwx52iw6gvdl0w322qwivpv12j3prcpsj";
   };
 
   buildInputs = [
author	Robin Gloster <mail@glob.in>	2016-07-21 00:56:43 +0000
committer	Robin Gloster <mail@glob.in>	2016-07-21 00:56:43 +0000
commit	1f04b4a566d3c8f8de5354ed09dee46557c4abe3 (patch)
tree	b8239cfc8cced160642aa698e18048844164ccc6 /pkgs/os-specific
parent	cc540843fe88a5e490e07e861f8dbb8f4714ece7 (diff)
parent	db7b4fb073d25832ecc4e216d410ad2dde153c43 (diff)
download	nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.gz nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.bz2 nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.lz nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.xz nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.tar.zst nixlib-1f04b4a566d3c8f8de5354ed09dee46557c4abe3.zip