diff options
Diffstat (limited to 'nixpkgs/pkgs/os-specific/linux/kernel/hardened')
-rw-r--r-- | nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix | 5 | ||||
-rw-r--r-- | nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json | 24 |
2 files changed, 15 insertions, 14 deletions
diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix index 95510fe218e3..c817f1044271 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix +++ b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/config.nix @@ -40,11 +40,12 @@ assert (versionAtLeast version "4.9"); # Perform additional validation of commonly targeted structures. DEBUG_CREDENTIALS = yes; DEBUG_NOTIFIERS = yes; - DEBUG_PI_LIST = yes; # doesn't BUG() + DEBUG_PI_LIST = whenOlder "5.2" yes; # doesn't BUG() + DEBUG_PLIST = whenAtLeast "5.2" yes; DEBUG_SG = yes; SCHED_STACK_END_CHECK = yes; - REFCOUNT_FULL = whenAtLeast "4.13" yes; + REFCOUNT_FULL = whenBetween "4.13" "5.5" yes; # Randomize page allocator when page_alloc.shuffle=1 SHUFFLE_PAGE_ALLOCATOR = whenAtLeast "5.2" yes; diff --git a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json index 59e6e768a4b2..654615ebe500 100644 --- a/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/nixpkgs/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,22 +1,22 @@ { "4.14": { - "name": "linux-hardened-4.14.182.a.patch", - "sha256": "1kkchcv3qkm41rgscm12ii852q2846crbpvafywz31qg62lb6qig", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.182.a/linux-hardened-4.14.182.a.patch" + "name": "linux-hardened-4.14.184.a.patch", + "sha256": "1g12kz6ikdwp6b7000pfy3myga90mvxyl04b9267fk88jwih6yhk", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.184.a/linux-hardened-4.14.184.a.patch" }, "4.19": { - "name": "linux-hardened-4.19.125.a.patch", - "sha256": "1dhb8syp4j7hc4mx3s7c2x0gxil5dw7jh0swfqzjm02npbwpp19r", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.125.a/linux-hardened-4.19.125.a.patch" + "name": "linux-hardened-4.19.128.a.patch", + "sha256": "19ayzx9rf4j31ypavxwamd290lm95wmi7v165avxslahnx6pdsxs", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.128.a/linux-hardened-4.19.128.a.patch" }, "5.4": { - "name": "linux-hardened-5.4.43.a.patch", - "sha256": "14d9sg1f2a0fnr2q9z6ck5biip1kbzqqwlg4xzpwv83vaycq4i3b", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.43.a/linux-hardened-5.4.43.a.patch" + "name": "linux-hardened-5.4.46.a.patch", + "sha256": "0f2d53na7g6dhiba2ym09lm4fp3hwm6kw6mpm5jk46jmb6j7iwk5", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.46.a/linux-hardened-5.4.46.a.patch" }, "5.6": { - "name": "linux-hardened-5.6.15.a.patch", - "sha256": "0gvp4mra07aj22mrjj8gzd3k7z1zafvak461iajrxfjhzh1z3bdf", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.15.a/linux-hardened-5.6.15.a.patch" + "name": "linux-hardened-5.6.18.a.patch", + "sha256": "0idvgjg7kji4w3341acfqywi0qqn3pvxcmiz70cd7inhlqaqrw63", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.18.a/linux-hardened-5.6.18.a.patch" } } |