summary refs log tree commit diff
path: root/pkgs/os-specific/linux/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/os-specific/linux/kernel')
-rw-r--r--pkgs/os-specific/linux/kernel/common-config.nix1
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.13.nix17
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.14.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.15.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.4.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.9.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix4
7 files changed, 11 insertions, 27 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index 2fa343412019..5fbd9955c2a3 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -134,6 +134,7 @@ with stdenv.lib;
   ''}
   NETFILTER y
   NETFILTER_ADVANCED y
+  CGROUP_BPF? y # Required by systemd per-cgroup firewalling
   IP_ROUTE_VERBOSE y
   IP_MROUTE_MULTIPLE_TABLES y
   IP_VS_PROTO_TCP y
diff --git a/pkgs/os-specific/linux/kernel/linux-4.13.nix b/pkgs/os-specific/linux/kernel/linux-4.13.nix
deleted file mode 100644
index e89222b2c629..000000000000
--- a/pkgs/os-specific/linux/kernel/linux-4.13.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args:
-
-buildLinux (args // rec {
-  version = "4.13.16";
-  extraMeta.branch = "4.13";
-
-  # TODO: perhaps try being more concrete (ideally CVE numbers).
-  extraMeta.knownVulnerabilities = [
-    "ALSA: usb-audio: Fix potential out-of-bound access at parsing SU"
-    "eCryptfs: use after free in ecryptfs_release_messaging()"
-  ];
-
-  src = fetchurl {
-    url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "0cf7prqzl1ajbgl98w0symdyn0k5wl5xaf1l5ldgy6l083yg69dh";
-  };
-} // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix
index 4c8ce4d4c371..ab2201953864 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix
@@ -3,13 +3,13 @@
 with stdenv.lib;
 
 buildLinux (args // rec {
-  version = "4.14.22";
+  version = "4.14.23";
 
   # branchVersion needs to be x.y
   extraMeta.branch = concatStrings (intersperse "." (take 2 (splitString "." version)));
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "1gkzc4cpdkcc43aivi3hd0vi7aw511wlxqb20ksw4wa9hn0zmqjc";
+    sha256 = "1jhjazzaw5m92jl7cbchzfg5fyci7fp285bilydfvaibb9avb5ws";
   };
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.15.nix b/pkgs/os-specific/linux/kernel/linux-4.15.nix
index 7abd2655c353..1c4889892439 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.15.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.15.nix
@@ -3,7 +3,7 @@
 with stdenv.lib;
 
 buildLinux (args // rec {
-  version = "4.15.6";
+  version = "4.15.7";
 
   # modDirVersion needs to be x.y.z, will automatically add .0 if needed
   modDirVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0")));
@@ -13,6 +13,6 @@ buildLinux (args // rec {
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "144gd7f7qpzcwj0yyj75cdfj6b1a9vk8s6qc3pg61j10div2gvf8";
+    sha256 = "1in8gy82ccpri7xhbgim3jrh15lbfrfzjgg69g0yvq534d5xyi6d";
   };
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix
index 92e887eb0914..5d7f2fbfe74d 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix
@@ -1,11 +1,11 @@
 { stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args:
 
 buildLinux (args // rec {
-  version = "4.4.118";
+  version = "4.4.119";
   extraMeta.branch = "4.4";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "14drszkabwin9fibs9gx67pf5l537ayyjappk70ynbrjxkxdq54q";
+    sha256 = "1rj3hk31bx9nvpx0dmwiijyixiv0dcxvp2cx4fbkbs9fddxrn7sg";
   };
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix
index edbf4ad4d8f6..5c5363ccded7 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix
@@ -1,11 +1,11 @@
 { stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args:
 
 buildLinux (args // rec {
-  version = "4.9.84";
+  version = "4.9.85";
   extraMeta.branch = "4.9";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "1dqvmxy152zymfpvrpxrd85hs1481b814p84a5dbgs1cfs4nrf3c";
+    sha256 = "1hb5v5ycgg5wbv28s8vxw804blfshpf82chrwspdbl2vwkp17zl0";
   };
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix b/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix
index cd7e86b3babb..85d31048ffc2 100644
--- a/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix
+++ b/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix
@@ -3,9 +3,9 @@
 with stdenv.lib;
 
 let
-  version = "4.15.6";
+  version = "4.15.7";
   revision = "a";
-  sha256 = "11mj7bjmzbjwalvxq2wba33d1nymvjhr6j6bpgwwhhq6aqfg7zmh";
+  sha256 = "19kgy1fa4flnqm3a50hilgjczqkscay10183cvkzy3vxrnf8fl0f";
 
   # modVersion needs to be x.y.z, will automatically add .0 if needed
   modVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0")));
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-01 03:43:37 +0000