diff options
Diffstat (limited to 'pkgs/os-specific/linux/kernel')
-rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 1 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-4.13.nix | 17 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-4.15.nix | 4 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix | 4 |
7 files changed, 11 insertions, 27 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 2fa343412019..5fbd9955c2a3 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -134,6 +134,7 @@ with stdenv.lib; ''} NETFILTER y NETFILTER_ADVANCED y + CGROUP_BPF? y # Required by systemd per-cgroup firewalling IP_ROUTE_VERBOSE y IP_MROUTE_MULTIPLE_TABLES y IP_VS_PROTO_TCP y diff --git a/pkgs/os-specific/linux/kernel/linux-4.13.nix b/pkgs/os-specific/linux/kernel/linux-4.13.nix deleted file mode 100644 index e89222b2c629..000000000000 --- a/pkgs/os-specific/linux/kernel/linux-4.13.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args: - -buildLinux (args // rec { - version = "4.13.16"; - extraMeta.branch = "4.13"; - - # TODO: perhaps try being more concrete (ideally CVE numbers). - extraMeta.knownVulnerabilities = [ - "ALSA: usb-audio: Fix potential out-of-bound access at parsing SU" - "eCryptfs: use after free in ecryptfs_release_messaging()" - ]; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0cf7prqzl1ajbgl98w0symdyn0k5wl5xaf1l5ldgy6l083yg69dh"; - }; -} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 4c8ce4d4c371..ab2201953864 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,13 +3,13 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.14.22"; + version = "4.14.23"; # branchVersion needs to be x.y extraMeta.branch = concatStrings (intersperse "." (take 2 (splitString "." version))); src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1gkzc4cpdkcc43aivi3hd0vi7aw511wlxqb20ksw4wa9hn0zmqjc"; + sha256 = "1jhjazzaw5m92jl7cbchzfg5fyci7fp285bilydfvaibb9avb5ws"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.15.nix b/pkgs/os-specific/linux/kernel/linux-4.15.nix index 7abd2655c353..1c4889892439 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.15.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.15.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.15.6"; + version = "4.15.7"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))); @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "144gd7f7qpzcwj0yyj75cdfj6b1a9vk8s6qc3pg61j10div2gvf8"; + sha256 = "1in8gy82ccpri7xhbgim3jrh15lbfrfzjgg69g0yvq534d5xyi6d"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 92e887eb0914..5d7f2fbfe74d 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.4.118"; + version = "4.4.119"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "14drszkabwin9fibs9gx67pf5l537ayyjappk70ynbrjxkxdq54q"; + sha256 = "1rj3hk31bx9nvpx0dmwiijyixiv0dcxvp2cx4fbkbs9fddxrn7sg"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index edbf4ad4d8f6..5c5363ccded7 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.9.84"; + version = "4.9.85"; extraMeta.branch = "4.9"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1dqvmxy152zymfpvrpxrd85hs1481b814p84a5dbgs1cfs4nrf3c"; + sha256 = "1hb5v5ycgg5wbv28s8vxw804blfshpf82chrwspdbl2vwkp17zl0"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix b/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix index cd7e86b3babb..85d31048ffc2 100644 --- a/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix +++ b/pkgs/os-specific/linux/kernel/linux-copperhead-hardened.nix @@ -3,9 +3,9 @@ with stdenv.lib; let - version = "4.15.6"; + version = "4.15.7"; revision = "a"; - sha256 = "11mj7bjmzbjwalvxq2wba33d1nymvjhr6j6bpgwwhhq6aqfg7zmh"; + sha256 = "19kgy1fa4flnqm3a50hilgjczqkscay10183cvkzy3vxrnf8fl0f"; # modVersion needs to be x.y.z, will automatically add .0 if needed modVersion = concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))); |