about summary refs log tree commit diff
path: root/pkgs/os-specific/linux/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/os-specific/linux/kernel')
-rw-r--r--pkgs/os-specific/linux/kernel/common-config.nix56
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.10.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.12.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.14.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.18.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.19.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-3.2.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.0.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/patches.nix12
9 files changed, 64 insertions, 32 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index 5fdfdb3b6a13..25b707614ed0 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -190,18 +190,26 @@ with stdenv.lib;
   OCFS2_DEBUG_MASKLOG? n
   BTRFS_FS_POSIX_ACL y
   UBIFS_FS_ADVANCED_COMPR? y
+  ${optionalString (versionAtLeast version "4.0") ''
+    NFSD_PNFS y
+  ''}
+  NFSD_V2_ACL y
+  NFSD_V3 y
+  NFSD_V3_ACL y
+  NFSD_V4 y
+  ${optionalString (versionAtLeast version "3.11") ''
+    NFSD_V4_SECURITY_LABEL y
+  ''}
+  NFS_FSCACHE y
   ${optionalString (versionAtLeast version "3.6") ''
     NFS_SWAP y
   ''}
+  NFS_V3_ACL y
   ${optionalString (versionAtLeast version "3.11") ''
     NFS_V4_1 y  # NFSv4.1 client support
     NFS_V4_2 y
+    NFS_V4_SECURITY_LABEL y
   ''}
-  NFSD_V2_ACL y
-  NFSD_V3 y
-  NFSD_V3_ACL y
-  NFSD_V4 y
-  NFS_FSCACHE y
   CIFS_XATTR y
   CIFS_POSIX y
   CIFS_FSCACHE y
@@ -226,7 +234,9 @@ with stdenv.lib;
   # Security related features.
   STRICT_DEVMEM y # Filter access to /dev/mem
   SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default
-  DEVKMEM? n # Disable /dev/kmem
+  ${optionalString (!(features.grsecurity or false)) ''
+    DEVKMEM n # Disable /dev/kmem
+  ''}
   ${if versionOlder version "3.14" then ''
     CC_STACKPROTECTOR? y # Detect buffer overflows on the stack
   '' else ''
@@ -292,6 +302,9 @@ with stdenv.lib;
   LOGO n # not needed
   MEDIA_ATTACH y
   MEGARAID_NEWGEN y
+  ${optionalString (versionAtLeast version "3.15") ''
+    MLX4_EN_VXLAN y
+  ''}
   MODVERSIONS y
   MOUSE_PS2_ELANTECH y # Elantech PS/2 protocol extension
   MTRR_SANITIZER y
@@ -367,15 +380,34 @@ with stdenv.lib;
 
   # Virtualisation.
   PARAVIRT? y
-  ${if versionAtLeast version "3.10" then ''
-    HYPERVISOR_GUEST? y
-  '' else ''
-    PARAVIRT_GUEST? y
-  ''}
-  KVM_GUEST? y
+  ${optionalString (!(features.grsecurity or false))
+    (if versionAtLeast version "3.10" then ''
+      HYPERVISOR_GUEST y
+    '' else ''
+      PARAVIRT_GUEST? y
+    '')
+  }
+  KVM_APIC_ARCHITECTURE y
+  KVM_ASYNC_PF y
   ${optionalString (versionOlder version "3.7") ''
     KVM_CLOCK? y
   ''}
+  ${optionalString (versionAtLeast version "4.0") ''
+    KVM_COMPAT y
+  ''}
+  ${optionalString (versionAtLeast version "3.10") ''
+    KVM_DEVICE_ASSIGNMENT? y
+  ''}
+  ${optionalString (versionAtLeast version "4.0") ''
+    KVM_GENERIC_DIRTYLOG_READ_PROTECT y
+  ''}
+  ${optionalString (!features.grsecurity or true) ''
+    KVM_GUEST y
+  ''}
+  KVM_MMIO y
+  ${optionalString (versionAtLeast version "3.13") ''
+    KVM_VFIO y
+  ''}
   XEN? y
   XEN_DOM0? y
   ${optionalString ((versionAtLeast version "3.18") && (features.xen_dom0 or false))  ''
diff --git a/pkgs/os-specific/linux/kernel/linux-3.10.nix b/pkgs/os-specific/linux/kernel/linux-3.10.nix
index a6ceb5b09547..b270f0852f64 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.10.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.10.nix
@@ -1,12 +1,12 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.10.77";
+  version = "3.10.79";
   extraMeta.branch = "3.10";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "1vx2sg0pab3b3rflwhxrimwx18azqayys8zidzr6sv0x7ir9bc31";
+    sha256 = "0m30c9v4pvim72ha8ya8w6y691a8zkcrhxhj43kh668q1yqpqvkp";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/linux-3.12.nix b/pkgs/os-specific/linux/kernel/linux-3.12.nix
index 810087b55a76..2646bf93b0ac 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.12.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.12.nix
@@ -1,12 +1,12 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.12.42";
+  version = "3.12.43";
   extraMeta.branch = "3.12";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "0vp6yllal2gcyng1kklp9n8r18fhcb1m1ssavjbcbfax5chi7w5s";
+    sha256 = "08nsppn3rpwydkq0pd8k8fgjfm67y2nbbrcz1hri227crxxx13dm";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/linux-3.14.nix b/pkgs/os-specific/linux/kernel/linux-3.14.nix
index 75ab538ddf5e..52fa5eba109e 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.14.nix
@@ -1,13 +1,13 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.14.41";
+  version = "3.14.43";
   # Remember to update grsecurity!
   extraMeta.branch = "3.14";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "0qghsf648nvzsh2x44x3w0d8lciml8rj6dvglqvmq1zcg492k8i2";
+    sha256 = "1m5gdzff46xm24p5x5ajxka99g0maf1y50nj59mbjccbqx3s7kvf";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/linux-3.18.nix b/pkgs/os-specific/linux/kernel/linux-3.18.nix
index eb694497931d..592086b65474 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.18.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.18.nix
@@ -1,12 +1,12 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.18.13";
+  version = "3.18.14";
   extraMeta.branch = "3.18";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "043bqjvbamzi201csgnw7hsf8810qm0dn7x9p0kc7s9p9jnyq79n";
+    sha256 = "1xh0vvn1l2g1kkg54f0mg0inbpsiqs24ybgsakksmcpcadjgqk1i";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/linux-3.19.nix b/pkgs/os-specific/linux/kernel/linux-3.19.nix
index 03c0db556263..90c5f9e31d3f 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.19.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.19.nix
@@ -1,12 +1,12 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.19.7";
+  version = "3.19.8";
   extraMeta.branch = "3.19";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "0xd38f7g5yfn0b6b2l4qr022f9hcr82ddbysjs4npbgk5ms7341k";
+    sha256 = "0yg2mlq0h9my6k1bg3b255w4qnyx609ngh1nhssx3gbzslwf0jyg";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/linux-3.2.nix b/pkgs/os-specific/linux/kernel/linux-3.2.nix
index 54cf9bc9324a..2fc240f6196d 100644
--- a/pkgs/os-specific/linux/kernel/linux-3.2.nix
+++ b/pkgs/os-specific/linux/kernel/linux-3.2.nix
@@ -1,12 +1,12 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "3.2.68";
+  version = "3.2.69";
   extraMeta.branch = "3.2";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v3.x/linux-${version}.tar.xz";
-    sha256 = "0yz3k3qqr13r6fa2f8i83rryiawy4rrd7qk2zx6jxq6byfd31ba2";
+    sha256 = "0fs7aj3vn51dlx7yfgkx05qpki2msh6j2irwajd9bw0l26cbycd3";
   };
 
   # We don't provide these patches if grsecurity is enabled, because
diff --git a/pkgs/os-specific/linux/kernel/linux-4.0.nix b/pkgs/os-specific/linux/kernel/linux-4.0.nix
index a5dafd4c8066..9c7fb2c3bd8d 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.0.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.0.nix
@@ -1,13 +1,13 @@
 { stdenv, fetchurl, ... } @ args:
 
 import ./generic.nix (args // rec {
-  version = "4.0.2";
+  version = "4.0.4";
   # Remember to update grsecurity!
   extraMeta.branch = "4.0";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "1jq4583wwqmwqkqlkck57fxw18xszng92b6ma3avf0djd11b2izz";
+    sha256 = "1j5l87z6gd05cqzg680id0x1nk38kd6sjffd2lifl0fz5k6iqr9h";
   };
 
   features.iwlwifi = true;
diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix
index 4e5facc4483b..348b26b3d3b1 100644
--- a/pkgs/os-specific/linux/kernel/patches.nix
+++ b/pkgs/os-specific/linux/kernel/patches.nix
@@ -65,17 +65,17 @@ rec {
   };
 
   grsecurity_stable = grsecPatch
-    { kversion  = "3.14.41";
-      revision  = "201505101121";
+    { kversion  = "3.14.43";
+      revision  = "201505191737";
       branch    = "stable";
-      sha256    = "1jiwc6qvimccmlm62sfp2ch173h7ki1h11facywpnb4wms7izk6g";
+      sha256    = "1ijrqmdwpdbkp10lhjw8msv0y02d98v5xgq6xb62ksrdb6k27fiw";
     };
 
   grsecurity_unstable = grsecPatch
-    { kversion  = "4.0.2";
-      revision  = "201505101122";
+    { kversion  = "4.0.4";
+      revision  = "201505182014";
       branch    = "test";
-      sha256    = "14fi31xwlgirbwk7f1xh8vanjxk8b473rz7z38savl4nx2wr5r24";
+      sha256    = "1l1s00zbyzr53p46yj6yh75dbayg9kigv5r6g9mr5irfs5p8s2ay";
     };
 
   grsec_fix_path =
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-13 18:22:29 +0000