diff options
Diffstat (limited to 'pkgs/os-specific/linux')
32 files changed, 179 insertions, 104 deletions
diff --git a/pkgs/os-specific/linux/batman-adv/alfred.nix b/pkgs/os-specific/linux/batman-adv/alfred.nix index c1fb3ef5ee1a..04217b8989bc 100644 --- a/pkgs/os-specific/linux/batman-adv/alfred.nix +++ b/pkgs/os-specific/linux/batman-adv/alfred.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { buildInputs = [ gpsd libcap libnl ]; preBuild = '' - makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/pkg-config" + makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/${pkgconfig.targetPrefix}pkg-config" ''; meta = { diff --git a/pkgs/os-specific/linux/batman-adv/batctl.nix b/pkgs/os-specific/linux/batman-adv/batctl.nix index 5767c4aa72c4..3b1cf183e08e 100644 --- a/pkgs/os-specific/linux/batman-adv/batctl.nix +++ b/pkgs/os-specific/linux/batman-adv/batctl.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { buildInputs = [ libnl ]; preBuild = '' - makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/pkg-config" + makeFlags="PREFIX=$out PKG_CONFIG=${pkgconfig}/bin/${pkgconfig.targetPrefix}pkg-config" ''; meta = { diff --git a/pkgs/os-specific/linux/cgmanager/default.nix b/pkgs/os-specific/linux/cgmanager/default.nix deleted file mode 100644 index d890ef44f745..000000000000 --- a/pkgs/os-specific/linux/cgmanager/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ stdenv, fetchurl, pkgconfig, libnih, dbus, pam, popt }: - -stdenv.mkDerivation rec { - pname = "cgmanager"; - version = "0.42"; - - src = fetchurl { - url = "https://linuxcontainers.org/downloads/${pname}/${pname}-${version}.tar.gz"; - sha256 = "15np08h9jrvc1y1iafr8v654mzgsv5hshzc0n4p3pbf0rkra3h7c"; - }; - - nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ libnih dbus pam popt ]; - - configureFlags = [ - "--with-init-script=systemd" - "--sysconfdir=/etc" - "--localstatedir=/var" - ]; - - meta = with stdenv.lib; { - homepage = "https://linuxcontainers.org/cgmanager/introduction/"; - description = "A central privileged daemon that manages all your cgroups"; - license = licenses.lgpl21; - platforms = platforms.linux; - }; -} diff --git a/pkgs/os-specific/linux/facetimehd/default.nix b/pkgs/os-specific/linux/facetimehd/default.nix index 223f766aa228..941e71c3bfc7 100644 --- a/pkgs/os-specific/linux/facetimehd/default.nix +++ b/pkgs/os-specific/linux/facetimehd/default.nix @@ -16,9 +16,9 @@ let # still works. srcParams = if (stdenv.lib.versionAtLeast kernel.version "4.8") then { # Use mainline branch - version = "unstable-2019-12-10"; - rev = "ea832ac486afb6dac9ef59aa37e90f332ab7f05a"; - sha256 = "1dg2i558hjnjnyk53xyg0ayykqaial9bm420v22s9a3khzzjnwq3"; + version = "unstable-2020-04-16"; + rev = "82626d4892eeb9eb704538bf0dc49a00725ff451"; + sha256 = "118z6vjvhhcwvs4n3sgwwdagys9w718b8nkh6l9ic93732vv7cqx"; } else { # Use master branch (broken on 4.8) @@ -47,11 +47,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = kernel.moduleBuildDependencies; - preBuild = lib.optionalString (stdenv.lib.versionAtLeast kernel.version "5.6") - '' - sed -i 's/ioremap_nocache/ioremap_cache/g' fthd_drv.c - ''; - makeFlags = [ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ]; diff --git a/pkgs/os-specific/linux/ffado/default.nix b/pkgs/os-specific/linux/ffado/default.nix index 5dc5086a8c61..e814091d59e2 100644 --- a/pkgs/os-specific/linux/ffado/default.nix +++ b/pkgs/os-specific/linux/ffado/default.nix @@ -24,11 +24,11 @@ let in mkDerivation rec { pname = "ffado"; - version = "2.4.2"; + version = "2.4.3"; src = fetchurl { url = "http://www.ffado.org/files/libffado-${version}.tgz"; - sha256 = "09dxy6fkfnvzk45lpr74hkqymii8a45jzlq6054f3jz65m8qvj3d"; + sha256 = "08bygzv1k6ai0572gv66h7gfir5zxd9klfy74z2pxqp6s5hms58r"; }; prePatch = '' diff --git a/pkgs/os-specific/linux/firmware/fwupd/default.nix b/pkgs/os-specific/linux/firmware/fwupd/default.nix index 9fe40cb60f70..87a37feb1cc8 100644 --- a/pkgs/os-specific/linux/firmware/fwupd/default.nix +++ b/pkgs/os-specific/linux/firmware/fwupd/default.nix @@ -247,7 +247,6 @@ stdenv.mkDerivation rec { "fwupd/ata.conf" # "fwupd/daemon.conf" # already created by the module "fwupd/redfish.conf" - "fwupd/remotes.d/dell-esrt.conf" "fwupd/remotes.d/lvfs-testing.conf" "fwupd/remotes.d/lvfs.conf" "fwupd/remotes.d/vendor.conf" @@ -262,6 +261,8 @@ stdenv.mkDerivation rec { "pki/fwupd-metadata/GPG-KEY-Linux-Foundation-Metadata" "pki/fwupd-metadata/GPG-KEY-Linux-Vendor-Firmware-Service" "pki/fwupd-metadata/LVFS-CA.pem" + ] ++ stdenv.lib.optionals haveDell [ + "fwupd/remotes.d/dell-esrt.conf" ]; # BlacklistPlugins key in fwupd/daemon.conf diff --git a/pkgs/os-specific/linux/guvcview/default.nix b/pkgs/os-specific/linux/guvcview/default.nix index d780cade7865..41c21502e0b3 100644 --- a/pkgs/os-specific/linux/guvcview/default.nix +++ b/pkgs/os-specific/linux/guvcview/default.nix @@ -5,7 +5,7 @@ , pkgconfig , portaudio , SDL2 -, ffmpeg +, ffmpeg_3 , udev , libusb1 , libv4l @@ -46,7 +46,7 @@ stdenv.mkDerivation rec { buildInputs = [ SDL2 alsaLib - ffmpeg + ffmpeg_3 libusb1 libv4l portaudio diff --git a/pkgs/os-specific/linux/hostapd/default.nix b/pkgs/os-specific/linux/hostapd/default.nix index 8152655d457d..991dcbe26152 100644 --- a/pkgs/os-specific/linux/hostapd/default.nix +++ b/pkgs/os-specific/linux/hostapd/default.nix @@ -19,11 +19,30 @@ stdenv.mkDerivation rec { url = "https://raw.githubusercontent.com/openwrt/openwrt/master/package/network/services/hostapd/patches/300-noscan.patch"; sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k"; }) + # AP mode PMF disconnection protection bypass (CVE.2019-16275), can be removed >= 2.10 + # https://w1.fi/security/2019-7/ (fetchurl { name = "CVE-2019-16275.patch"; url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch"; sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz"; }) + # Fixes for UPnP SUBSCRIBE misbehavior in hostapd WPS AP (CVE-2020-12695), can be removed >= 2.10 + # https://w1.fi/security/2020-1/ + (fetchurl { + name = "CVE-2020-12695_0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch"; + url = "https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch"; + sha256 = "1mrbhicqb34jlw1nid5hk2vnjbvfhvp7r5iblaj4l6vgc6fmp6id"; + }) + (fetchurl { + name = "CVE-2020-12695_0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch"; + url = "https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch"; + sha256 = "1pk08b06b24is50bis3rr56xjd3b5kxdcdk8bx39n9vna9db7zj9"; + }) + (fetchurl { + name = "CVE-2020-12695_0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"; + url = "https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch"; + sha256 = "12npqp2skgrj934wwkqicgqksma0fxz09di29n1b5fm5i4njl8d8"; + }) ]; outputs = [ "out" "man" ]; @@ -80,7 +99,7 @@ stdenv.mkDerivation rec { repositories.git = "git://w1.fi/hostap.git"; description = "A user space daemon for access point and authentication servers"; license = licenses.gpl2; - maintainers = with maintainers; [ phreedom ninjatrappeur ]; + maintainers = with maintainers; [ phreedom ninjatrappeur hexa ]; platforms = platforms.linux; }; } diff --git a/pkgs/os-specific/linux/input-utils/default.nix b/pkgs/os-specific/linux/input-utils/default.nix index 97c7b8b23f2b..0fc2130d102a 100644 --- a/pkgs/os-specific/linux/input-utils/default.nix +++ b/pkgs/os-specific/linux/input-utils/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { makeFlags = [ "prefix=$(out)" - "STRIP=-s" + "STRIP=" ]; meta = with stdenv.lib; { diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index 46312a637dab..3ac79464ac4b 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "iproute2"; - version = "5.6.0"; + version = "5.7.0"; src = fetchurl { url = "mirror://kernel/linux/utils/net/${pname}/${pname}-${version}.tar.xz"; - sha256 = "14j6n1bc09xhq8lxs40vfsx8bb8lx12a07ga4rsxl8vfrqjhwnqv"; + sha256 = "088gs56iqhdlpw1iqjwrss4zxd4zbl2wl8s2implrrdajjxcfpbj"; }; preConfigure = '' diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index 52b280c30261..59656f54db28 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -29,8 +29,8 @@ let "cc-version:=9999" "cc-fullversion:=999999" # `$(..)` expanded by make alone - "HOSTCC:=$(BUILD_CC)" - "HOSTCXX:=$(BUILD_CXX)" + "HOSTCC:=$(CC_FOR_BUILD)" + "HOSTCXX:=$(CXX_FOR_BUILD)" ]; # Skip clean on darwin, case-sensitivity issues. diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index c715c7baf787..1cec678d1534 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -42,7 +42,7 @@ let TIMER_STATS = whenOlder "4.11" yes; DEBUG_NX_TEST = whenOlder "4.11" no; DEBUG_STACK_USAGE = no; - DEBUG_STACKOVERFLOW = mkIf (!features.grsecurity) no; + DEBUG_STACKOVERFLOW = mkIf (!features.grsecurity) (option no); RCU_TORTURE_TEST = no; SCHEDSTATS = no; DETECT_HUNG_TASK = yes; @@ -63,7 +63,7 @@ let PM_WAKELOCKS = yes; # Power-capping framework and support for INTEL RAPL POWERCAP = yes; - INTEL_RAPL = module; + INTEL_RAPL = whenAtLeast "5.3" module; }; external-firmware = { @@ -116,11 +116,11 @@ let CLS_U32_PERF = yes; CLS_U32_MARK = yes; BPF_JIT = whenPlatformHasEBPFJit yes; - BPF_JIT_ALWAYS_ON = no; # whenPlatformHasEBPFJit yes; # see https://github.com/NixOS/nixpkgs/issues/79304 + BPF_JIT_ALWAYS_ON = whenPlatformHasEBPFJit no; # whenPlatformHasEBPFJit yes; # see https://github.com/NixOS/nixpkgs/issues/79304 HAVE_EBPF_JIT = whenPlatformHasEBPFJit yes; BPF_STREAM_PARSER = whenAtLeast "4.19" yes; XDP_SOCKETS = whenAtLeast "4.19" yes; - XDP_SOCKETS_DIAG = whenAtLeast "4.19" yes; + XDP_SOCKETS_DIAG = whenAtLeast "5.1" yes; WAN = yes; TCP_CONG_CUBIC = yes; # This is the default congestion control algorithm since 2.6.19 # Required by systemd per-cgroup firewalling @@ -167,13 +167,18 @@ let NF_CONNTRACK_TIMEOUT = yes; NF_CONNTRACK_TIMESTAMP = yes; NETFILTER_NETLINK_GLUE_CT = yes; - NF_TABLES_INET = whenAtLeast "4.19" yes; - NF_TABLES_NETDEV = whenAtLeast "4.19" yes; + NF_TABLES_INET = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; + NF_TABLES_NETDEV = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; # IP: Netfilter Configuration - NF_TABLES_IPV4 = yes; - NF_TABLES_ARP = whenAtLeast "4.19" yes; + NF_TABLES_IPV4 = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; + NF_TABLES_ARP = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; # IPv6: Netfilter Configuration - NF_TABLES_IPV6 = yes; + NF_TABLES_IPV6 = mkMerge [ (whenOlder "4.17" module) + (whenAtLeast "4.17" yes) ]; # Bridge Netfilter Configuration NF_TABLES_BRIDGE = mkMerge [ (whenBetween "4.19" "5.3" yes) (whenAtLeast "5.3" module) ]; @@ -183,7 +188,7 @@ let NET_DROP_MONITOR = yes; # needed for ss - INET_DIAG = yes; + INET_DIAG = module; INET_TCP_DIAG = module; INET_UDP_DIAG = module; INET_RAW_DIAG = whenAtLeast "4.14" module; @@ -269,7 +274,7 @@ let SND_SOC_SOF_ELKHARTLAKE_SUPPORT = yes; SND_SOC_SOF_GEMINILAKE_SUPPORT = yes; SND_SOC_SOF_HDA_AUDIO_CODEC = yes; - SND_SOC_SOF_HDA_COMMON_HDMI_CODEC = yes; + SND_SOC_SOF_HDA_COMMON_HDMI_CODEC = whenOlder "5.7" yes; SND_SOC_SOF_HDA_LINK = yes; SND_SOC_SOF_ICELAKE_SUPPORT = yes; SND_SOC_SOF_INTEL_TOPLEVEL = yes; @@ -365,7 +370,7 @@ let CIFS_STATS = whenOlder "4.19" yes; CIFS_WEAK_PW_HASH = yes; CIFS_UPCALL = yes; - CIFS_ACL = yes; + CIFS_ACL = whenOlder "5.3" yes; CIFS_DFS_UPCALL = yes; CIFS_SMB2 = whenOlder "4.13" yes; @@ -396,7 +401,7 @@ let DEBUG_SET_MODULE_RONX = { optional = true; tristate = whenOlder "4.11" "y"; }; RANDOMIZE_BASE = option yes; STRICT_DEVMEM = option yes; # Filter access to /dev/mem - SECURITY_SELINUX_BOOTPARAM_VALUE = freeform "0"; # Disable SELinux by default + SECURITY_SELINUX_BOOTPARAM_VALUE = whenOlder "5.1" (freeform "0"); # Disable SELinux by default # Prevent processes from ptracing non-children processes SECURITY_YAMA = option yes; DEVKMEM = mkIf (!features.grsecurity) no; # Disable /dev/kmem @@ -708,6 +713,7 @@ let KEXEC_FILE = option yes; KEXEC_JUMP = option yes; + PARTITION_ADVANCED = yes; # Needed for LDM_PARTITION # Windows Logical Disk Manager (Dynamic Disk) support LDM_PARTITION = yes; LOGIRUMBLEPAD2_FF = yes; # Logitech Rumblepad 2 force feedback @@ -721,6 +727,7 @@ let PSI = whenAtLeast "4.20" yes; MODVERSIONS = whenOlder "4.9" yes; + MOUSE_ELAN_I2C_SMBUS = yes; MOUSE_PS2_ELANTECH = yes; # Elantech PS/2 protocol extension MTRR_SANITIZER = yes; NET_FC = yes; # Fibre Channel driver support @@ -765,8 +772,8 @@ let HOTPLUG_PCI_PCIE = yes; # PCI-Expresscard hotplug support # Enable AMD's ROCm GPU compute stack - HSA_AMD = whenAtLeast "4.20" yes; - ZONE_DEVICE = whenAtLeast "5.3" yes; + HSA_AMD = mkIf stdenv.hostPlatform.is64bit (whenAtLeast "4.20" yes); + ZONE_DEVICE = mkIf stdenv.hostPlatform.is64bit (whenAtLeast "5.3" yes); HMM_MIRROR = whenAtLeast "5.3" yes; DRM_AMDGPU_USERPTR = whenAtLeast "5.3" yes; @@ -794,7 +801,7 @@ let SUN8I_DE2_CCU = whenAtLeast "4.13" yes; # See comments on https://github.com/NixOS/nixpkgs/commit/9b67ea9106102d882f53d62890468071900b9647 - CRYPTO_AEGIS128_SIMD = no; + CRYPTO_AEGIS128_SIMD = whenAtLeast "5.4" no; }; }; in diff --git a/pkgs/os-specific/linux/kernel/generic.nix b/pkgs/os-specific/linux/kernel/generic.nix index e6e1bd842363..a9d0cf451688 100644 --- a/pkgs/os-specific/linux/kernel/generic.nix +++ b/pkgs/os-specific/linux/kernel/generic.nix @@ -158,11 +158,8 @@ let ; }).config; - # structuredConfig = moduleStructuredConfig.settings; }; - - }; # end of configfile derivation kernel = (callPackage ./manual-config.nix {}) { diff --git a/pkgs/os-specific/linux/kernel/hardened/config.nix b/pkgs/os-specific/linux/kernel/hardened/config.nix index 95510fe218e3..c817f1044271 100644 --- a/pkgs/os-specific/linux/kernel/hardened/config.nix +++ b/pkgs/os-specific/linux/kernel/hardened/config.nix @@ -40,11 +40,12 @@ assert (versionAtLeast version "4.9"); # Perform additional validation of commonly targeted structures. DEBUG_CREDENTIALS = yes; DEBUG_NOTIFIERS = yes; - DEBUG_PI_LIST = yes; # doesn't BUG() + DEBUG_PI_LIST = whenOlder "5.2" yes; # doesn't BUG() + DEBUG_PLIST = whenAtLeast "5.2" yes; DEBUG_SG = yes; SCHED_STACK_END_CHECK = yes; - REFCOUNT_FULL = whenAtLeast "4.13" yes; + REFCOUNT_FULL = whenBetween "4.13" "5.5" yes; # Randomize page allocator when page_alloc.shuffle=1 SHUFFLE_PAGE_ALLOCATOR = whenAtLeast "5.2" yes; diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 59e6e768a4b2..2e4ea7478065 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,22 +1,22 @@ { "4.14": { - "name": "linux-hardened-4.14.182.a.patch", - "sha256": "1kkchcv3qkm41rgscm12ii852q2846crbpvafywz31qg62lb6qig", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.182.a/linux-hardened-4.14.182.a.patch" + "name": "linux-hardened-4.14.183.a.patch", + "sha256": "0k9dg37q3hcm13iyw662indwy23aylc03ldqfn7613c7ymqmbzj7", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.183.a/linux-hardened-4.14.183.a.patch" }, "4.19": { - "name": "linux-hardened-4.19.125.a.patch", - "sha256": "1dhb8syp4j7hc4mx3s7c2x0gxil5dw7jh0swfqzjm02npbwpp19r", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.125.a/linux-hardened-4.19.125.a.patch" + "name": "linux-hardened-4.19.127.a.patch", + "sha256": "00nfcs5yn2a70an3ygzzv4s3qa3hf7pni4ad70aw87vyvrqlyx3k", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.127.a/linux-hardened-4.19.127.a.patch" }, "5.4": { - "name": "linux-hardened-5.4.43.a.patch", - "sha256": "14d9sg1f2a0fnr2q9z6ck5biip1kbzqqwlg4xzpwv83vaycq4i3b", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.43.a/linux-hardened-5.4.43.a.patch" + "name": "linux-hardened-5.4.45.a.patch", + "sha256": "0gihrcxqg3hax20xhvna4lmgsivari6wwsyqz09w34v8p1fhd5nx", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.45.a/linux-hardened-5.4.45.a.patch" }, "5.6": { - "name": "linux-hardened-5.6.15.a.patch", - "sha256": "0gvp4mra07aj22mrjj8gzd3k7z1zafvak461iajrxfjhzh1z3bdf", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.15.a/linux-hardened-5.6.15.a.patch" + "name": "linux-hardened-5.6.17.a.patch", + "sha256": "0nci30k7xh56b6454cd0hkpvpkfqb98cqdpvjaamlnmiphz4sk1f", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.17.a/linux-hardened-5.6.17.a.patch" } } diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index ca48ed48558b..7ee05ed47ded 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.14.182"; + version = "4.14.184"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "142v7qnfska86jqzilwq00kxdrq08iaaaw7f47xp9bnhb8fiy7b7"; + sha256 = "0h6r06c1d7amkfglsr66ic89p0zxpmk7jkq1ylcbknmkiwkixx9g"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index 20aced02a86b..92281ffdd3e6 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.19.125"; + version = "4.19.128"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0zmxs6q2rgssvsh76xq9xgcax7bps19x2448d1q1fj9pzc7g8hwq"; + sha256 = "0g31ad3wziy4xqna0yvwjcnza3jhd93syjpfvmwh0b4pkj2adar9"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index a9d45bcdea76..fe0406233169 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.4.225"; + version = "4.4.227"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0pn66hf9yrjg15skq1inscr5m0slvgsd2qm8rg5id70llrb4jis9"; + sha256 = "196x57w740firg8zchypq4vq6a83ymmwn9amqrscym9zr0pcgm40"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index b13ed0e8fc56..5be2d7ac9bd9 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.9.225"; + version = "4.9.227"; extraMeta.branch = "4.9"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1s63aymgsc4lsysy9d972ps9cyrf6bncyy5wcpv5a3wbaj678iz5"; + sha256 = "0pqc0wld4s4zjas95xm54mrkk00l9zkc59b6i9gq4km126s8bi1q"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index 801003dc4f59..1c5bfad41681 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.4.43"; + version = "5.4.46"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0i07g72138xdf1l8x593jndq0waf3fx7plz3m6n5f9fl885bjrr6"; + sha256 = "13hvnfdcbcb9a21zizq8d90mc8maxz03zmzsj6iqsjd2y7r4y1rh"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.6.nix b/pkgs/os-specific/linux/kernel/linux-5.6.nix index d19fe9cbc6a0..bf245442ecef 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.6.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.6.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.6.15"; + version = "5.6.18"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0kh34f9vdfsi9g83fa1i1926djyzfi466w02c4y4d46ljf9pkav5"; + sha256 = "0cpiyzr62sv2yz0mla7skalb04pnr4nlkpi1zfcfzyjf1gjz8h8h"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.7.nix b/pkgs/os-specific/linux/kernel/linux-5.7.nix new file mode 100644 index 000000000000..c7f1389f1128 --- /dev/null +++ b/pkgs/os-specific/linux/kernel/linux-5.7.nix @@ -0,0 +1,18 @@ +{ stdenv, buildPackages, fetchurl, perl, buildLinux, modDirVersionArg ? null, ... } @ args: + +with stdenv.lib; + +buildLinux (args // rec { + version = "5.7.2"; + + # modDirVersion needs to be x.y.z, will automatically add .0 if needed + modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; + + # branchVersion needs to be x.y + extraMeta.branch = versions.majorMinor version; + + src = fetchurl { + url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; + sha256 = "02brxm78n0kg4mh48acvjsr7mpvaqd279ycyaixaflid1s1awrb0"; + }; +} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix index bcea8bed7531..e531f878d029 100644 --- a/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "17506"; - sha256 = "0yial2fib8bvv31ihzlxn80xlnpx8f0z6ml9md5xj3zxzslsy5iq"; + rev = "17537"; + sha256 = "15fj5ba28jw515fzfp4pbrkpq5xyvxvx7r9yh1l0qsxjzs2zml8b"; } , ... }: diff --git a/pkgs/os-specific/linux/kexectools/default.nix b/pkgs/os-specific/linux/kexectools/default.nix index b1abf50f5f1f..a70cb2e087fc 100644 --- a/pkgs/os-specific/linux/kexectools/default.nix +++ b/pkgs/os-specific/linux/kexectools/default.nix @@ -14,6 +14,9 @@ stdenv.mkDerivation rec { hardeningDisable = [ "format" "pic" "relro" "pie" ]; + # Prevent kexec-tools from using uname to detect target, which is wrong in + # cases like compiling for aarch32 on aarch64 + configurePlatforms = [ "build" "host" ]; configureFlags = [ "BUILD_CC=${buildPackages.stdenv.cc.targetPrefix}cc" ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; buildInputs = [ zlib ]; diff --git a/pkgs/os-specific/linux/lxcfs/default.nix b/pkgs/os-specific/linux/lxcfs/default.nix index 68d05f0be65d..4011b3885625 100644 --- a/pkgs/os-specific/linux/lxcfs/default.nix +++ b/pkgs/os-specific/linux/lxcfs/default.nix @@ -1,4 +1,5 @@ { config, stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, help2man, fuse +, utillinux, makeWrapper , enableDebugBuild ? config.lxcfs.enableDebugBuild or false }: with stdenv.lib; @@ -13,7 +14,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ pkgconfig help2man autoreconfHook ]; - buildInputs = [ fuse ]; + buildInputs = [ fuse makeWrapper ]; preConfigure = stdenv.lib.optionalString enableDebugBuild '' sed -i 's,#AM_CFLAGS += -DDEBUG,AM_CFLAGS += -DDEBUG,' Makefile.am @@ -27,6 +28,12 @@ stdenv.mkDerivation rec { installFlags = [ "SYSTEMD_UNIT_DIR=\${out}/lib/systemd" ]; + postInstall = '' + # `mount` hook requires access to the `mount` command from `utillinux`: + wrapProgram "$out/share/lxcfs/lxc.mount.hook" \ + --prefix PATH : "${utillinux}/bin" + ''; + postFixup = '' # liblxcfs.so is reloaded with dlopen() patchelf --set-rpath "$(patchelf --print-rpath "$out/bin/lxcfs"):$out/lib" "$out/bin/lxcfs" diff --git a/pkgs/os-specific/linux/musl/default.nix b/pkgs/os-specific/linux/musl/default.nix index 51dcf4cfca33..422ad5c1cb50 100644 --- a/pkgs/os-specific/linux/musl/default.nix +++ b/pkgs/os-specific/linux/musl/default.nix @@ -26,6 +26,12 @@ let sha256 = "1mzxnc2ncq8lw9x6n7p00fvfklc9p3wfv28m68j0dfz5l8q2k6pp"; }; + arch = if stdenv.hostPlatform.isx86_64 + then "x86_64" + else if stdenv.hostPlatform.isx86_32 + then "i386" + else null; + in stdenv.mkDerivation rec { pname = "musl"; @@ -102,6 +108,9 @@ stdenv.mkDerivation rec { -lc \ -B $out/lib \ -Wl,-dynamic-linker=$(ls $out/lib/ld-*) + '' + lib.optionalString (arch != null) '' + # Create 'libc.musl-$arch' symlink + ln -rs $out/lib/libc.so $out/lib/libc.musl-${arch}.so.1 '' + lib.optionalString useBSDCompatHeaders '' install -D ${queue_h} $dev/include/sys/queue.h install -D ${cdefs_h} $dev/include/sys/cdefs.h diff --git a/pkgs/os-specific/linux/piper/default.nix b/pkgs/os-specific/linux/piper/default.nix index f097f3e5465c..0da972316788 100644 --- a/pkgs/os-specific/linux/piper/default.nix +++ b/pkgs/os-specific/linux/piper/default.nix @@ -4,7 +4,7 @@ python3.pkgs.buildPythonApplication rec { pname = "piper"; - version = "0.4"; + version = "0.5"; format = "other"; @@ -12,7 +12,7 @@ python3.pkgs.buildPythonApplication rec { owner = "libratbag"; repo = "piper"; rev = version; - sha256 = "17h06j8lxpbfygq8fzycl7lml4vv7r05bsyhh3gga2hp0zms4mvg"; + sha256 = "00vrcsbsv2477l1ncpyzc61lhxgac84dsgr3sjs8qxw3nh1gaasv"; }; nativeBuildInputs = [ meson ninja gettext pkgconfig wrapGAppsHook desktop-file-utils appstream-glib gobject-introspection ]; diff --git a/pkgs/os-specific/linux/rtl88x2bu/default.nix b/pkgs/os-specific/linux/rtl88x2bu/default.nix new file mode 100644 index 000000000000..3d461d525567 --- /dev/null +++ b/pkgs/os-specific/linux/rtl88x2bu/default.nix @@ -0,0 +1,38 @@ +{ stdenv, fetchFromGitHub, kernel, bc }: + +stdenv.mkDerivation rec { + name = "rtl88x2bu-${kernel.version}-${version}"; + version = "unstable-2020-05-19"; + + src = fetchFromGitHub { + owner = "cilynx"; + repo = "rtl88x2BU"; + rev = "0f159d7cd937a12b818121cb1f1c4910bd1adc72"; + sha256 = "0flqnvzfdb4wsiiqv9vf5gfwd5fgpjvhs9zhqknnv1cmp8msgw6y"; + }; + + hardeningDisable = [ "pic" ]; + + nativeBuildInputs = [ bc ]; + buildInputs = kernel.moduleBuildDependencies; + + prePatch = '' + substituteInPlace ./Makefile \ + --replace /lib/modules/ "${kernel.dev}/lib/modules/" \ + --replace '$(shell uname -r)' "${kernel.modDirVersion}" \ + --replace /sbin/depmod \# \ + --replace '$(MODDESTDIR)' "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + preInstall = '' + mkdir -p "$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + ''; + + meta = with stdenv.lib; { + description = "Realtek rtl88x2bu driver"; + homepage = "https://github.com/cilynx/rtl88x2bu"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = [ maintainers.ralith ]; + }; +} diff --git a/pkgs/os-specific/linux/sysstat/default.nix b/pkgs/os-specific/linux/sysstat/default.nix index a27f65852023..258da07c40b6 100644 --- a/pkgs/os-specific/linux/sysstat/default.nix +++ b/pkgs/os-specific/linux/sysstat/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, gettext, bzip2 }: stdenv.mkDerivation rec { - name = "sysstat-12.3.1"; + name = "sysstat-12.3.2"; src = fetchurl { url = "http://pagesperso-orange.fr/sebastien.godard/${name}.tar.xz"; - sha256 = "1hf1sy7akribmgavadqccxpy49yv0zfb3m81d2bj6jf8pyzwcrbq"; + sha256 = "0gaas16q2f7qmrv4sbqk2l2mrc7yr64s33bzw4094p59fkylm7k4"; }; buildInputs = [ gettext ]; diff --git a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch index 23aa893362b5..a9b60cbb2e20 100644 --- a/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch +++ b/pkgs/os-specific/linux/systemd/0005-Add-some-NixOS-specific-unit-directories.patch @@ -24,8 +24,8 @@ index 8331832c7a..bedb97115d 100644 systemduserconfdir=${sysconfdir}/systemd/user -systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system -systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user -+systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/system:${systemdsystemunitdir} -+systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/user:${systemduserunitdir} ++systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/etc/systemd-mutable/system:/nix/var/nix/profiles/default/lib/systemd/system:/run/systemd/system:${systemdsystemunitdir} ++systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/etc/systemd-mutable/user:/nix/var/nix/profiles/default/lib/systemd/user:/run/systemd/user:${systemduserunitdir} systemdsystemgeneratordir=${rootprefix}/lib/systemd/system-generators systemdusergeneratordir=${prefix}/lib/systemd/user-generators systemdsystemgeneratorpath=/run/systemd/system-generators:/etc/systemd/system-generators:/usr/local/lib/systemd/system-generators:${systemdsystemgeneratordir} diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 00a545ed3f54..3235fb3b95cd 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -66,6 +66,13 @@ in stdenv.mkDerivation { postPatch = '' substituteInPlace src/basic/path-util.h --replace "@defaultPathNormal@" "${placeholder "out"}/bin/" + substituteInPlace src/boot/efi/meson.build \ + --replace \ + "find_program('ld'" \ + "find_program('${stdenv.cc.bintools.targetPrefix}ld'" \ + --replace \ + "find_program('objcopy'" \ + "find_program('${stdenv.cc.bintools.targetPrefix}objcopy'" ''; outputs = [ "out" "lib" "man" "dev" ]; diff --git a/pkgs/os-specific/linux/v4l-utils/default.nix b/pkgs/os-specific/linux/v4l-utils/default.nix index 73944bd6eb70..c23c37aa56d0 100644 --- a/pkgs/os-specific/linux/v4l-utils/default.nix +++ b/pkgs/os-specific/linux/v4l-utils/default.nix @@ -12,11 +12,11 @@ let # we need to use stdenv.mkDerivation in order not to pollute the libv4l’s closure with Qt in stdenv.mkDerivation rec { pname = "v4l-utils"; - version = "1.18.0"; + version = "1.18.1"; src = fetchurl { url = "https://linuxtv.org/downloads/${pname}/${pname}-${version}.tar.bz2"; - sha256 = "03c80acbv2znfxs1l32yx30znmjrqq7kxhiwl2309lpf5s10vdkc"; + sha256 = "0hpkqm2bpg1ma2shjzcf6xsrpyjd8h5cakgh8a3iyh126wjl5z15"; }; outputs = [ "out" ] ++ lib.optional withUtils "lib" ++ [ "dev" ]; |