diff options
Diffstat (limited to 'pkgs/os-specific/linux')
-rw-r--r-- | pkgs/os-specific/linux/kernel/hardened/patches.json | 20 | ||||
-rwxr-xr-x | pkgs/os-specific/linux/kernel/hardened/update.py | 9 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rpi.nix | 2 | ||||
-rwxr-xr-x | pkgs/os-specific/linux/nvidia-x11/builder.sh | 13 |
4 files changed, 26 insertions, 18 deletions
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 118998a605b2..76d27e295081 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,18 +1,18 @@ { "4.14": { - "name": "linux-hardened-4.14.179.a.patch", - "sha256": "0vdcg8713vhraqp04b6lw15qdrvg4iw646d54x6ic0421nxp9zmj", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.179.a/linux-hardened-4.14.179.a.patch" + "name": "linux-hardened-4.14.180.a.patch", + "sha256": "0rpk5lq947i4v48d6jv75rgwpncayr4agc3f2iich3hlkh5p72p3", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.180.a/linux-hardened-4.14.180.a.patch" }, "4.19": { - "name": "linux-hardened-4.19.121.a.patch", - "sha256": "0bwjx7qbzd50607kr1abx3rd19iciry3p1y3a8sz5w3vb62j8m6z", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.121.a/linux-hardened-4.19.121.a.patch" + "name": "linux-hardened-4.19.122.a.patch", + "sha256": "0jh5wyrwrmm9rqqi8fn6d6bd8lzkhj1aylnphsajyyx5v28hn1b2", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.122.a/linux-hardened-4.19.122.a.patch" }, "5.4": { - "name": "linux-hardened-5.4.39.a.patch", + "name": "linux-hardened-5.4.40.a.patch", "sha256": "1w9yc0j8vshjyvb2qgxjvrdgwiy5lmjn3s1rmlch649vqp97j9w7", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.39.a/linux-hardened-5.4.39.a.patch" + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.40.a/linux-hardened-5.4.40.a.patch" }, "5.5": { "name": "linux-hardened-5.5.19.a.patch", @@ -20,8 +20,8 @@ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.5.19.a/linux-hardened-5.5.19.a.patch" }, "5.6": { - "name": "linux-hardened-5.6.11.a.patch", + "name": "linux-hardened-5.6.12.a.patch", "sha256": "1b6cwffb2b21h9xh2acm9q9j55cay87zbv9jjayv69znry4mzsx3", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.11.a/linux-hardened-5.6.11.a.patch" + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.12.a/linux-hardened-5.6.12.a.patch" } } diff --git a/pkgs/os-specific/linux/kernel/hardened/update.py b/pkgs/os-specific/linux/kernel/hardened/update.py index 3958c85fe206..d6443d2e7511 100755 --- a/pkgs/os-specific/linux/kernel/hardened/update.py +++ b/pkgs/os-specific/linux/kernel/hardened/update.py @@ -184,11 +184,10 @@ for filename in os.listdir(NIXPKGS_KERNEL_PATH): with import {NIXPKGS_PATH} {{}}; (callPackage {NIXPKGS_KERNEL_PATH / filename} {{}}).version """ - kernel_version = parse_version( - run( - "nix", "eval", "--impure", "--raw", "--expr", nix_version_expr, - ).stdout - ) + kernel_version_json = run( + "nix-instantiate", "--eval", "--json", "--expr", nix_version_expr, + ).stdout + kernel_version = parse_version(json.loads(kernel_version_json)) if kernel_version < MIN_KERNEL_VERSION: continue kernel_key = major_kernel_version_key(kernel_version) diff --git a/pkgs/os-specific/linux/kernel/linux-rpi.nix b/pkgs/os-specific/linux/kernel/linux-rpi.nix index 6f5f2524276b..31a2cc2aa157 100644 --- a/pkgs/os-specific/linux/kernel/linux-rpi.nix +++ b/pkgs/os-specific/linux/kernel/linux-rpi.nix @@ -18,7 +18,7 @@ lib.overrideDerivation (buildLinux (args // { defconfig = { "1" = "bcmrpi_defconfig"; "2" = "bcm2709_defconfig"; - "3" = "bcmrpi3_defconfig"; + "3" = if stdenv.hostPlatform.isAarch64 then "bcmrpi3_defconfig" else "bcm2709_defconfig"; "4" = "bcm2711_defconfig"; }.${toString rpiVersion}; diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index 30e5d16b60f3..dbe18ace40a2 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -45,6 +45,17 @@ installPhase() { cp -prd tls "$out/lib/" fi + # Install systemd power management executables + if [ -e nvidia-sleep.sh ]; then + sed -E 's#(PATH=).*#\1"$PATH"#' nvidia-sleep.sh > nvidia-sleep.sh.fixed + install -Dm755 nvidia-sleep.sh.fixed $out/bin/nvidia-sleep.sh + fi + + if [ -e nvidia ]; then + sed -E "s#/usr(/bin/nvidia-sleep.sh)#$out\\1#" nvidia > nvidia.fixed + install -Dm755 nvidia.fixed $out/lib/systemd/system-sleep/nvidia + fi + for i in $lib32 $out; do rm -f $i/lib/lib{glx,nvidia-wfb}.so.* # handled separately rm -f $i/lib/libnvidia-gtk* # built from source @@ -91,7 +102,6 @@ installPhase() { done - if [ -n "$bin" ]; then # Install the X drivers. mkdir -p $bin/lib/xorg/modules @@ -167,5 +177,4 @@ installPhase() { fi } - genericBuild |