diff options
Diffstat (limited to 'pkgs/os-specific/linux')
26 files changed, 462 insertions, 76 deletions
diff --git a/pkgs/os-specific/linux/acpitool/default.nix b/pkgs/os-specific/linux/acpitool/default.nix index ce47932587cf..86e6b54906ad 100644 --- a/pkgs/os-specific/linux/acpitool/default.nix +++ b/pkgs/os-specific/linux/acpitool/default.nix @@ -3,7 +3,7 @@ let acpitool-patch-051-4 = params: fetchpatch rec { inherit (params) name sha256; - url = "https://anonscm.debian.org/cgit/pkg-acpi/acpitool.git/plain/debian/patches/${name}?h=debian/0.5.1-4&id=3fd9f396f12ec9c1cae3337a2a25026b7faad2ae"; + url = "https://salsa.debian.org/debian/acpitool/raw/33e2ef42a663de820457b212ea2925e506df3b88/debian/patches/${name}"; }; in stdenv.mkDerivation rec { diff --git a/pkgs/os-specific/linux/blcr/default.nix b/pkgs/os-specific/linux/blcr/default.nix deleted file mode 100644 index e018f4622b48..000000000000 --- a/pkgs/os-specific/linux/blcr/default.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ stdenv, fetchurl, kernel, perl, makeWrapper }: - -# BLCR version 0.8.6 should works with linux kernel up to version 3.17.x - -assert stdenv.lib.versionOlder "3.18" kernel.version; - -stdenv.mkDerivation { - name = "blcr_${kernel.version}-0.8.6pre4"; - - src = fetchurl { - url = https://upc-bugs.lbl.gov/blcr-dist/blcr-0.8.6_b4.tar.gz; - sha256 = "1a3gdhdnmk592jc652szxgfz8rjd8dax5jwxfsypiqx5lgkj3m21"; - }; - - buildInputs = [ perl makeWrapper ]; - - hardeningDisable = [ "pic" ]; - - preConfigure = '' - configureFlagsArray=( - --with-linux=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build - --with-kmod-dir=$out/lib/modules/${kernel.modDirVersion} - --with-system-map=${kernel}/System.map - ) - ''; - - postInstall = '' - for prog in "$out/bin/"* - do - wrapProgram "$prog" --prefix LD_LIBRARY_PATH ":" "$out/lib" - done - ''; - - meta = { - description = "Berkeley Lab Checkpoint/Restart for Linux (BLCR)"; - homepage = https://ftg.lbl.gov/projects/CheckpointRestart/; - license = stdenv.lib.licenses.gpl2; - platforms = stdenv.lib.platforms.linux; - maintainers = with stdenv.lib.maintainers; [ - z77z - ]; - }; -} diff --git a/pkgs/os-specific/linux/fwts/module.nix b/pkgs/os-specific/linux/fwts/module.nix new file mode 100644 index 000000000000..ef90e0c303ba --- /dev/null +++ b/pkgs/os-specific/linux/fwts/module.nix @@ -0,0 +1,31 @@ +{ stdenv, fwts, kernel }: + +stdenv.mkDerivation rec { + pname = "fwts-efi-runtime"; + version = "${fwts.version}-${kernel.version}"; + + inherit (fwts) src; + + sourceRoot = "source/efi_runtime"; + + postPatch = '' + substituteInPlace Makefile --replace \ + '/lib/modules/$(KVER)/build' \ + '${kernel.dev}/lib/modules/${kernel.modDirVersion}/build' + ''; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + hardeningDisable = [ "pic" ]; + + makeFlags = [ + "INSTALL_MOD_PATH=${placeholder "out"}" + ]; + + meta = with stdenv.lib; { + inherit (fwts.meta) homepage license; + description = fwts.meta.description + "(efi-runtime kernel module)"; + maintainers = with maintainers; [ dtzWill ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/os-specific/linux/health-check/default.nix b/pkgs/os-specific/linux/health-check/default.nix new file mode 100644 index 000000000000..c90029907c0b --- /dev/null +++ b/pkgs/os-specific/linux/health-check/default.nix @@ -0,0 +1,28 @@ +{ stdenv, lib, fetchurl, json_c, libbsd }: + +stdenv.mkDerivation rec { + pname = "health-check"; + version = "0.03.02"; + + src = fetchurl { + url = "https://kernel.ubuntu.com/~cking/tarballs/${pname}/${pname}-${version}.tar.gz"; + sha256 = "12n2qp5lrlahkgrkwy3mjm0nscz6yhhh80z4xmd2n96pn8f3d4hh"; + }; + + buildInputs = [ json_c libbsd ]; + + makeFlags = [ "JSON_OUTPUT=y" "FNOTIFY=y" ]; + + installFlags = [ + "BINDIR=${placeholder "out"}/bin" + "MANDIR=${placeholder "out"}/share/man/man8" + ]; + + meta = with lib; { + description = "Process monitoring tool"; + homepage = "https://kernel.ubuntu.com/~cking/health-check/"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ dtzWill ]; + }; +} diff --git a/pkgs/os-specific/linux/iproute/default.nix b/pkgs/os-specific/linux/iproute/default.nix index 709646f3368b..d30ac5e62bb4 100644 --- a/pkgs/os-specific/linux/iproute/default.nix +++ b/pkgs/os-specific/linux/iproute/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { substituteInPlace Makefile --replace " netem " " " ''; - outputs = [ "out" "dev"]; + outputs = [ "out" "dev" ]; makeFlags = [ "DESTDIR=" diff --git a/pkgs/os-specific/linux/ipsec-tools/CVE-2016-10396.patch b/pkgs/os-specific/linux/ipsec-tools/CVE-2016-10396.patch new file mode 100644 index 000000000000..b644d46f8c9d --- /dev/null +++ b/pkgs/os-specific/linux/ipsec-tools/CVE-2016-10396.patch @@ -0,0 +1,193 @@ +From: Antoine_Beaupre <anarcat@orangeseeds.org> +Acked-by: Jiri Bohac <jbohac@suse.cz> +Subject: PR/51682: Avoid DoS with fragment out of order insertion; keep fragments sorted in the list. +References: bsc#1047443, CVE-2016-10396 + + + +Index: a/src/racoon/handler.h +=================================================================== +--- a/src/racoon/handler.h.orig 2018-01-26 18:05:21.114764376 +0100 ++++ a/src/racoon/handler.h 2018-01-26 18:05:33.986741103 +0100 +@@ -141,6 +141,7 @@ struct ph1handle { + #endif + #ifdef ENABLE_FRAG + int frag; /* IKE phase 1 fragmentation */ ++ int frag_last_index; + struct isakmp_frag_item *frag_chain; /* Received fragments */ + #endif + +Index: a/src/racoon/isakmp.c +=================================================================== +--- a/src/racoon/isakmp.c.orig 2018-01-26 18:05:21.118764369 +0100 ++++ a/src/racoon/isakmp.c 2018-01-26 18:05:33.986741103 +0100 +@@ -1069,6 +1069,7 @@ isakmp_ph1begin_i(rmconf, remote, local) + iph1->frag = 1; + else + iph1->frag = 0; ++ iph1->frag_last_index = 0; + iph1->frag_chain = NULL; + #endif + iph1->approval = NULL; +@@ -1173,6 +1174,7 @@ isakmp_ph1begin_r(msg, remote, local, et + #endif + #ifdef ENABLE_FRAG + iph1->frag = 0; ++ iph1->frag_last_index = 0; + iph1->frag_chain = NULL; + #endif + iph1->approval = NULL; +Index: a/src/racoon/isakmp_frag.c +=================================================================== +--- a/src/racoon/isakmp_frag.c.orig 2018-01-26 18:05:21.118764369 +0100 ++++ a/src/racoon/isakmp_frag.c 2018-01-26 18:05:33.986741103 +0100 +@@ -173,6 +173,43 @@ vendorid_frag_cap(gen) + return ntohl(hp[MD5_DIGEST_LENGTH / sizeof(*hp)]); + } + ++static int ++isakmp_frag_insert(struct ph1handle *iph1, struct isakmp_frag_item *item) ++{ ++ struct isakmp_frag_item *pitem = NULL; ++ struct isakmp_frag_item *citem = iph1->frag_chain; ++ ++ /* no frag yet, just insert at beginning of list */ ++ if (iph1->frag_chain == NULL) { ++ iph1->frag_chain = item; ++ return 0; ++ } ++ ++ do { ++ /* duplicate fragment number, abort (CVE-2016-10396) */ ++ if (citem->frag_num == item->frag_num) ++ return -1; ++ ++ /* need to insert before current item */ ++ if (citem->frag_num > item->frag_num) { ++ if (pitem != NULL) ++ pitem->frag_next = item; ++ else ++ /* insert at the beginning of the list */ ++ iph1->frag_chain = item; ++ item->frag_next = citem; ++ return 0; ++ } ++ ++ pitem = citem; ++ citem = citem->frag_next; ++ } while (citem != NULL); ++ ++ /* we reached the end of the list, insert */ ++ pitem->frag_next = item; ++ return 0; ++} ++ + int + isakmp_frag_extract(iph1, msg) + struct ph1handle *iph1; +@@ -224,39 +261,43 @@ isakmp_frag_extract(iph1, msg) + item->frag_next = NULL; + item->frag_packet = buf; + +- /* Look for the last frag while inserting the new item in the chain */ +- if (item->frag_last) +- last_frag = item->frag_num; ++ /* Check for the last frag before inserting the new item in the chain */ ++ if (item->frag_last) { ++ /* if we have the last fragment, indices must match */ ++ if (iph1->frag_last_index != 0 && ++ item->frag_last != iph1->frag_last_index) { ++ plog(LLV_ERROR, LOCATION, NULL, ++ "Repeated last fragment index mismatch\n"); ++ racoon_free(item); ++ vfree(buf); ++ return -1; ++ } + +- if (iph1->frag_chain == NULL) { +- iph1->frag_chain = item; +- } else { +- struct isakmp_frag_item *current; ++ last_frag = iph1->frag_last_index = item->frag_num; ++ } + +- current = iph1->frag_chain; +- while (current->frag_next) { +- if (current->frag_last) +- last_frag = item->frag_num; +- current = current->frag_next; +- } +- current->frag_next = item; ++ /* insert fragment into chain */ ++ if (isakmp_frag_insert(iph1, item) == -1) { ++ plog(LLV_ERROR, LOCATION, NULL, ++ "Repeated fragment index mismatch\n"); ++ racoon_free(item); ++ vfree(buf); ++ return -1; + } + +- /* If we saw the last frag, check if the chain is complete */ ++ /* If we saw the last frag, check if the chain is complete ++ * we have a sorted list now, so just walk through */ + if (last_frag != 0) { ++ item = iph1->frag_chain; + for (i = 1; i <= last_frag; i++) { +- item = iph1->frag_chain; +- do { +- if (item->frag_num == i) +- break; +- item = item->frag_next; +- } while (item != NULL); +- ++ if (item->frag_num != i) ++ break; ++ item = item->frag_next; + if (item == NULL) /* Not found */ + break; + } + +- if (item != NULL) /* It is complete */ ++ if (i > last_frag) /* It is complete */ + return 1; + } + +@@ -291,15 +332,9 @@ isakmp_frag_reassembly(iph1) + } + data = buf->v; + ++ item = iph1->frag_chain; + for (i = 1; i <= frag_count; i++) { +- item = iph1->frag_chain; +- do { +- if (item->frag_num == i) +- break; +- item = item->frag_next; +- } while (item != NULL); +- +- if (item == NULL) { ++ if (item->frag_num != i) { + plog(LLV_ERROR, LOCATION, NULL, + "Missing fragment #%d\n", i); + vfree(buf); +@@ -308,6 +343,7 @@ isakmp_frag_reassembly(iph1) + } + memcpy(data, item->frag_packet->v, item->frag_packet->l); + data += item->frag_packet->l; ++ item = item->frag_next; + } + + out: + + +diff -u -p -r1.50 -r1.51 +--- a/src/racoon/isakmp_inf.c 2013/04/12 09:53:10 1.50 ++++ a/src/racoon/isakmp_inf.c 2017/01/24 19:23:56 1.51 +@@ -720,6 +720,7 @@ isakmp_info_send_nx(isakmp, remote, loca + #endif + #ifdef ENABLE_FRAG + iph1->frag = 0; ++ iph1->frag_last_index = 0; + iph1->frag_chain = NULL; + #endif + diff --git a/pkgs/os-specific/linux/ipsec-tools/default.nix b/pkgs/os-specific/linux/ipsec-tools/default.nix index 0aa074b4df8f..551fc61f8145 100644 --- a/pkgs/os-specific/linux/ipsec-tools/default.nix +++ b/pkgs/os-specific/linux/ipsec-tools/default.nix @@ -19,10 +19,7 @@ stdenv.mkDerivation rec { patches = [ ./dont-create-localstatedir-during-install.patch ./CVE-2015-4047.patch - (fetchpatch { - url = "https://anonscm.debian.org/cgit/pkg-ipsec-tools/pkg-ipsec-tools.git/plain/debian/patches/CVE-2016-10396.patch?id=62ac12648a4eb7c5ba5dba0f81998d1acf310d8b"; - sha256 = "1kf7j2pf1blni52z7q41n0yisqb7gvk01lvldr319zaxxg7rm84a"; - }) + ./CVE-2016-10396.patch ]; # fix build with newer gcc versions diff --git a/pkgs/os-specific/linux/kernel/export_kernel_fpu_functions.patch b/pkgs/os-specific/linux/kernel/export_kernel_fpu_functions_4_14.patch index 205497aee2da..205497aee2da 100644 --- a/pkgs/os-specific/linux/kernel/export_kernel_fpu_functions.patch +++ b/pkgs/os-specific/linux/kernel/export_kernel_fpu_functions_4_14.patch diff --git a/pkgs/os-specific/linux/kernel/export_kernel_fpu_functions_5_3.patch b/pkgs/os-specific/linux/kernel/export_kernel_fpu_functions_5_3.patch new file mode 100644 index 000000000000..dc9ca64bdc1f --- /dev/null +++ b/pkgs/os-specific/linux/kernel/export_kernel_fpu_functions_5_3.patch @@ -0,0 +1,42 @@ +From 1e010beda2896bdf3082fb37a3e49f8ce20e04d8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Thu, 2 May 2019 05:28:08 +0100 +Subject: [PATCH] x86/fpu: Export kernel_fpu_{begin,end}() with + EXPORT_SYMBOL_GPL +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +We need these symbols in zfs as the fpu implementation breaks userspace: + +https://github.com/zfsonlinux/zfs/issues/9346 +Signed-off-by: Jörg Thalheim <joerg@thalheim.io> +--- + arch/x86/kernel/fpu/core.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c +index 12c70840980e..352538b3bb5d 100644 +--- a/arch/x86/kernel/fpu/core.c ++++ b/arch/x86/kernel/fpu/core.c +@@ -102,7 +102,7 @@ void kernel_fpu_begin(void) + } + __cpu_invalidate_fpregs_state(); + } +-EXPORT_SYMBOL_GPL(kernel_fpu_begin); ++EXPORT_SYMBOL(kernel_fpu_begin); + + void kernel_fpu_end(void) + { +@@ -111,7 +111,7 @@ void kernel_fpu_end(void) + this_cpu_write(in_kernel_fpu, false); + preempt_enable(); + } +-EXPORT_SYMBOL_GPL(kernel_fpu_end); ++EXPORT_SYMBOL(kernel_fpu_end); + + /* + * Save the FPU state (mark it for reload if necessary): +-- +2.23.0 + diff --git a/pkgs/os-specific/linux/kernel/gen-kheaders-metadata.patch b/pkgs/os-specific/linux/kernel/gen-kheaders-metadata.patch new file mode 100644 index 000000000000..0639f8b4e8fb --- /dev/null +++ b/pkgs/os-specific/linux/kernel/gen-kheaders-metadata.patch @@ -0,0 +1,86 @@ +From 2cc99c9cdc8fde5e92e34f9655829449cebd3e00 Mon Sep 17 00:00:00 2001 +From: Dmitry Goldin <dgoldin+lkml@protonmail.ch> +Date: Fri, 4 Oct 2019 10:40:07 +0000 +Subject: kheaders: make headers archive reproducible + +In commit 43d8ce9d65a5 ("Provide in-kernel headers to make +extending kernel easier") a new mechanism was introduced, for kernels +>=5.2, which embeds the kernel headers in the kernel image or a module +and exposes them in procfs for use by userland tools. + +The archive containing the header files has nondeterminism caused by +header files metadata. This patch normalizes the metadata and utilizes +KBUILD_BUILD_TIMESTAMP if provided and otherwise falls back to the +default behaviour. + +In commit f7b101d33046 ("kheaders: Move from proc to sysfs") it was +modified to use sysfs and the script for generation of the archive was +renamed to what is being patched. + +Signed-off-by: Dmitry Goldin <dgoldin+lkml@protonmail.ch> +Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org> +Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> + +--- + +nixos note: This patch is from +https://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild.git/commit/?h=fixes&id=2cc99c9cdc8fde5e92e34f9655829449cebd3e00 +I commented out the documentation part here, so that it easily applies +to linux 5.2 and 5.3, which does not ship with the reproducible build +documentation yet, which only was introduced recently. + +--- + Documentation/kbuild/reproducible-builds.rst | 13 +++++++++---- + kernel/gen_kheaders.sh | 5 ++++- + 2 files changed, 13 insertions(+), 5 deletions(-) + +#diff --git a/Documentation/kbuild/reproducible-builds.rst b/Documentation/kbuild/reproducible-builds.rst +#index ab92e98c89c8..503393854e2e 100644 +# --- a/Documentation/kbuild/reproducible-builds.rst +#+++ b/Documentation/kbuild/reproducible-builds.rst +#@@ -16,16 +16,21 @@ the kernel may be unreproducible, and how to avoid them. +# Timestamps +# ---------- +# +#-The kernel embeds a timestamp in two places: +#+The kernel embeds timestamps in three places: +# +# * The version string exposed by ``uname()`` and included in +# ``/proc/version`` +# +# * File timestamps in the embedded initramfs +# +#-By default the timestamp is the current time. This must be overridden +#-using the `KBUILD_BUILD_TIMESTAMP`_ variable. If you are building +#-from a git commit, you could use its commit date. +#+* If enabled via ``CONFIG_IKHEADERS``, file timestamps of kernel +#+ headers embedded in the kernel or respective module, +#+ exposed via ``/sys/kernel/kheaders.tar.xz`` +#+ +#+By default the timestamp is the current time and in the case of +#+``kheaders`` the various files' modification times. This must +#+be overridden using the `KBUILD_BUILD_TIMESTAMP`_ variable. +#+If you are building from a git commit, you could use its commit date. +# +# The kernel does *not* use the ``__DATE__`` and ``__TIME__`` macros, +# and enables warnings if they are used. If you incorporate external +diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh +index 9ff449888d9c..aff79e461fc9 100755 +--- a/kernel/gen_kheaders.sh ++++ b/kernel/gen_kheaders.sh +@@ -71,7 +71,10 @@ done | cpio --quiet -pd $cpio_dir >/dev/null 2>&1 + find $cpio_dir -type f -print0 | + xargs -0 -P8 -n1 perl -pi -e 'BEGIN {undef $/;}; s/\/\*((?!SPDX).)*?\*\///smg;' + +-tar -Jcf $tarfile -C $cpio_dir/ . > /dev/null ++# Create archive and try to normalize metadata for reproducibility ++tar "${KBUILD_BUILD_TIMESTAMP:+--mtime=$KBUILD_BUILD_TIMESTAMP}" \ ++ --owner=0 --group=0 --sort=name --numeric-owner \ ++ -Jcf $tarfile -C $cpio_dir/ . > /dev/null + + echo "$src_files_md5" > kernel/kheaders.md5 + echo "$obj_files_md5" >> kernel/kheaders.md5 +-- +cgit 1.2-0.3.lf.el7 + diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index efafd10b0b81..5c07f84ca82a 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.14.146"; + version = "4.14.148"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1x9343pvlxdgx0zbsn12mcfhf6r8d9p57h6l5cw7krm3gs44pid3"; + sha256 = "1b8ggknvaidsvqnzpgbcmz3ybys9a8jm8iq6aqcnqfp10d0bglhj"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index da7347f7c675..b12127d349bf 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "4.19.76"; + version = "4.19.78"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0rhyjw5r3xdnj37dd6wrpihdqc3zn5ih6hcpa4x2cjvk0acx4kds"; + sha256 = "0jah57k3q7b674dr544cniwhya667d8h7x9k5886d1g2qrvylqyz"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 9ca235ae24c7..65ee9634ba40 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.4.194"; + version = "4.4.196"; extraMeta.branch = "4.4"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0kvlp2v4nvkilaanhpgwf8dkyfj24msaw0m38rbc4y51y69yhqvz"; + sha256 = "0vd7fra22ky4sqp6vamracp5xd4900md5vdx0n4i6dhkf03kz7hn"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index e5b2d0d386b4..c9e72a3264bc 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,11 +1,11 @@ { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args: buildLinux (args // rec { - version = "4.9.194"; + version = "4.9.196"; extraMeta.branch = "4.9"; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1qy20vw5bhnsfbh95sdhjbk6y94js8m4ryd3m7xg2qg4hisvpx6m"; + sha256 = "1vy6j9ycl5aw0dmj4n9kih5i8igybk0ilahlwbn30mlp9aq15az0"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.2.nix b/pkgs/os-specific/linux/kernel/linux-5.2.nix index db8fc2965cff..6db0c8471df2 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.2.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.2.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.2.18"; + version = "5.2.20"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0q6akmhcdj52lhvs5fjxrr25r0hyklh7115hg0zl0fcpdj30y2bd"; + sha256 = "0sddasxka08c1qjhbd9w4z7rzprfly2i67q4iwppbldngi4y48di"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-5.3.nix b/pkgs/os-specific/linux/kernel/linux-5.3.nix index 43f096be1a7f..5d5624af2da5 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.3.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.3.nix @@ -3,7 +3,7 @@ with stdenv.lib; buildLinux (args // rec { - version = "5.3.2"; + version = "5.3.5"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,6 +13,6 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0szw21mpp94gp3zn2fgllbv6fdjjf20njgrcjay7vjmm7farq7rn"; + sha256 = "1w2k3q6q9cf3r27z084c9nsxh49bq4cvky39pp6dp3r9zif8rvc0"; }; } // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-rpi.nix b/pkgs/os-specific/linux/kernel/linux-rpi.nix index b383abdef1dc..f8ad6b37a190 100644 --- a/pkgs/os-specific/linux/kernel/linux-rpi.nix +++ b/pkgs/os-specific/linux/kernel/linux-rpi.nix @@ -49,8 +49,8 @@ lib.overrideDerivation (buildLinux (args // { cp -v "$dtbDir/$1" "$dtbDir/$2" } '' + lib.optionalString (lib.elem stdenv.hostPlatform.system ["armv6l-linux"]) '' - copyDTB bcm2708-rpi-0-w.dtb bcm2835-rpi-zero.dtb - copyDTB bcm2708-rpi-0-w.dtb bcm2835-rpi-zero-w.dtb + copyDTB bcm2708-rpi-zero-w.dtb bcm2835-rpi-zero.dtb + copyDTB bcm2708-rpi-zero-w.dtb bcm2835-rpi-zero-w.dtb copyDTB bcm2708-rpi-b.dtb bcm2835-rpi-a.dtb copyDTB bcm2708-rpi-b.dtb bcm2835-rpi-b.dtb copyDTB bcm2708-rpi-b.dtb bcm2835-rpi-b-rev2.dtb diff --git a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index 38c0ad10ae5f..578cbf318b87 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -1,13 +1,13 @@ { stdenv, buildPackages, fetchgit, fetchpatch, perl, buildLinux, ... } @ args: buildLinux (args // { - version = "5.2.2019.09.24"; + version = "5.2.2019.10.01"; modDirVersion = "5.2.0"; src = fetchgit { url = "https://evilpiepirate.org/git/bcachefs.git"; - rev = "5a3a4087af27aa10da5f23cb174a439946153584"; - sha256 = "1yn40n2iyflbfv1z8l86nixv8wlybg7abz49nq5k6hmf7r9z56mk"; + rev = "45920b5139a752bb4f22871b8b916beacc4f9fb9"; + sha256 = "1hi98jckzd8d7whivmgl1ywdfdixhq7la37jagwnwbf8lsqsp25i"; }; extraConfig = "BCACHEFS_FS m"; diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index 88e990501f9a..9764fddf0199 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -94,7 +94,9 @@ let patches = map (p: p.patch) kernelPatches # Required for deterministic builds along with some postPatch magic. - ++ optional (stdenv.lib.versionAtLeast version "4.13") ./randstruct-provide-seed.patch; + ++ optional (stdenv.lib.versionAtLeast version "4.13") ./randstruct-provide-seed.patch + # Fixes determinism by normalizing metadata for the archive of kheaders + ++ optional (stdenv.lib.versionAtLeast version "5.2") ./gen-kheaders-metadata.patch; prePatch = '' for mf in $(find -name Makefile -o -name Makefile.include -o -name install.sh); do diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index b80320db282e..fa5b168389bc 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -59,8 +59,14 @@ }; export_kernel_fpu_functions = { - name = "export_kernel_fpu_functions"; - patch = ./export_kernel_fpu_functions.patch; + "4.14" = { + name = "export_kernel_fpu_functions"; + patch = ./export_kernel_fpu_functions_4_14.patch; + }; + "5.3" = { + name = "export_kernel_fpu_functions"; + patch = ./export_kernel_fpu_functions_5_3.patch; + }; }; # patches from https://lkml.org/lkml/2019/7/15/1748 diff --git a/pkgs/os-specific/linux/molly-guard/default.nix b/pkgs/os-specific/linux/molly-guard/default.nix index 766c01eed3fc..cdd9d162f4a4 100644 --- a/pkgs/os-specific/linux/molly-guard/default.nix +++ b/pkgs/os-specific/linux/molly-guard/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { meta = with stdenv.lib; { description = "Attempts to prevent you from accidentally shutting down or rebooting machines"; - homepage = https://anonscm.debian.org/git/collab-maint/molly-guard.git/; + homepage = https://salsa.debian.org/debian/molly-guard; license = licenses.artistic2; platforms = platforms.linux; maintainers = with maintainers; [ DerTim1 ]; diff --git a/pkgs/os-specific/linux/nmon/default.nix b/pkgs/os-specific/linux/nmon/default.nix index cb6dd4ab946c..9de18401d7b2 100644 --- a/pkgs/os-specific/linux/nmon/default.nix +++ b/pkgs/os-specific/linux/nmon/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "nmon"; - version = "16k"; + version = "16m"; src = fetchurl { url = "mirror://sourceforge/nmon/lmon${version}.c"; - sha256 = "17nbxrnl7kqiaaxn2hwyi65gphbl3wybbyp9vri2q5ifdis3ssib"; + sha256 = "1hazgrq3m01dzv05639yis1mypcp0jf167n9gqwd3wgxzm2lvv9b"; }; buildInputs = [ ncurses ]; diff --git a/pkgs/os-specific/linux/pagemon/default.nix b/pkgs/os-specific/linux/pagemon/default.nix index 5d7357cb8380..772ef56cde2e 100644 --- a/pkgs/os-specific/linux/pagemon/default.nix +++ b/pkgs/os-specific/linux/pagemon/default.nix @@ -2,10 +2,10 @@ stdenv.mkDerivation rec { pname = "pagemon"; - version = "0.01.16"; + version = "0.01.17"; src = fetchFromGitHub { - sha256 = "0fpxjw6sg6r9r7yy03brri37wmmc32rhzayzlmwgmzay8rifmm7i"; + sha256 = "11r84nwjvnjyxc3jqhbvlgb89ajfj7v8212mz61dq5ilq5k7xa3d"; rev = "V${version}"; repo = "pagemon"; owner = "ColinIanKing"; diff --git a/pkgs/os-specific/linux/power-calibrate/default.nix b/pkgs/os-specific/linux/power-calibrate/default.nix new file mode 100644 index 000000000000..75c6f1716fc5 --- /dev/null +++ b/pkgs/os-specific/linux/power-calibrate/default.nix @@ -0,0 +1,24 @@ +{ stdenv, lib, fetchurl }: + +stdenv.mkDerivation rec { + pname = "power-calibrate"; + version = "0.01.28"; + + src = fetchurl { + url = "https://kernel.ubuntu.com/~cking/tarballs/${pname}/${pname}-${version}.tar.gz"; + sha256 = "1miyjs0vngzfdlsxhn5gndcalzkh28grg4m6faivvp1c6mjp794m"; + }; + + installFlags = [ + "BINDIR=${placeholder "out"}/bin" + "MANDIR=${placeholder "out"}/share/man/man8" + ]; + + meta = with lib; { + description = "Tool to calibrate power consumption"; + homepage = "https://kernel.ubuntu.com/~cking/power-calibrate/"; + license = licenses.gpl2; + platforms = platforms.linux; + maintainers = with maintainers; [ dtzWill ]; + }; +} diff --git a/pkgs/os-specific/linux/sysvinit/default.nix b/pkgs/os-specific/linux/sysvinit/default.nix index a29c6152aaa6..e3a8baa7da35 100644 --- a/pkgs/os-specific/linux/sysvinit/default.nix +++ b/pkgs/os-specific/linux/sysvinit/default.nix @@ -1,13 +1,13 @@ { stdenv, fetchurl, withoutInitTools ? false }: -let version = "2.95"; in +let version = "2.96"; in stdenv.mkDerivation { name = (if withoutInitTools then "sysvtools" else "sysvinit") + "-" + version; src = fetchurl { url = "mirror://savannah/sysvinit/sysvinit-${version}.tar.xz"; - sha256 = "1j46dydib9yd2a46w43is9b61lplwrsry46fw7cbmfrn7ywrq0n9"; + sha256 = "11xmcamvjmrw874zp0vc37hrqc4hz02i0iy8n4xa4dd25avjcbia"; }; prePatch = '' diff --git a/pkgs/os-specific/linux/turbostat/default.nix b/pkgs/os-specific/linux/turbostat/default.nix new file mode 100644 index 000000000000..10074f490b80 --- /dev/null +++ b/pkgs/os-specific/linux/turbostat/default.nix @@ -0,0 +1,20 @@ +{ stdenv, kernel }: + +stdenv.mkDerivation { + pname = "turbostat"; + inherit (kernel) src version; + + makeFlags = [ "PREFIX=${placeholder "out"}" ]; + + postPatch = '' + cd tools/power/x86/turbostat + ''; + + meta = with stdenv.lib; { + description = "Report processor frequency and idle statistics"; + homepage = https://www.kernel.org/; + license = licenses.gpl2; + platforms = [ "i686-linux" "x86_64-linux" ]; # x86-specific + }; +} + |