about summary refs log tree commit diff
path: root/pkgs/os-specific
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/os-specific')
-rw-r--r--pkgs/os-specific/linux/ell/default.nix4
-rw-r--r--pkgs/os-specific/linux/hostapd/default.nix8
-rw-r--r--pkgs/os-specific/linux/iwd/default.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/hardened-patches.json24
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.14.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.4.nix4
-rw-r--r--pkgs/os-specific/linux/kernel/linux-4.9.nix4
-rw-r--r--pkgs/os-specific/linux/libfabric/default.nix29
-rw-r--r--pkgs/os-specific/linux/libpsm2/default.nix42
-rw-r--r--pkgs/os-specific/linux/wireguard/default.nix28
10 files changed, 115 insertions, 36 deletions
diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix
index 69c1f8de2ea9..cb971d452d61 100644
--- a/pkgs/os-specific/linux/ell/default.nix
+++ b/pkgs/os-specific/linux/ell/default.nix
@@ -7,14 +7,14 @@
 
 stdenv.mkDerivation rec {
   pname = "ell";
-  version = "0.30";
+  version = "0.31";
 
   outputs = [ "out" "dev" ];
 
   src = fetchgit {
      url = "https://git.kernel.org/pub/scm/libs/${pname}/${pname}.git";
      rev = version;
-     sha256 = "0kiglgc02a6hqi1nhnl4d8lxax8b1fljp50pvqswrnbh7pgb5676";
+     sha256 = "1qlpc906xd78fzxvvj2kxi3aikgnw0c0h3x620s131apax4qrnqa";
   };
 
   patches = [
diff --git a/pkgs/os-specific/linux/hostapd/default.nix b/pkgs/os-specific/linux/hostapd/default.nix
index 869a394cefb4..8152655d457d 100644
--- a/pkgs/os-specific/linux/hostapd/default.nix
+++ b/pkgs/os-specific/linux/hostapd/default.nix
@@ -17,7 +17,13 @@ stdenv.mkDerivation rec {
       # Note: fetchurl seems to be unhappy with openwrt git
       # server's URLs containing semicolons. Using the github mirror instead.
       url = "https://raw.githubusercontent.com/openwrt/openwrt/master/package/network/services/hostapd/patches/300-noscan.patch";
-      sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k";})
+      sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k";
+    })
+    (fetchurl {
+      name = "CVE-2019-16275.patch";
+      url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch";
+      sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz";
+    })
   ];
 
   outputs = [ "out" "man" ];
diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix
index 02bd83d9da63..be2a4ff3e56a 100644
--- a/pkgs/os-specific/linux/iwd/default.nix
+++ b/pkgs/os-specific/linux/iwd/default.nix
@@ -13,12 +13,12 @@
 
 stdenv.mkDerivation rec {
   pname = "iwd";
-  version = "1.6";
+  version = "1.7";
 
   src = fetchgit {
     url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git";
     rev = version;
-    sha256 = "0c38c7a234cwdd5y1brq4w56xszs8zlp57rr3nvgp8z8djcy1qvx";
+    sha256 = "1qi25qav1rv8gm5lbrip8ayq5vwynmyv2q4ar7bbmnjh6cglvyh2";
   };
 
   nativeBuildInputs = [
diff --git a/pkgs/os-specific/linux/kernel/hardened-patches.json b/pkgs/os-specific/linux/kernel/hardened-patches.json
index eecb27cdb669..a87628dd7697 100644
--- a/pkgs/os-specific/linux/kernel/hardened-patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened-patches.json
@@ -1,18 +1,18 @@
 {
     "4.14": {
-        "name": "linux-hardened-4.14.176.a.patch",
-        "sha256": "0pr3m2j63mc746fcbzg1hlwv85im9f87qkl6r4033gwnpa9brcgk",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.176.a/linux-hardened-4.14.176.a.patch"
+        "name": "linux-hardened-4.14.177.a.patch",
+        "sha256": "0wiapq4nj16m5ywnz0k7k0fr5hpw2gjy68mjlk6x866rf8vhndrq",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.177.a/linux-hardened-4.14.177.a.patch"
     },
     "4.19": {
-        "name": "linux-hardened-4.19.117.a.patch",
-        "sha256": "0c8dvh49nzypxwvsls10i896smvpdrk40x8ybljb3qk3r8j7niaw",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.117.a/linux-hardened-4.19.117.a.patch"
+        "name": "linux-hardened-4.19.118.a.patch",
+        "sha256": "120lnn9j9zsx1kcq4frcjmj2vj39x0g1yxrrx9nax2yjrzp4wfdw",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.118.a/linux-hardened-4.19.118.a.patch"
     },
     "5.4": {
-        "name": "linux-hardened-5.4.34.a.patch",
-        "sha256": "1xwpqr9nzpjg837b3wnzb8fmrl2g9rz8gz5yb55vnnllbzbz36v6",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.34.a/linux-hardened-5.4.34.a.patch"
+        "name": "linux-hardened-5.4.35.a.patch",
+        "sha256": "0vcqgrzns4d3z93mn8mv0sxkmj7ylbr8prff72c4ssvb0kd7agy9",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.35.a/linux-hardened-5.4.35.a.patch"
     },
     "5.5": {
         "name": "linux-hardened-5.5.19.a.patch",
@@ -20,8 +20,8 @@
         "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.5.19.a/linux-hardened-5.5.19.a.patch"
     },
     "5.6": {
-        "name": "linux-hardened-5.6.6.a.patch",
-        "sha256": "0jiqh0frxirjbccgfdk007fca6r6n36n0pkqq4jszkckn59ayl7r",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.6.a/linux-hardened-5.6.6.a.patch"
+        "name": "linux-hardened-5.6.7.a.patch",
+        "sha256": "1dnk9df4v2iw05vpn0s8q6b0ci2rzl2wiq77vhr40mpbg6p18fap",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.6.7.a/linux-hardened-5.6.7.a.patch"
     }
 }
diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix
index 5d7337c27f67..6c5d86a0e69e 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix
@@ -3,7 +3,7 @@
 with stdenv.lib;
 
 buildLinux (args // rec {
-  version = "4.14.176";
+  version = "4.14.177";
 
   # modDirVersion needs to be x.y.z, will automatically add .0 if needed
   modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "18jwxhf29ax54xnylmz9zfkslnxw7y3h215dbfmmvddfp9b0kbmw";
+    sha256 = "04hq0i06mg2yc09jj2xk0vhf5q9yigzjzm55a5bvfy2a6j43r9rk";
   };
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix
index e99375ed62c4..d846a015477f 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix
@@ -1,11 +1,11 @@
 { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args:
 
 buildLinux (args // rec {
-  version = "4.4.219";
+  version = "4.4.220";
   extraMeta.branch = "4.4";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "1mpxqb2m24ay4n9px4n2cyklxy4lhnv9q6wlvilx13rs5qfbb62f";
+    sha256 = "1knj3qsl7x3fysdz1h0s980ddbafs3658z2y67w6sn79wp7d8blg";
   };
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix
index 78c76d12ddc4..b05a3685c276 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix
@@ -1,11 +1,11 @@
 { stdenv, buildPackages, fetchurl, perl, buildLinux, ... } @ args:
 
 buildLinux (args // rec {
-  version = "4.9.219";
+  version = "4.9.220";
   extraMeta.branch = "4.9";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "0i5wlyp11ss9p035bhq73xjx8iyk5dk4ynvd7msw5qfkrs6265vb";
+    sha256 = "0bhbkybzbdsbmrjmb5m7hxxl8b3v6n79zhh86cbr95kzg1hcgnfs";
   };
 } // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/libfabric/default.nix b/pkgs/os-specific/linux/libfabric/default.nix
new file mode 100644
index 000000000000..6383832a7e73
--- /dev/null
+++ b/pkgs/os-specific/linux/libfabric/default.nix
@@ -0,0 +1,29 @@
+{ stdenv, fetchFromGitHub, pkgconfig, autoreconfHook, libpsm2 }:
+
+stdenv.mkDerivation rec {
+  pname = "libfabric";
+  version = "1.10.0";
+
+  enableParallelBuilding = true;
+
+  src = fetchFromGitHub {
+    owner = "ofiwg";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "0amgc5w7qg96r9a21jl92m6jzn4z2j3iyk7jf7kwyzfi4jhlkv89";
+  };
+
+  nativeBuildInputs = [ pkgconfig autoreconfHook ] ;
+
+  buildInputs = [ libpsm2 ] ;
+
+  configureFlags = [ "--enable-psm2=${libpsm2}" ] ;
+
+  meta = with stdenv.lib; {
+    homepage = "http://libfabric.org/";
+    description = "Open Fabric Interfaces";
+    license = with licenses; [ gpl2 bsd2 ];
+    platforms = [ "x86_64-linux" ];
+    maintainers = [ maintainers.bzizou ];
+  };
+}
diff --git a/pkgs/os-specific/linux/libpsm2/default.nix b/pkgs/os-specific/linux/libpsm2/default.nix
new file mode 100644
index 000000000000..b9e41380da8c
--- /dev/null
+++ b/pkgs/os-specific/linux/libpsm2/default.nix
@@ -0,0 +1,42 @@
+{ stdenv, fetchFromGitHub, numactl, pkgconfig }:
+
+stdenv.mkDerivation rec {
+  pname = "libpsm2";
+  version = "11.2.156";
+  ifs_version = "10_10_2_0_44";
+
+  preConfigure= ''
+    export UDEVDIR=$out/etc/udev
+    substituteInPlace ./Makefile --replace "udevrulesdir}" "prefix}/etc/udev";
+  '';
+
+  enableParallelBuilding = true;
+
+  buildInputs = [ numactl pkgconfig ];
+
+  installFlags = [ 
+    "DESTDIR=$(out)"
+    "UDEVDIR=/etc/udev"
+    "LIBPSM2_COMPAT_CONF_DIR=/etc"
+  ];
+
+  src = fetchFromGitHub {
+    owner = "intel";
+    repo = "opa-psm2";
+    rev = "IFS_RELEASE_${ifs_version}";
+    sha256 = "0ckrfzih1ga9yvximxjdh0z05kn9l858ykqiblv18w6ka3gra1xz";
+  };
+
+  postInstall = ''
+    mv $out/usr/* $out
+    rmdir $out/usr
+  '';
+
+  meta = with stdenv.lib; {
+    homepage = "https://github.com/intel/opa-psm2";
+    description = "The PSM2 library supports a number of fabric media and stacks";
+    license = with licenses; [ gpl2 bsd3 ];
+   platforms = [ "x86_64-linux" ];
+    maintainers = [ maintainers.bzizou ];
+  };
+}
diff --git a/pkgs/os-specific/linux/wireguard/default.nix b/pkgs/os-specific/linux/wireguard/default.nix
index 890c774081bb..8c3f489753df 100644
--- a/pkgs/os-specific/linux/wireguard/default.nix
+++ b/pkgs/os-specific/linux/wireguard/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchzip, kernel, perl, wireguard-tools }:
+{ stdenv, fetchzip, kernel, perl, wireguard-tools, bc }:
 
 # module requires Linux >= 3.10 https://www.wireguard.io/install/#kernel-requirements
 assert stdenv.lib.versionAtLeast kernel.version "3.10";
@@ -7,29 +7,31 @@ assert stdenv.lib.versionOlder kernel.version "5.6";
 
 stdenv.mkDerivation rec {
   pname = "wireguard";
-  version = "1.0.20200401";
+  version = "1.0.20200426";
 
   src = fetchzip {
     url = "https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${version}.tar.xz";
-    sha256 = "1q4gfpbvbyracnl219xqfz5yqfc08i6g41z6bn2skx5x8jbll3aq";
+    sha256 = "0j343xk9qgmzn0j6kgvydfqjqslf2rv6r4ikfc59982xxny6f6l5";
   };
 
-  preConfigure = ''
-    cd src
-    sed -i '/depmod/,+1d' Makefile
-  '';
-
   hardeningDisable = [ "pic" ];
 
   KERNELDIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";
-  INSTALL_MOD_PATH = "\${out}";
-
-  NIX_CFLAGS = ["-Wno-error=cpp"];
 
-  nativeBuildInputs = [ perl ] ++ kernel.moduleBuildDependencies;
+  nativeBuildInputs = [ perl bc ] ++ kernel.moduleBuildDependencies;
 
+  preBuild = "cd src";
   buildFlags = [ "module" ];
-  installTargets = [ "module-install" ];
+
+  INSTALL_MOD_PATH = placeholder "out";
+  installFlags = [ "DEPMOD=true" ];
+  enableParallelBuilding = true;
+
+  passthru = {
+    # remove this when our kernel comes with native wireguard support
+    # and our tests no longer tests this package
+    inherit (wireguard-tools) tests;
+  };
 
   meta = with stdenv.lib; {
     inherit (wireguard-tools.meta) homepage license maintainers;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-30 15:59:36 +0000