diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2021-11-16 12:02:04 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-11-16 12:02:04 +0100 |
commit | 1e156e3b5d4480b77a184344ed01ffcac76185a7 (patch) | |
tree | 44cafad70aaa05e35e828606adc1f6f9064205c4 | |
parent | 237f5df65a21c8da68d13a93eda491917b958114 (diff) | |
parent | f726b6c47689da09e664c173557a53e4467963c9 (diff) |
Merge pull request #146178 from TredwellGit/linux
Kernels 2021-11-15
-rw-r--r-- | nixos/tests/kernel-generic.nix | 1 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/hardened/patches.json | 50 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-5.10.nix | 6 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-5.11.nix | 45 | ||||
-rw-r--r-- | pkgs/top-level/aliases.nix | 2 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 | ||||
-rw-r--r-- | pkgs/top-level/linux-kernels.nix | 13 |
7 files changed, 39 insertions, 80 deletions
diff --git a/nixos/tests/kernel-generic.nix b/nixos/tests/kernel-generic.nix index 3fdd3995b7aa3..45c5c1963a0db 100644 --- a/nixos/tests/kernel-generic.nix +++ b/nixos/tests/kernel-generic.nix @@ -29,6 +29,7 @@ let linux_4_19_hardened linux_5_4_hardened linux_5_10_hardened + linux_5_15_hardened linux_testing; }; diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index f6c95acf4c6fe..1c05b7b77d26e 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,22 +2,22 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.254-hardened1.patch", - "sha256": "1mg4zims7ckb0ddnnahk1cj73lhdh7x7xkjz4cgsvwndw0qvmhdi", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.254-hardened1/linux-hardened-4.14.254-hardened1.patch" + "name": "linux-hardened-4.14.255-hardened1.patch", + "sha256": "0d84jwf9vd86qzxq8aqcyrzmwczf3qh2f7a801qsgzb96fyvakrl", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.255-hardened1/linux-hardened-4.14.255-hardened1.patch" }, - "sha256": "0ihdlsg4jg9wwhhcbjjmrcchnl9pc0szh21nwmbhwnxgqcdmrnfz", - "version": "4.14.254" + "sha256": "1mxjwqijnlvrdbpd973kdycz1dwklfkj9vpnj1cihgsf880q02zh", + "version": "4.14.255" }, "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.216-hardened1.patch", - "sha256": "0a8rg0lc0pj6zlkbrd3fjrjgg3f18918zzs8q4nld092hqjfjbsm", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.216-hardened1/linux-hardened-4.19.216-hardened1.patch" + "name": "linux-hardened-4.19.217-hardened1.patch", + "sha256": "1brx4dvh8acq1r5mbh2a5d95k3n7m4x3jnqnp0s69p3fx9gf1kxh", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.217-hardened1/linux-hardened-4.19.217-hardened1.patch" }, - "sha256": "0cs8yy5jfbvvi5j9f3kzyc4j0fjylxdj1641f53ga6gkmjmayv3d", - "version": "4.19.216" + "sha256": "01500jcjvhbkn7xcan564jw0nnwc12cf8hhvl8118jqqqw612lc5", + "version": "4.19.217" }, "5.10": { "patch": { @@ -32,21 +32,31 @@ "5.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.14.17-hardened1.patch", - "sha256": "08s26hmmaji51aczh9spbg8ngbxz5mr067dgi05djp3cgs2hl5pw", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.14.17-hardened1/linux-hardened-5.14.17-hardened1.patch" + "name": "linux-hardened-5.14.18-hardened1.patch", + "sha256": "1mk159nwkdd1kwsp9l7328x8mk7i5k3sw4nk858zr8izgllqijlp", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.14.18-hardened1/linux-hardened-5.14.18-hardened1.patch" }, - "sha256": "0q7df51yk6di1m8ky0gplkyx6smlr9inxrd569qv3ww3ykg933sd", - "version": "5.14.17" + "sha256": "1pr7qh2wjw7h6r3fixg9ia5r3na7vdb6b4sp9wnbifnqckahzwis", + "version": "5.14.18" + }, + "5.15": { + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-5.15.2-hardened1.patch", + "sha256": "15r7vkflcrj1hxfvhycqfflb3625br10qvn1ixhsv14xxdf3h39c", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.2-hardened1/linux-hardened-5.15.2-hardened1.patch" + }, + "sha256": "0xdi799k15l7l9kxlq4qbp79mp1c38vxal4z4p9l5gl194x06d2n", + "version": "5.15.2" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.158-hardened1.patch", - "sha256": "1pnxwvy5x04b95bfia63916qlrj5mrp2d54dcc4hg5k29vm0z6a5", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.158-hardened1/linux-hardened-5.4.158-hardened1.patch" + "name": "linux-hardened-5.4.159-hardened1.patch", + "sha256": "1hzs6sqdyzddz0qwq4b6c7rcihbjgzq73ng6fma408c27y72d6pi", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.159-hardened1/linux-hardened-5.4.159-hardened1.patch" }, - "sha256": "0ncdkf1iz49458k3dvq3dc5b2r9dp21jsn3ffm9lbhlgvkn8y0bf", - "version": "5.4.158" + "sha256": "0hw68yjf0c8kahwra8hq863318cbyqc89f429z75scmb9rgk466p", + "version": "5.4.159" } } diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index 6ef781f6095ce..c8d42ddda7461 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.73-rt54"; # updated by ./update-rt.sh + version = "5.10.78-rt55"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "0xhf0g5pra27hnavpy0y3mn05m5hqn5rd3d6fx0a3vr35c1jicpd"; + sha256 = "03q5lrv8gr9hnm7984pxi9kwsvxrn21qwykj60amisi2wac6r05y"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0szqm9f939p9z701i5hj881nf5bhfa0a6037bbcz974y0x8g9nmk"; + sha256 = "1wcw682r238qi5jgn5zk9m6j2506p9ypfax13bzhjfyjzz3h98kp"; }; }; in [ rt-patch ] ++ kernelPatches; diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.11.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.11.nix deleted file mode 100644 index 5d1b14f1d0f0a..0000000000000 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.11.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ lib, buildLinux, fetchurl -, kernelPatches ? [ ] -, structuredExtraConfig ? {} -, extraMeta ? {} -, argsOverride ? {} -, ... } @ args: - -let - version = "5.11.4-rt11"; # updated by ./update-rt.sh - branch = lib.versions.majorMinor version; - kversion = builtins.elemAt (lib.splitString "-" version) 0; -in buildLinux (args // { - inherit version; - - # modDirVersion needs a patch number, change X.Y-rtZ to X.Y.0-rtZ. - modDirVersion = if (builtins.match "[^.]*[.][^.]*-.*" version) == null then version - else lib.replaceStrings ["-"] [".0-"] version; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1i8dfw83ndaylwji7lazfckk113plvnz7kh1yppbfg35r6przrc8"; - }; - - kernelPatches = let rt-patch = { - name = "rt"; - patch = fetchurl { - url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1az6cn9jj3bnjgwzzrjy1adnrnn06p2vzsnc1iib4xhs0sfr27hc"; - }; - }; in [ rt-patch ] ++ kernelPatches; - - structuredExtraConfig = with lib.kernel; { - PREEMPT_RT = yes; - # Fix error: unused option: PREEMPT_RT. - EXPERT = yes; # PREEMPT_RT depends on it (in kernel/Kconfig.preempt) - # Fix error: option not set correctly: PREEMPT_VOLUNTARY (wanted 'y', got 'n'). - PREEMPT_VOLUNTARY = lib.mkForce no; # PREEMPT_RT deselects it. - # Fix error: unused option: RT_GROUP_SCHED. - RT_GROUP_SCHED = lib.mkForce (option no); # Removed by sched-disable-rt-group-sched-on-rt.patch. - } // structuredExtraConfig; - - extraMeta = extraMeta // { - inherit branch; - }; -} // argsOverride) diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 62efca5b8d00e..8dc857e4a9856 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -461,7 +461,6 @@ mapAliases ({ linuxPackages_rpi0 = linuxKernel.packages.linux_rpi1; linuxPackages_rt_5_4 = linuxKernel.packages.linux_rt_5_4; linuxPackages_rt_5_10 = linuxKernel.packages.linux_rt_5_10; - linuxPackages_rt_5_11 = linuxKernel.packages.linux_rt_5_11; linuxPackages_rpi1 = linuxKernel.packages.linux_rpi1; linuxPackages_rpi2 = linuxKernel.packages.linux_rpi2; linuxPackages_rpi3 = linuxKernel.packages.linux_rpi3; @@ -489,7 +488,6 @@ mapAliases ({ linux-rt_5_4 = linuxKernel.kernels.linux_rt_5_4; linux_5_10 = linuxKernel.kernels.linux_5_10; linux-rt_5_10 = linuxKernel.kernels.linux_rt_5_10; - linux-rt_5_11 = linuxKernel.kernels.linux_rt_5_11; linux_5_14 = linuxKernel.kernels.linux_5_14; linux_5_15 = linuxKernel.kernels.linux_5_15; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1775134c2bdef..d9ccc75f6eda5 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22120,6 +22120,8 @@ with pkgs; linux_5_10_hardened = linuxKernel.kernels.linux_5_10_hardened; linuxPackages_5_14_hardened = linuxKernel.packages.linux_5_14_hardened; linux_5_14_hardened = linuxKernel.kernels.linux_5_14_hardened; + linuxPackages_5_15_hardened = linuxKernel.packages.linux_5_15_hardened; + linux_5_15_hardened = linuxKernel.kernels.linux_5_15_hardened; # Hardkernel (Odroid) kernels. linuxPackages_hardkernel_latest = linuxKernel.packageAliases.linux_hardkernel_latest; diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix index 8c97a418b295a..e109cca820774 100644 --- a/pkgs/top-level/linux-kernels.nix +++ b/pkgs/top-level/linux-kernels.nix @@ -159,14 +159,6 @@ in { ]; }; - linux_rt_5_11 = callPackage ../os-specific/linux/kernel/linux-rt-5.11.nix { - kernelPatches = [ - kernelPatches.bridge_stp_helper - kernelPatches.request_key_helper - kernelPatches.export-rt-sched-migrate - ]; - }; - linux_5_14 = callPackage ../os-specific/linux/kernel/linux-5.14.nix { kernelPatches = [ kernelPatches.bridge_stp_helper @@ -233,6 +225,7 @@ in { linux_5_4_hardened = hardenedKernelFor kernels.linux_5_4 { }; linux_5_10_hardened = hardenedKernelFor kernels.linux_5_10 { }; linux_5_14_hardened = hardenedKernelFor kernels.linux_5_14 { }; + linux_5_15_hardened = hardenedKernelFor kernels.linux_5_15 { }; })); /* Linux kernel modules are inherently tied to a specific kernel. So @@ -482,7 +475,6 @@ in { # realtime kernel packages linux_rt_5_4 = packagesFor kernels.linux_rt_5_4; linux_rt_5_10 = packagesFor kernels.linux_rt_5_10; - linux_rt_5_11 = packagesFor kernels.linux_rt_5_11; }; rpiPackages = { @@ -506,6 +498,7 @@ in { linux_5_4_hardened = recurseIntoAttrs (hardenedPackagesFor kernels.linux_5_4 { }); linux_5_10_hardened = recurseIntoAttrs (hardenedPackagesFor kernels.linux_5_10 { }); linux_5_14_hardened = recurseIntoAttrs (hardenedPackagesFor kernels.linux_5_14 { }); + linux_5_15_hardened = recurseIntoAttrs (hardenedPackagesFor kernels.linux_5_15 { }); linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen); linux_lqx = recurseIntoAttrs (packagesFor kernels.linux_lqx); @@ -524,7 +517,7 @@ in { linux_latest = packages.linux_5_15; linux_mptcp = packages.linux_mptcp_95; linux_rt_default = packages.linux_rt_5_4; - linux_rt_latest = packages.linux_rt_5_11; + linux_rt_latest = packages.linux_rt_5_10; linux_hardkernel_latest = packages.hardkernel_4_14; }; |