diff options
author | Fabián Heredia Montiel <fabianhjr@protonmail.com> | 2023-11-13 14:31:51 -0600 |
---|---|---|
committer | Fabián Heredia Montiel <fabianhjr@protonmail.com> | 2023-11-13 14:31:51 -0600 |
commit | 884449105ea418fb8d205c0e1cd37a32b49c18db (patch) | |
tree | 20dce878c7b27691383a4da487379b4a04eb81ba /pkgs/os-specific/linux/kernel | |
parent | c1eb661271bf5c3e0baa7b32ebd9d455883d95d0 (diff) | |
parent | 5c6e85ee472d37c904dd43f8f76b680602b9128f (diff) |
Merge remote-tracking branch 'origin/master' into staging-next
Diffstat (limited to 'pkgs/os-specific/linux/kernel')
-rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 8 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/kernels-org.json | 4 | ||||
-rw-r--r-- | pkgs/os-specific/linux/kernel/linux-rt-5.10.nix | 6 |
3 files changed, 12 insertions, 6 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 8ca01c5be4ff0..2954ee8f78b90 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -562,6 +562,13 @@ let KEYS_REQUEST_CACHE = whenAtLeast "5.3" yes; # randomized slab caches RANDOM_KMALLOC_CACHES = whenAtLeast "6.6" yes; + + # NIST SP800-90A DRBG modes - enabled by most distributions + # and required by some out-of-tree modules (ShuffleCake) + # This does not include the NSA-backdoored Dual-EC mode from the same NIST publication. + CRYPTO_DRBG_HASH = yes; + CRYPTO_DRBG_CTR = yes; + } // optionalAttrs stdenv.hostPlatform.isx86_64 { # Enable Intel SGX X86_SGX = whenAtLeast "5.11" yes; @@ -715,7 +722,6 @@ let ZSWAP = option yes; ZPOOL = yes; ZBUD = option yes; - ZSMALLOC = module; }; brcmfmac = { diff --git a/pkgs/os-specific/linux/kernel/kernels-org.json b/pkgs/os-specific/linux/kernel/kernels-org.json index c16aa954e6458..94ab60aa67b99 100644 --- a/pkgs/os-specific/linux/kernel/kernels-org.json +++ b/pkgs/os-specific/linux/kernel/kernels-org.json @@ -1,7 +1,7 @@ { "testing": { - "version": "6.6-rc7", - "hash": "sha256:1zzd32ya4hldfywicgpnc2cyd412s7q9c31qvxx2nl9nkx11xsxv" + "version": "6.7-rc1", + "hash": "sha256:1a071vvmm08sp48d0arqzcmqnz5xdb1vflfhxcqwmpzaabjrgadk" }, "6.5": { "version": "6.5.11", diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index 3f2efbb87e83a..65ca352b53b89 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.197-rt96"; # updated by ./update-rt.sh + version = "5.10.199-rt97"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -17,14 +17,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1awkm7lln5gf6kld9z5h4mg39bd778jsdswwlwb7iv7bn03lafhq"; + sha256 = "1h944syk7n6c4j1djlx19n77alzwbxcdza77c9ykicgfynhpgsm0"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "0pd1yhr154zl5jfmchzdfv27cbnn8h23x7am0dmqwr1ylwg4bvbi"; + sha256 = "13k7md0a63q4r5vqqvbszmg3kzp5np0hdaj1siyl4yvs9j78d03s"; }; }; in [ rt-patch ] ++ kernelPatches; |