mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-22 15:03:28 +00:00
[Backport release-24.05] Linux Hardened Kernel Updates for 2024-11-06 (#354173)
This commit is contained in:
commit
935ab9ef50
@ -210,7 +210,7 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
|
||||
/nixos/modules/security/lock-kernel-modules.nix @joachifm
|
||||
/nixos/modules/security/misc.nix @joachifm
|
||||
/nixos/tests/hardened.nix @joachifm
|
||||
/pkgs/os-specific/linux/kernel/hardened/config.nix @joachifm
|
||||
/pkgs/os-specific/linux/kernel/hardened/ @fabianhjr @joachifm
|
||||
|
||||
# Home Automation
|
||||
/nixos/modules/services/home-automation/home-assistant.nix @mweinelt
|
||||
|
@ -31,6 +31,7 @@ let
|
||||
linux_5_15_hardened
|
||||
linux_6_1_hardened
|
||||
linux_6_6_hardened
|
||||
linux_6_11_hardened
|
||||
linux_rt_5_4
|
||||
linux_rt_5_10
|
||||
linux_rt_5_15
|
||||
|
@ -12,22 +12,22 @@
|
||||
"5.10": {
|
||||
"patch": {
|
||||
"extra": "-hardened1",
|
||||
"name": "linux-hardened-v5.10.226-hardened1.patch",
|
||||
"sha256": "1vxcr0f3ikkg10wcvq76djxzmhlc6h5fv34xf8vm48wfi7ryajbk",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v5.10.226-hardened1/linux-hardened-v5.10.226-hardened1.patch"
|
||||
"name": "linux-hardened-v5.10.228-hardened1.patch",
|
||||
"sha256": "1fzpiv9gn2krbx2v61j1dzzsdm0qlgps4rjdkzmi8a8fv9g1iq0p",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v5.10.228-hardened1/linux-hardened-v5.10.228-hardened1.patch"
|
||||
},
|
||||
"sha256": "19hwwl5sbya65mch7fwmji2cli9b8796zjqbmkybjrarg1j9m8gn",
|
||||
"version": "5.10.226"
|
||||
"sha256": "0wkvn49sdy9ykyz6cqdqd9yplqfhc6b255w6wc17ky182mzqvk3n",
|
||||
"version": "5.10.228"
|
||||
},
|
||||
"5.15": {
|
||||
"patch": {
|
||||
"extra": "-hardened1",
|
||||
"name": "linux-hardened-v5.15.167-hardened1.patch",
|
||||
"sha256": "1mwww490bf5i1njzyprnamfn8n471r94klgn7wghwi2f5vsn6j9g",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v5.15.167-hardened1/linux-hardened-v5.15.167-hardened1.patch"
|
||||
"name": "linux-hardened-v5.15.170-hardened1.patch",
|
||||
"sha256": "16b3dzfgx737hsr16n9j3v4lr1qrl5vgsjmmcri0szbcd5sm0620",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v5.15.170-hardened1/linux-hardened-v5.15.170-hardened1.patch"
|
||||
},
|
||||
"sha256": "0c6s6l5sz9ibws7bymb393ww0z9i3amsk1yx0bahipz3xhc1yxdi",
|
||||
"version": "5.15.167"
|
||||
"sha256": "1ag7fvixhdcyxv6rqfsvq2wh02g64r4rx8izvfb33nfnld2nangx",
|
||||
"version": "5.15.170"
|
||||
},
|
||||
"5.4": {
|
||||
"patch": {
|
||||
@ -42,21 +42,31 @@
|
||||
"6.1": {
|
||||
"patch": {
|
||||
"extra": "-hardened1",
|
||||
"name": "linux-hardened-v6.1.112-hardened1.patch",
|
||||
"sha256": "1kna12dhs1csg2cd9ixm261pgnc44v7q67njd0z1mnjrk9q1y7n6",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v6.1.112-hardened1/linux-hardened-v6.1.112-hardened1.patch"
|
||||
"name": "linux-hardened-v6.1.115-hardened1.patch",
|
||||
"sha256": "1vly83nqpridysywj8aby6pmzjgz7jlk6ni957s9v05gfkvf906l",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v6.1.115-hardened1/linux-hardened-v6.1.115-hardened1.patch"
|
||||
},
|
||||
"sha256": "094z3wfcxqx2rbi072i5frshpy6rdvk39aahwm9nc07vc8sxxn4b",
|
||||
"version": "6.1.112"
|
||||
"sha256": "0vxs6zj4p0ihcp11h3svqy3wa1yph0f1vzc8dlvqh60zgs1bmn0g",
|
||||
"version": "6.1.115"
|
||||
},
|
||||
"6.11": {
|
||||
"patch": {
|
||||
"extra": "-hardened1",
|
||||
"name": "linux-hardened-v6.11.6-hardened1.patch",
|
||||
"sha256": "0g5drxsknvhcd80s1mwmbbc9d3v3qpj4c7rha95ygzwxidvagr9f",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v6.11.6-hardened1/linux-hardened-v6.11.6-hardened1.patch"
|
||||
},
|
||||
"sha256": "1kiky6viwrgm47slpv234lfq1wrwj29p5rx168gix3q0jw0zcm69",
|
||||
"version": "6.11.6"
|
||||
},
|
||||
"6.6": {
|
||||
"patch": {
|
||||
"extra": "-hardened1",
|
||||
"name": "linux-hardened-v6.6.53-hardened1.patch",
|
||||
"sha256": "09i25qrn18psyrzr8srav4zcbyqmn2z8ycfk9fix2pdfxsaxl8h9",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v6.6.53-hardened1/linux-hardened-v6.6.53-hardened1.patch"
|
||||
"name": "linux-hardened-v6.6.59-hardened1.patch",
|
||||
"sha256": "1vdyryd0m9rr0z2pznq6jyxbdhy4w4x85c37gfl4sbbcs9549gnw",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v6.6.59-hardened1/linux-hardened-v6.6.59-hardened1.patch"
|
||||
},
|
||||
"sha256": "0yfpyiz57wz9rkwif6n3k2n87waw46ad0h7h0pwhnar53cfihp98",
|
||||
"version": "6.6.53"
|
||||
"sha256": "0vd76ccd4li4wsg04gc4nai9f4y1nknz967qby0i53y0v046hq93",
|
||||
"version": "6.6.59"
|
||||
}
|
||||
}
|
||||
|
@ -27314,6 +27314,8 @@ with pkgs;
|
||||
linux_6_1_hardened = linuxKernel.kernels.linux_6_1_hardened;
|
||||
linuxPackages_6_6_hardened = linuxKernel.packages.linux_6_6_hardened;
|
||||
linux_6_6_hardened = linuxKernel.kernels.linux_6_6_hardened;
|
||||
linuxPackages_6_11_hardened = linuxKernel.packages.linux_6_11_hardened;
|
||||
linux_6_11_hardened = linuxKernel.kernels.linux_6_11_hardened;
|
||||
|
||||
# GNU Linux-libre kernels
|
||||
linuxPackages-libre = linuxKernel.packages.linux_libre;
|
||||
|
@ -260,6 +260,7 @@ in {
|
||||
linux_5_15_hardened = hardenedKernelFor kernels.linux_5_15 { };
|
||||
linux_6_1_hardened = hardenedKernelFor kernels.linux_6_1 { };
|
||||
linux_6_6_hardened = hardenedKernelFor kernels.linux_6_6 { };
|
||||
linux_6_11_hardened = hardenedKernelFor kernels.linux_6_11 { };
|
||||
|
||||
} // lib.optionalAttrs config.allowAliases {
|
||||
linux_4_9 = throw "linux 4.9 was removed because it will reach its end of life within 22.11";
|
||||
@ -662,6 +663,7 @@ in {
|
||||
linux_5_15_hardened = recurseIntoAttrs (packagesFor kernels.linux_5_15_hardened);
|
||||
linux_6_1_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_1_hardened);
|
||||
linux_6_6_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_6_hardened);
|
||||
linux_6_11_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_11_hardened);
|
||||
|
||||
linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen);
|
||||
linux_lqx = recurseIntoAttrs (packagesFor kernels.linux_lqx);
|
||||
|
Loading…
Reference in New Issue
Block a user