Commit Graph

12597 Commits

Author SHA1 Message Date
Tim Steinbach
bb15fa7427
linux: 5.10-rc3 -> 5.10-rc4 2020-11-16 12:33:28 -05:00
Florian Klink
462c5b26c5
Merge pull request #103966 from flokli/kernel-enable-ipv6
kernel config: explicitly enable CONFIG_IPV6
2020-11-16 16:32:50 +01:00
Florian Klink
13be37662d kernel config: explicitly enable CONFIG_IPV6
We currently build CONFIG_IPV6=m.

This seems to be not really well-supported in mainline kernels - see
https://lore.kernel.org/netdev/20201115224509.2020651-1-flokli@flokli.de/T/#u

Compiling it as a module doesn't give too much benefit - even for people
who did explicitly set `enableIPv6` to false, the `ipv6` module was
still loaded, as soon as another module was loaded that requires it
(bridge,br_netfilter,wireguard,ip6table_mangle,sctp,…).

By compiling it in, we only loose the possibility to not add it to
`boot.kernelModules` anymore (as it's part of the kernel directly). The
space savings are negligible.

People wanting to disable IPv6 still get the appropriate sysctls and
options set (while having the kernel code loaded), nothing is really
changing here.
2020-11-16 13:07:49 +01:00
Frederik Rietdijk
986c2d36da Merge master into staging-next 2020-11-16 09:01:53 +01:00
Daniel Fox Franke
2fa89880cb
nvidia-x11: 455.28 -> 455.38 (#103830) 2020-11-14 20:45:41 -05:00
Tim Steinbach
0c0b533fa7
linux-rt_5_4: 5.4.74-rt42 -> 5.4.77-rt43 2020-11-14 15:21:48 -05:00
Mario Rodas
d2d4d04ced
Merge pull request #103678 from r-ryantm/auto-update/forkstat
forkstat: 0.02.15 -> 0.02.16
2020-11-13 21:09:23 -05:00
Frederik Rietdijk
9fc4a4db5a Merge staging-next into staging 2020-11-13 20:59:08 +01:00
Frederik Rietdijk
463f738cc6 Merge master into staging-next 2020-11-13 20:58:35 +01:00
Jonathan Ringer
f525d54c55 zfsUnstable: 2.0.0-rc5 -> 2.0.0-rc6 2020-11-13 09:31:18 -08:00
Tim Steinbach
c9845cdaed
linux: 5.10-rc2 -> 5.10-rc3 2020-11-13 11:33:33 -05:00
Tim Steinbach
eb64d1518f
linux-rt_5_4: 5.4.74-rt41 -> 5.4.74-rt42 2020-11-13 09:28:18 -05:00
Andreas Rammhold
df620fd81a
Merge pull request #103637 from mweinelt/intelMicrocode
microcodeIntel: 20201110 -> 20201112
2020-11-13 15:20:50 +01:00
R. RyanTM
568d95e11e forkstat: 0.02.15 -> 0.02.16 2020-11-13 10:12:04 +00:00
Jörg Thalheim
440c5808a1
Merge pull request #103006 from Mic92/bcc
linuxPackages.bcc: 0.16.0 -> 0.17.0
2020-11-13 08:37:12 +01:00
Mario Rodas
53402d6981
Merge pull request #103640 from r-ryantm/auto-update/criu
criu: 3.14 -> 3.15
2020-11-12 20:32:47 -05:00
Jonas Chevalier
a7cb88c3de
tree-wide: unify Bash completions outputs (#103421)
Use $out/share/bash-completion/completions to store the Bash completions
2020-11-12 21:22:18 +00:00
Matthieu Coudron
2bbfa82c2f
Merge pull request #103232 from teto/mptcp_official
linux_mptcp_5_9: init upstream multipath TCP at 5.9
2020-11-12 22:15:02 +01:00
R. RyanTM
fb0f4c5652 criu: 3.14 -> 3.15 2020-11-12 20:03:56 +00:00
Martin Weinelt
eaf889aea0 microcodeIntel: 20201110 -> 20201112
Update to Pentium Silver N/J5xxx, Celeron N/J4xxx

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html

Fixes: CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
2020-11-12 20:09:49 +01:00
Matthieu Coudron
db215ca08d linux_mptcp_94: remove (outdated)
few years old by now, use linux_mptcp_95 instead.
2020-11-12 18:51:18 +01:00
Andreas Rammhold
4acaee2cb1
Merge pull request #103450 from mweinelt/intel-microcode
microcodeIntel: 20200616 -> 20201110
2020-11-12 17:12:55 +01:00
Justin Humm
6b9f23267e
linuxPackages.wireguard: 1.0.20200908 -> 1.0.20201112 2020-11-12 13:10:20 +01:00
R. RyanTM
aec6a8069f pcm: 202009 -> 202010 2020-11-11 14:54:20 -08:00
Tim Steinbach
413237b4ed
linux/hardened/patches/5.9: 5.9.7.a -> 5.9.8.a 2020-11-11 15:43:18 -05:00
Tim Steinbach
feab19926f
linux/hardened/patches/5.4: 5.4.76.a -> 5.4.77.a 2020-11-11 15:43:18 -05:00
Tim Steinbach
7bfbd07c06
linux/hardened/patches/4.19: 4.19.156.a -> 4.19.157.a 2020-11-11 15:43:18 -05:00
Tim Steinbach
6322425d0c
linux/hardened/patches/4.14: 4.14.205.a -> 4.14.206.a 2020-11-11 15:43:17 -05:00
Tim Steinbach
470f86b851
linux: 5.9.7 -> 5.9.8 2020-11-11 15:43:17 -05:00
Tim Steinbach
193f7a49fe
linux: 5.4.76 -> 5.4.77 2020-11-11 15:43:16 -05:00
Tim Steinbach
3b27759e52
linux: 4.9.242 -> 4.9.243 2020-11-11 15:43:16 -05:00
Tim Steinbach
f4ce75d98d
linux: 4.4.242 -> 4.4.243 2020-11-11 15:43:15 -05:00
Tim Steinbach
08a59efe79
linux: 4.19.156 -> 4.19.157 2020-11-11 15:43:15 -05:00
Tim Steinbach
399acdc934
linux: 4.14.205 -> 4.14.206 2020-11-11 15:43:15 -05:00
Frederik Rietdijk
4076ffe580 Merge staging-next into staging 2020-11-11 16:00:34 +01:00
Tim Steinbach
e7fa508f85
linux/hardened/patches/5.9: 5.9.6.a -> 5.9.7.a 2020-11-11 09:32:04 -05:00
Tim Steinbach
7420461d12
linux/hardened/patches/5.4: 5.4.75.a -> 5.4.76.a 2020-11-11 09:32:04 -05:00
Tim Steinbach
362d24c7ee
linux/hardened/patches/4.19: 4.19.155.a -> 4.19.156.a 2020-11-11 09:32:04 -05:00
Tim Steinbach
8e364d518b
linux/hardened/patches/4.14: 4.14.204.a -> 4.14.205.a 2020-11-11 09:32:03 -05:00
Tim Steinbach
3be8a4483a
linux_latest-libre: 17744 -> 17762 2020-11-11 09:32:03 -05:00
Martin Weinelt
a79902f23e
microcodeIntel: 20200616 -> 20201110
Release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20201110

Security advisories:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html

Fixes: CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
2020-11-11 14:25:23 +01:00
Ivan Kozik
c945b47a25 linuxPackages.wireguard: fix the build on linux 5.4.76
Patch copied from https://github.com/archlinux/svntogit-packages/blob/packages/wireguard-dkms/trunk/lts.diff

This fixes:

```
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:44: warning: "SYM_FUNC_START" redefined
   44 | #define SYM_FUNC_START ENTRY
      |
In file included from /build/source/src/compat/compat-asm.h:9,
                 from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:218: note: this is the location of the previous definition
  218 | #define SYM_FUNC_START(name)    \
      |
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:45: warning: "SYM_FUNC_END" redefined
   45 | #define SYM_FUNC_END ENDPROC
      |
In file included from /build/source/src/compat/compat-asm.h:9,
                 from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:265: note: this is the location of the previous definition
  265 | #define SYM_FUNC_END(name)    \
      |
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S: Assembler messages:
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:50: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:176: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:180: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:257: Error: invalid character '(' in mnemonic
make[3]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/scripts/Makefile.build:348: /build/source/src/crypto/zinc/blake2s/blake2s-x86_64.o] Error 1
make[3]: *** Waiting for unfinished jobs....
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:44: warning: "SYM_FUNC_START" redefined
   44 | #define SYM_FUNC_START ENTRY
      |
In file included from /build/source/src/compat/compat-asm.h:9,
                 from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:218: note: this is the location of the previous definition
  218 | #define SYM_FUNC_START(name)    \
      |
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:45: warning: "SYM_FUNC_END" redefined
   45 | #define SYM_FUNC_END ENDPROC
      |
In file included from /build/source/src/compat/compat-asm.h:9,
                 from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:265: note: this is the location of the previous definition
  265 | #define SYM_FUNC_END(name)    \
      |
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S: Assembler messages:
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:123: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:185: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:187: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:319: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1016: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1616: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1620: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1810: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1812: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1959: Error: invalid character '(' in mnemonic
make[3]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/scripts/Makefile.build:348: /build/source/src/crypto/zinc/chacha20/chacha20-x86_64.o] Error 1
make[2]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/Makefile:1729: /build/source/src] Error 2
make[1]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/Makefile:179: sub-make] Error 2
make: *** [Makefile:26: module] Error 2
builder for '/nix/store/hll3sjyrwa55arzlsxnbacqdd8s842l1-wireguard-1.0.20200908.drv' failed with exit code 2
```
2020-11-10 23:23:35 -08:00
Jan Tojnar
23b939cfc3
fwupd: Fix build
Few new files are trying to be installed to /etc.

Fixes: https://github.com/NixOS/nixpkgs/issues/103365
2020-11-11 01:07:27 +01:00
Graham Christensen
f9121be82e
Merge pull request #103307 from grahamc/zfs-scripts
zfs: extend zpool scripts with :$PATH, remove sudo
2020-11-10 10:20:02 -05:00
Tim Steinbach
589bf72e97
linux: 5.9.6 -> 5.9.7 2020-11-10 09:11:56 -05:00
Tim Steinbach
8aa3123f33
linux: 5.4.75 -> 5.4.76 2020-11-10 09:11:55 -05:00
Tim Steinbach
e696d5466c
linux: 4.9.241 -> 4.9.242 2020-11-10 09:11:55 -05:00
Tim Steinbach
48d83292f8
linux: 4.4.241 -> 4.4.242 2020-11-10 09:11:55 -05:00
Tim Steinbach
8f6733ca48
linux: 4.19.155 -> 4.19.156 2020-11-10 09:11:54 -05:00
Tim Steinbach
3c25cf4d13
linux: 4.14.204 -> 4.14.205 2020-11-10 09:11:51 -05:00
R. RyanTM
3ffd4b446f iptables: 1.8.5 -> 1.8.6 2020-11-10 15:06:39 +01:00
Graham Christensen
b3d4f5dada
zfs: extend zpool scripts with :$PATH, remove sudo
sudo the package is not suid, so remove it from the PATH. Extend
PATH with $PATH to fetch sudo from the outer PATH. Move the generation
of `path` in to Nix, so the sed expression can use single quotes,
which prevents $PATH being interpolated at build-time.
2020-11-10 08:50:22 -05:00
Frederik Rietdijk
379aaa1e0c Merge master into staging-next 2020-11-10 10:11:08 +01:00
Peter Hoeg
de2112c03d bolt: 0.8 -> 0.9 2020-11-10 08:09:47 +08:00
Jan Tojnar
3a5ba30c13 fwupd: 1.4.6 → 1.5.1
* https://github.com/fwupd/fwupd/releases/tag/1.5.0
* https://github.com/fwupd/fwupd/releases/tag/1.5.1

* The changelog mentions removed dependency on efivar but we still need the package because it also contains efiboot required dependency. https://github.com/fwupd/fwupd/pull/2485
* Blacklist options were renamed.
* Test firmware was moved to a separate repo. We need to install it or some tests will be skipped. https://github.com/fwupd/fwupd/pull/2330
* Initially, there was an option to configure dbx but in the end, it was removed in favour of bespoke dbxtool. https://github.com/fwupd/fwupd/pull/2061, https://github.com/fwupd/fwupd/pull/2318, https://github.com/fwupd/fwupd/pull/2329
* Fwupd now checks hashes of plug-ins and will complain loudly that it is tainted when “invalid” plug-in is loaded (during testing).
* Installed tests complain about not being able to access cdn, even though we are not setting CI_NETWORK env var. We need a patch to fix that.
2020-11-09 22:50:17 +01:00
Martin Weinelt
7a2455a0fd
batman-adv: 2020.3 -> 2020.4 2020-11-09 22:24:11 +01:00
Markus S. Wamser
9ed8e03a09 mupdf: mark 1.17 as insecure but as still required as dependency 2020-11-09 09:57:38 -08:00
Frederik Rietdijk
20f001c01e Merge master into staging-next 2020-11-09 14:33:52 +01:00
Daniël de Kok
a5736eca8e
Merge pull request #102680 from r-ryantm/auto-update/pcm
pcm: 202008 -> 202009
2020-11-09 13:54:41 +01:00
Alyssa Ross
8f5ac08f55
Merge pull request #102381 from MetaDark/linuxPackages.xpadneo
linuxPackages.xpadneo: 0.8.3 -> 0.8.4
2020-11-09 12:22:22 +00:00
snicket2100
cd1c5633af firejail: 0.9.62 -> 0.9.64 2020-11-08 23:25:59 +01:00
Michael Raskin
e1e5d73c9a
Merge pull request #103081 from andresilva/linux-zen-5.9.6
linux_zen: 5.9.3 -> 5.9.6
2020-11-08 17:15:42 +00:00
markuskowa
e447841b12
Merge pull request #103132 from markuskowa/upd-rdma-core
rdma-core: 31.0 -> 31.1
2020-11-08 18:06:05 +01:00
Tim Steinbach
b1bd4c09ad
Merge pull request #103028 from TredwellGit/firmwareLinuxNonfree
firmwareLinuxNonfree: 2020-09-18 -> 2020-10-22
2020-11-08 11:03:05 -05:00
Markus Kowalewski
545456ddca
rdma-core: 31.0 -> 31.1 2020-11-08 15:10:08 +01:00
André Silva
0c131ae118
linux_zen: 5.9.3 -> 5.9.6 2020-11-07 13:20:38 +00:00
Phillip Cloud
0a2f47b51b nvidia_x11.persistenced: fix build on master 2020-11-06 11:06:18 -08:00
TredwellGit
7ff16d8155 firmwareLinuxNonfree: 2020-09-18 -> 2020-10-22 2020-11-06 18:28:28 +00:00
Frederik Rietdijk
99fb79ae84 Merge master into staging-next 2020-11-06 12:51:56 +01:00
Jörg Thalheim
5a540a8996
linuxPackages.bcc: 0.16.0 -> 0.17.0 2020-11-06 10:06:34 +01:00
Peter Hoeg
11fc055836 pam_mount: add support for LUKS2 2020-11-06 10:19:36 +08:00
Anders Kaseorg
d57891889d linux/hardened/patches/5.9: 5.9.1.a -> 5.9.6.a 2020-11-05 16:24:43 -08:00
Anders Kaseorg
8bf8b61c2d linux/hardened/patches/5.8: 5.8.16.a -> 5.8.18.a 2020-11-05 16:24:42 -08:00
Anders Kaseorg
f9d1130ae9 linux/hardened/patches/5.4: 5.4.72.a -> 5.4.75.a 2020-11-05 16:24:40 -08:00
Anders Kaseorg
22387315b6 linux/hardened/patches/4.19: 4.19.152.a -> 4.19.155.a 2020-11-05 16:24:39 -08:00
Anders Kaseorg
a435637e66 linux/hardened/patches/4.14: 4.14.202.a -> 4.14.204.a 2020-11-05 16:24:37 -08:00
Tim Steinbach
76d4a93444
linux: 5.9.5 -> 5.9.6 2020-11-05 17:28:15 -05:00
Jonathan Ringer
5d9ea37fd3 zfsUnstable: 2.0.0-rc4 -> 2.0.0-rc5 2020-11-05 08:05:05 -08:00
Tim Steinbach
eeb8ffabbd
linux: 5.9.3 -> 5.9.5 2020-11-05 09:51:05 -05:00
Tim Steinbach
3b7197307b
linux: 5.4.74 -> 5.4.75 2020-11-05 09:51:05 -05:00
Tim Steinbach
5fe041997e
linux: 4.19.154 -> 4.19.155 2020-11-05 09:51:05 -05:00
Tim Steinbach
41b4c2d11b
linux: 4.14.203 -> 4.14.204 2020-11-05 09:51:02 -05:00
Timo Kaufmann
16e34d25fd
Merge pull request #93620 from lovesegfault/fix-r8168
kernelPackages.r8168: 8.047.04 -> 8.048.03
2020-11-05 09:43:53 +01:00
Jan Tojnar
a821be7531
Merge branch 'master' into staging-next 2020-11-05 09:42:47 +01:00
Ryan Mulligan
d1d2a00652
Merge pull request #102696 from r-ryantm/auto-update/pam_gnupg
pam_gnupg: 0.1 -> 0.2
2020-11-04 06:16:19 -08:00
Frederik Rietdijk
49cd7307d0
Merge pull request #101207 from NixOS/staging-next
Staging next
2020-11-04 10:48:08 +01:00
ajs124
c30745e053
open-iscsi: install systemd files (#97793) 2020-11-04 09:30:03 +01:00
Frederik Rietdijk
10c57af49c Merge staging-next into staging 2020-11-04 09:28:07 +01:00
Frederik Rietdijk
9e6d7d3c74 Merge master into staging-next 2020-11-04 09:27:42 +01:00
R. RyanTM
0e3c2cd8c0 pam_gnupg: 0.1 -> 0.2 2020-11-04 02:49:33 +00:00
R. RyanTM
4e1db3daf0 pcm: 202008 -> 202009 2020-11-04 00:18:43 +00:00
Finn Behrens
7787fd2413 systemd: Add an option for homed
This is disabled by default to indicate that is hasn't been adiquately
tested with NixOS yet.
2020-11-03 17:35:26 -05:00
R. RyanTM
bc8715adbb lxcfs: 4.0.5 -> 4.0.6 2020-11-03 09:18:52 -08:00
R. RyanTM
a765199f1e i2c-tools: 4.1 -> 4.2 2020-11-03 08:56:06 -08:00
R. RyanTM
f3096f3400 ipset: 7.6 -> 7.7 2020-11-03 08:52:51 -08:00
Tim Steinbach
b7880ce6ec
linux-rt_5_4: 5.4.70-rt40 -> 5.4.74-rt41 2020-11-03 10:54:25 -05:00
Tim Steinbach
f652a024bb
linux: 5.9.2 -> 5.9.3 2020-11-03 10:54:25 -05:00
Tim Steinbach
7e9c6235f1
linux: 5.8.17 -> 5.8.18 2020-11-03 10:54:24 -05:00
Tim Steinbach
f249558f95
linux: 5.4.73 -> 5.4.74 2020-11-03 10:54:21 -05:00
Tim Steinbach
5030e5cdc7
linux: 5.10-rc1 -> 5.10-rc2 2020-11-03 08:47:16 -05:00