commit 02330920cffbbcdf4025ac1de48b4f0f31bcb800 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #142936 from michael-swan/master

authored by Sandro and committed by GitHub 4 years ago 02330920 22ff13ad

+12 -16

2 changed files

expand all

unified split

pkgs

os-specific

linux

checksec

0001-attempt-to-modprobe-config-before-checking-kernel.patch

default.nix

+10 -14

pkgs/os-specific/linux/checksec/0001-attempt-to-modprobe-config-before-checking-kernel.patch

··· 1 - From 6503848d9e0eb009e5f462116a963beacb208930 Mon Sep 17 00:00:00 2001 1 + From 5cfb08effd21d9278e3eb8901c85112a331c3181 Mon Sep 17 00:00:00 2001 2 2 From: Austin Seipp <aseipp@pobox.com> 3 - Date: Thu, 20 Feb 2014 00:11:44 -0600 3 + Date: Tue, 26 Oct 2021 09:23:07 +0000 4 4 Subject: [PATCH] attempt to 'modprobe config' before checking kernel 5 5 6 - Signed-off-by: Austin Seipp <aseipp@pobox.com> 7 6 --- 8 - checksec.sh | 3 ++- 9 - 1 file changed, 2 insertions(+), 1 deletion(-) 7 + checksec | 1 + 8 + 1 file changed, 1 insertion(+) 10 9 11 10 diff --git a/checksec b/checksec 12 - index dd1f72e..63acc29 100644 11 + index 5536250..895073b 100755 13 12 --- a/checksec 14 13 +++ b/checksec 15 - @@ -676,7 +676,8 @@ kernelcheck() { 16 - echo_message " userspace processes, this option lists the status of kernel configuration\n" '' '' '' 14 + @@ -1059,6 +1059,7 @@ kernelcheck() { 17 15 echo_message " options that harden the kernel itself against attack.\n\n" '' '' '' 18 16 echo_message " Kernel config:\n" '' '' '{ "kernel": ' 19 - - 20 - + 17 + 21 18 + modprobe configs 2> /dev/null 22 - if [[ ! "${1}" == "" ]] ; then 19 + if [[ ! "${1}" == "" ]]; then 23 20 kconfig="cat ${1}" 24 - echo_message " Warning: The config ${1} on disk may not represent running kernel config!\n\n" "${1}" "<kernel config=\"${1}\"" "{ \"KernelConfig\":\"${1}\"," 25 - # update the architecture based on the config rather than the system 21 + echo_message " Warning: The config ${1} on disk may not represent running kernel config!\n\n" "${1}" "<kernel config=\"${1}\"" "{ \"KernelConfig\":\"${1}\"" 26 22 -- 27 - 1.8.3.2 23 + 2.33.0 28 24

+2 -2

pkgs/os-specific/linux/checksec/default.nix

··· 4 4 5 5 stdenv.mkDerivation rec { 6 6 pname = "checksec"; 7 - version = "2.4.0"; 7 + version = "2.5.0"; 8 8 9 9 src = fetchFromGitHub { 10 10 owner = "slimm609"; 11 11 repo = "checksec.sh"; 12 12 rev = version; 13 - sha256 = "1gbbq85d3g3mnm3xvgvi2085aba7qc3cmsbwn76al50ax1518j2q"; 13 + sha256 = "sha256-GxWXocz+GCEssRrIQP6E9hjVIhVh2EmZrefELxQlV1Q="; 14 14 }; 15 15 16 16 patches = [ ./0001-attempt-to-modprobe-config-before-checking-kernel.patch ];