commit aab71b31d5030bea94804d3677a3ffbc60e1876a · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

linux: patch CVE-2017-1000364 (stack clash)

Franz Pletz 8 years ago aab71b31 16aa9230

+21

2 changed files

expand all

unified split

pkgs

os-specific

linux

kernel

patches.nix

top-level

all-packages.nix

+19

pkgs/os-specific/linux/kernel/patches.nix

··· 156 156 sha256 = "10dmv3d3gj8rvj9h40js4jh8xbr5wyaqiy0kd819mya441mj8ll2"; 157 157 }; 158 158 }; 159 + 160 + # CVE-2017-1000364 (stack clash) 161 + mm_larger_stack_guard_gap_4_9 = rec 162 + { name = "mm-larger-stack-guard-gap-between-vmas.patch"; 163 + patch = fetchpatch { 164 + inherit name; 165 + url = "https://anonscm.debian.org/cgit/kernel/linux.git/plain/debian/patches/bugfix/all/mm-enlarge-stack-guard-gap.patch?h=debian/4.9.30-2%2bdeb9u1_bpo8%2b1"; 166 + sha256 = "0bl7w1zgcy691avp54p6mvzdam6snrb7pz3hywsf2g2mcxjkyja5"; 167 + }; 168 + }; 169 + 170 + mm_larger_stack_guard_gap_4_11 = rec 171 + { name = "mm-larger-stack-guard-gap-between-vmas.patch"; 172 + patch = fetchpatch { 173 + inherit name; 174 + url = "https://anonscm.debian.org/cgit/kernel/linux.git/plain/debian/patches/bugfix/all/mm-larger-stack-guard-gap-between-vmas.patch?h=debian/4.11.6-1"; 175 + sha256 = "19bakn3119v5jkhh4w7x3d50py9an1w8h7v3mmy7y2l2agj4mn3i"; 176 + }; 177 + }; 159 178 }

pkgs/top-level/all-packages.nix

··· 11905 11905 kernelPatches.p9_fixes 11906 11906 kernelPatches.cpu-cgroup-v2."4.9" 11907 11907 kernelPatches.modinst_arg_list_too_long 11908 + kernelPatches.mm_larger_stack_guard_gap_4_9 11908 11909 ] 11909 11910 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11910 11911 [ kernelPatches.mips_fpureg_emu ··· 11921 11922 # when adding a new linux version 11922 11923 kernelPatches.cpu-cgroup-v2."4.11" 11923 11924 kernelPatches.modinst_arg_list_too_long 11925 + kernelPatches.mm_larger_stack_guard_gap_4_11 11924 11926 ] 11925 11927 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11926 11928 [ kernelPatches.mips_fpureg_emu