pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #273841 from LibreCybernetics/update-linux-hardened

Linux hardened kernel updates for 2023-12-12

authored by Maximilian Bosch and committed by GitHub aef29dd4 c22287a8

+46 -42
unified split
+42 -42
pkgs/os-specific/linux/kernel/hardened/patches.json
··· 2 2 "4.14": { 3 3 "patch": { 4 4 "extra": "-hardened1", 5 - "name": "linux-hardened-4.14.328-hardened1.patch", 6 - "sha256": "1qq2l4nwhxgl4drx6isc1ly892kffjq4hqb4zadqs6sxvsdm7x57", 7 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.328-hardened1/linux-hardened-4.14.328-hardened1.patch" 5 + "name": "linux-hardened-4.14.332-hardened1.patch", 6 + "sha256": "1nda3z8hkyfw53dzk1v5zwpzhm75gizsixfmrh8ylaghhk5s8yw3", 7 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.332-hardened1/linux-hardened-4.14.332-hardened1.patch" 8 8 }, 9 - "sha256": "1igcpvnhwwrczfdsafmszvi0456k7f6j4cgpfw6v6afw09p95d8x", 10 - "version": "4.14.328" 9 + "sha256": "1f4q0acbp917myjmgiy4haxp78yak5h1rj5g937r6mkykwb6nb14", 10 + "version": "4.14.332" 11 11 }, 12 12 "4.19": { 13 13 "patch": { 14 14 "extra": "-hardened1", 15 - "name": "linux-hardened-4.19.297-hardened1.patch", 16 - "sha256": "1qj09bynl7ml880xpc2956jn0b1gmm77yf3jc45v3jq3610jhna4", 17 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.297-hardened1/linux-hardened-4.19.297-hardened1.patch" 15 + "name": "linux-hardened-4.19.301-hardened1.patch", 16 + "sha256": "0arlwp0g4anqlnivyc8y6rq9mhq1ivmy4i0d8kqvwpc2b3wcc525", 17 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.301-hardened1/linux-hardened-4.19.301-hardened1.patch" 18 18 }, 19 - "sha256": "0c9xxqgv2i36hrr06dwz7f3idc04xpv0a5pxg08xdh03cnyf12cx", 20 - "version": "4.19.297" 19 + "sha256": "1fr05fl8fyyjgsqj8fppd5v378d7sazvpqlq4sl875851fd9nmb2", 20 + "version": "4.19.301" 21 21 }, 22 22 "5.10": { 23 23 "patch": { 24 24 "extra": "-hardened1", 25 - "name": "linux-hardened-5.10.199-hardened1.patch", 26 - "sha256": "10vwd5wygfnxpbz15bq56pjygba3vqqal0d7xry2bch4p444pp5f", 27 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.199-hardened1/linux-hardened-5.10.199-hardened1.patch" 25 + "name": "linux-hardened-5.10.203-hardened1.patch", 26 + "sha256": "19inx95ynyzhh2h9xdg2yw4yfa5nfcw2dh2a7vw4mf0bqdv2iqvc", 27 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.203-hardened1/linux-hardened-5.10.203-hardened1.patch" 28 28 }, 29 - "sha256": "1h944syk7n6c4j1djlx19n77alzwbxcdza77c9ykicgfynhpgsm0", 30 - "version": "5.10.199" 29 + "sha256": "0xr8p7kfr1v3s41fv55ph0l8d9s2p146dl2fh3r2y09lrvwwxssn", 30 + "version": "5.10.203" 31 31 }, 32 32 "5.15": { 33 33 "patch": { 34 34 "extra": "-hardened1", 35 - "name": "linux-hardened-5.15.137-hardened1.patch", 36 - "sha256": "19gs1w380qgvazwjwhxypizpfx71faa7hsji0x5cgyw6vxhi6l1b", 37 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.137-hardened1/linux-hardened-5.15.137-hardened1.patch" 35 + "name": "linux-hardened-5.15.142-hardened1.patch", 36 + "sha256": "0x4bsf638rrdrp9b389i6nlprwsfc25qpld50yfcjinqhiykd269", 37 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.142-hardened1/linux-hardened-5.15.142-hardened1.patch" 38 38 }, 39 - "sha256": "1xxjbxldrhmnh2q6rykpxyfbj8xqgl82q30n8sfavrzr14bb4jcp", 40 - "version": "5.15.137" 39 + "sha256": "0xjn16b02f8d6c0m8vrbmk85kdyfy8m46s80rnkb0nnwfx9cjxld", 40 + "version": "5.15.142" 41 41 }, 42 42 "5.4": { 43 43 "patch": { 44 44 "extra": "-hardened1", 45 - "name": "linux-hardened-5.4.259-hardened1.patch", 46 - "sha256": "1w8ipflgisd127gmx6wyz8p5qfi8cfd2a5j2xgibspkf45nzfwi8", 47 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.259-hardened1/linux-hardened-5.4.259-hardened1.patch" 45 + "name": "linux-hardened-5.4.263-hardened1.patch", 46 + "sha256": "1v59qzjp9v78y7fkj884a77pjsk4ggplkfh1fq2blj04g7v1zhgv", 47 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.263-hardened1/linux-hardened-5.4.263-hardened1.patch" 48 48 }, 49 - "sha256": "195v4fidavzm637glj6580006mrcaygnbj4za874imb62bxf9rpz", 50 - "version": "5.4.259" 49 + "sha256": "1y1mfwjsilrx8x8jnjlyh8r9zlygjjqdf7pay92jv2qijjddpl2h", 50 + "version": "5.4.263" 51 51 }, 52 52 "6.1": { 53 53 "patch": { 54 54 "extra": "-hardened1", 55 - "name": "linux-hardened-6.1.61-hardened1.patch", 56 - "sha256": "0d9zhh32dx1q828q50kmznmsa6yinppbklhgg8ix7b7k23857ha6", 57 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.61-hardened1/linux-hardened-6.1.61-hardened1.patch" 55 + "name": "linux-hardened-6.1.67-hardened1.patch", 56 + "sha256": "0jcn2k79l90dys4nrwqha89jv9d1ffghhvlqk9vibfs7y3zrlpbr", 57 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.67-hardened1/linux-hardened-6.1.67-hardened1.patch" 58 58 }, 59 - "sha256": "1kk4d7ph6pvgdrdmaklg15wf58nw9n7yqgkag7jdvqinzh99sb5d", 60 - "version": "6.1.61" 59 + "sha256": "11cjqll3b7iq3mblwyzjrd5ph8avgk23f4mw4shm8j6ai5rdndvm", 60 + "version": "6.1.67" 61 61 }, 62 - "6.4": { 62 + "6.5": { 63 63 "patch": { 64 64 "extra": "-hardened1", 65 - "name": "linux-hardened-6.4.16-hardened1.patch", 66 - "sha256": "10lydnnhhq9ynng1gfaqh1mncsb0dmr27zzcbygs1xigy2bl70n9", 67 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.16-hardened1/linux-hardened-6.4.16-hardened1.patch" 65 + "name": "linux-hardened-6.5.13-hardened1.patch", 66 + "sha256": "1fj6yaq2gdjlj2h19vkm13jrx0yiczj6pvric1kq1r6cprqrkkki", 67 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.13-hardened1/linux-hardened-6.5.13-hardened1.patch" 68 68 }, 69 - "sha256": "0zgj1z97jyx7wf12zrnlcp0mj4cl43ais9qsy6dh1jwylf2fq9ln", 70 - "version": "6.4.16" 69 + "sha256": "1dfbbydmayfj9npx3z0g38p574pmcx3qgs49dv0npigl48wd9yvq", 70 + "version": "6.5.13" 71 71 }, 72 - "6.5": { 72 + "6.6": { 73 73 "patch": { 74 74 "extra": "-hardened1", 75 - "name": "linux-hardened-6.5.10-hardened1.patch", 76 - "sha256": "0p2lj7ryiizr1sxvm2kgds3l8sg9fns35y2fcyqq61lg7ymzj1fi", 77 - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.10-hardened1/linux-hardened-6.5.10-hardened1.patch" 75 + "name": "linux-hardened-6.6.6-hardened1.patch", 76 + "sha256": "0jhhixayka13rb0cd0qbsqpb7awayjdbn8qyx7wya1y83cgyn2ly", 77 + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.6.6-hardened1/linux-hardened-6.6.6-hardened1.patch" 78 78 }, 79 - "sha256": "12sswml8jvabv6bqx35lg3jj6gq8jjk365rghjngdy5d0j34jpx1", 80 - "version": "6.5.10" 79 + "sha256": "1j14n8b012pv3r7i9p762jyabzn2nv1ranxyw5lk3c9lg68hmxzb", 80 + "version": "6.6.6" 81 81 } 82 82 }
+2
pkgs/top-level/all-packages.nix
··· 28176 28176 linux_6_1_hardened = linuxKernel.kernels.linux_6_1_hardened; 28177 28177 linuxPackages_6_5_hardened = linuxKernel.packages.linux_6_5_hardened; 28178 28178 linux_6_5_hardened = linuxKernel.kernels.linux_6_5_hardened; 28179 + linuxPackages_6_6_hardened = linuxKernel.packages.linux_6_6_hardened; 28180 + linux_6_6_hardened = linuxKernel.kernels.linux_6_6_hardened; 28179 28181 28180 28182 # GNU Linux-libre kernels 28181 28183 linuxPackages-libre = linuxKernel.packages.linux_libre;
+2
pkgs/top-level/linux-kernels.nix
··· 255 255 linux_5_15_hardened = hardenedKernelFor kernels.linux_5_15 { }; 256 256 linux_6_1_hardened = hardenedKernelFor kernels.linux_6_1 { }; 257 257 linux_6_5_hardened = hardenedKernelFor kernels.linux_6_5 { }; 258 + linux_6_6_hardened = hardenedKernelFor kernels.linux_6_6 { }; 258 259 259 260 } // lib.optionalAttrs config.allowAliases { 260 261 linux_4_9 = throw "linux 4.9 was removed because it will reach its end of life within 22.11"; ··· 627 628 linux_5_15_hardened = recurseIntoAttrs (packagesFor kernels.linux_5_15_hardened); 628 629 linux_6_1_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_1_hardened); 629 630 linux_6_5_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_5_hardened); 631 + linux_6_6_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_6_hardened); 630 632 631 633 linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen); 632 634 linux_lqx = recurseIntoAttrs (packagesFor kernels.linux_lqx);