From c10756c53018e44c0408e6988c34ac1ef1755ea6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:49:09 -0600 Subject: [PATCH 1/9] linux/hardened/patches/6.4: remove (cherry picked from commit 21f12bea73af3fd95e48c160a9b54f60335b6993) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index d8f8bb2fa73f9..4560e1f5b54b3 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -59,16 +59,6 @@ "sha256": "1kk4d7ph6pvgdrdmaklg15wf58nw9n7yqgkag7jdvqinzh99sb5d", "version": "6.1.61" }, - "6.4": { - "patch": { - "extra": "-hardened1", - "name": "linux-hardened-6.4.16-hardened1.patch", - "sha256": "10lydnnhhq9ynng1gfaqh1mncsb0dmr27zzcbygs1xigy2bl70n9", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.16-hardened1/linux-hardened-6.4.16-hardened1.patch" - }, - "sha256": "0zgj1z97jyx7wf12zrnlcp0mj4cl43ais9qsy6dh1jwylf2fq9ln", - "version": "6.4.16" - }, "6.5": { "patch": { "extra": "-hardened1", From 2c511ec76efab3099c9c1700f75c406022317d75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:50:44 -0600 Subject: [PATCH 2/9] linux/hardened/patches/4.14: 4.14.328-hardened1 -> 4.14.332-hardened1 (cherry picked from commit 8f05af0d5f8039a55acc212f4370b0d57927976c) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 4560e1f5b54b3..f9d8d35ae970d 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,12 +2,12 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.328-hardened1.patch", - "sha256": "1qq2l4nwhxgl4drx6isc1ly892kffjq4hqb4zadqs6sxvsdm7x57", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.328-hardened1/linux-hardened-4.14.328-hardened1.patch" + "name": "linux-hardened-4.14.332-hardened1.patch", + "sha256": "1nda3z8hkyfw53dzk1v5zwpzhm75gizsixfmrh8ylaghhk5s8yw3", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.332-hardened1/linux-hardened-4.14.332-hardened1.patch" }, - "sha256": "1igcpvnhwwrczfdsafmszvi0456k7f6j4cgpfw6v6afw09p95d8x", - "version": "4.14.328" + "sha256": "1f4q0acbp917myjmgiy4haxp78yak5h1rj5g937r6mkykwb6nb14", + "version": "4.14.332" }, "4.19": { "patch": { From afb3e88630374237a11ad9c834bb998ffba73d51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:50:51 -0600 Subject: [PATCH 3/9] linux/hardened/patches/4.19: 4.19.297-hardened1 -> 4.19.301-hardened1 (cherry picked from commit d825dc121428862a5be47aeda4fe6d724e4465b9) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index f9d8d35ae970d..4998b2d3e6966 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -12,12 +12,12 @@ "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.297-hardened1.patch", - "sha256": "1qj09bynl7ml880xpc2956jn0b1gmm77yf3jc45v3jq3610jhna4", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.297-hardened1/linux-hardened-4.19.297-hardened1.patch" + "name": "linux-hardened-4.19.301-hardened1.patch", + "sha256": "0arlwp0g4anqlnivyc8y6rq9mhq1ivmy4i0d8kqvwpc2b3wcc525", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.301-hardened1/linux-hardened-4.19.301-hardened1.patch" }, - "sha256": "0c9xxqgv2i36hrr06dwz7f3idc04xpv0a5pxg08xdh03cnyf12cx", - "version": "4.19.297" + "sha256": "1fr05fl8fyyjgsqj8fppd5v378d7sazvpqlq4sl875851fd9nmb2", + "version": "4.19.301" }, "5.10": { "patch": { From 8495867d1d1a8f5fb95ee43ee2584a0d952aecac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:50:59 -0600 Subject: [PATCH 4/9] linux/hardened/patches/5.10: 5.10.199-hardened1 -> 5.10.203-hardened1 (cherry picked from commit a22e51dc96ee7539cab3fefc2bd33c6070a5e5c0) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 4998b2d3e6966..5cf876c17abe8 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -22,12 +22,12 @@ "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.199-hardened1.patch", - "sha256": "10vwd5wygfnxpbz15bq56pjygba3vqqal0d7xry2bch4p444pp5f", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.199-hardened1/linux-hardened-5.10.199-hardened1.patch" + "name": "linux-hardened-5.10.203-hardened1.patch", + "sha256": "19inx95ynyzhh2h9xdg2yw4yfa5nfcw2dh2a7vw4mf0bqdv2iqvc", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.203-hardened1/linux-hardened-5.10.203-hardened1.patch" }, - "sha256": "1h944syk7n6c4j1djlx19n77alzwbxcdza77c9ykicgfynhpgsm0", - "version": "5.10.199" + "sha256": "0xr8p7kfr1v3s41fv55ph0l8d9s2p146dl2fh3r2y09lrvwwxssn", + "version": "5.10.203" }, "5.15": { "patch": { From f3af10e1f1ad17c2d0181085e17a965be5d6649c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:51:02 -0600 Subject: [PATCH 5/9] linux/hardened/patches/5.15: 5.15.137-hardened1 -> 5.15.142-hardened1 (cherry picked from commit 4175f2aa26318593b6f53e3204eaf8cd35b6065a) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 5cf876c17abe8..acf6983c4f786 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -32,12 +32,12 @@ "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.137-hardened1.patch", - "sha256": "19gs1w380qgvazwjwhxypizpfx71faa7hsji0x5cgyw6vxhi6l1b", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.137-hardened1/linux-hardened-5.15.137-hardened1.patch" + "name": "linux-hardened-5.15.142-hardened1.patch", + "sha256": "0x4bsf638rrdrp9b389i6nlprwsfc25qpld50yfcjinqhiykd269", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.142-hardened1/linux-hardened-5.15.142-hardened1.patch" }, - "sha256": "1xxjbxldrhmnh2q6rykpxyfbj8xqgl82q30n8sfavrzr14bb4jcp", - "version": "5.15.137" + "sha256": "0xjn16b02f8d6c0m8vrbmk85kdyfy8m46s80rnkb0nnwfx9cjxld", + "version": "5.15.142" }, "5.4": { "patch": { From c1465e605650f4899b6af9e400fc5d7b5f3158d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:51:06 -0600 Subject: [PATCH 6/9] linux/hardened/patches/5.4: 5.4.259-hardened1 -> 5.4.263-hardened1 (cherry picked from commit 5670b0753255b4ff45eb0ef396b96ebfea55b7eb) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index acf6983c4f786..d80a0e18db5fc 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -42,12 +42,12 @@ "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.259-hardened1.patch", - "sha256": "1w8ipflgisd127gmx6wyz8p5qfi8cfd2a5j2xgibspkf45nzfwi8", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.259-hardened1/linux-hardened-5.4.259-hardened1.patch" + "name": "linux-hardened-5.4.263-hardened1.patch", + "sha256": "1v59qzjp9v78y7fkj884a77pjsk4ggplkfh1fq2blj04g7v1zhgv", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.263-hardened1/linux-hardened-5.4.263-hardened1.patch" }, - "sha256": "195v4fidavzm637glj6580006mrcaygnbj4za874imb62bxf9rpz", - "version": "5.4.259" + "sha256": "1y1mfwjsilrx8x8jnjlyh8r9zlygjjqdf7pay92jv2qijjddpl2h", + "version": "5.4.263" }, "6.1": { "patch": { From 204794bf59178e0d62a6a063438e62232cfc0149 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:51:12 -0600 Subject: [PATCH 7/9] linux/hardened/patches/6.1: 6.1.61-hardened1 -> 6.1.67-hardened1 (cherry picked from commit a8e0e9d48be8d9dcfcdf9d7a4996ad366fbbbc7c) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index d80a0e18db5fc..ad404f0917f7c 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -52,12 +52,12 @@ "6.1": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.1.61-hardened1.patch", - "sha256": "0d9zhh32dx1q828q50kmznmsa6yinppbklhgg8ix7b7k23857ha6", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.61-hardened1/linux-hardened-6.1.61-hardened1.patch" + "name": "linux-hardened-6.1.67-hardened1.patch", + "sha256": "0jcn2k79l90dys4nrwqha89jv9d1ffghhvlqk9vibfs7y3zrlpbr", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.67-hardened1/linux-hardened-6.1.67-hardened1.patch" }, - "sha256": "1kk4d7ph6pvgdrdmaklg15wf58nw9n7yqgkag7jdvqinzh99sb5d", - "version": "6.1.61" + "sha256": "11cjqll3b7iq3mblwyzjrd5ph8avgk23f4mw4shm8j6ai5rdndvm", + "version": "6.1.67" }, "6.5": { "patch": { From b510f6dd1623f005f9ec1464955ef695cf46aeee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:51:16 -0600 Subject: [PATCH 8/9] linux/hardened/patches/6.5: 6.5.10-hardened1 -> 6.5.13-hardened1 (cherry picked from commit ae686ad0d665d071f6db493ebed99fac6f251dcc) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index ad404f0917f7c..3c7edf581a9cb 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -62,11 +62,11 @@ "6.5": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.5.10-hardened1.patch", - "sha256": "0p2lj7ryiizr1sxvm2kgds3l8sg9fns35y2fcyqq61lg7ymzj1fi", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.10-hardened1/linux-hardened-6.5.10-hardened1.patch" + "name": "linux-hardened-6.5.13-hardened1.patch", + "sha256": "1fj6yaq2gdjlj2h19vkm13jrx0yiczj6pvric1kq1r6cprqrkkki", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.13-hardened1/linux-hardened-6.5.13-hardened1.patch" }, - "sha256": "12sswml8jvabv6bqx35lg3jj6gq8jjk365rghjngdy5d0j34jpx1", - "version": "6.5.10" + "sha256": "1dfbbydmayfj9npx3z0g38p574pmcx3qgs49dv0npigl48wd9yvq", + "version": "6.5.13" } } From 5ef770edae111b955b6b9b3623d9c55e73d6ae95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabi=C3=A1n=20Heredia=20Montiel?= Date: Tue, 12 Dec 2023 15:51:26 -0600 Subject: [PATCH 9/9] linux/hardened/patches/6.6: init at 6.6.6-hardened1 (cherry picked from commit 70ac3dc8fed36a771f2e0eaa3d0f1547a5e0420f) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 10 ++++++++++ pkgs/top-level/all-packages.nix | 2 ++ pkgs/top-level/linux-kernels.nix | 2 ++ 3 files changed, 14 insertions(+) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 3c7edf581a9cb..cc410ae8b8af8 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -68,5 +68,15 @@ }, "sha256": "1dfbbydmayfj9npx3z0g38p574pmcx3qgs49dv0npigl48wd9yvq", "version": "6.5.13" + }, + "6.6": { + "patch": { + "extra": "-hardened1", + "name": "linux-hardened-6.6.6-hardened1.patch", + "sha256": "0jhhixayka13rb0cd0qbsqpb7awayjdbn8qyx7wya1y83cgyn2ly", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.6.6-hardened1/linux-hardened-6.6.6-hardened1.patch" + }, + "sha256": "1j14n8b012pv3r7i9p762jyabzn2nv1ranxyw5lk3c9lg68hmxzb", + "version": "6.6.6" } } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5e3de697c36ea..b18e3a0a5d8b6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -27114,6 +27114,8 @@ with pkgs; linux_6_1_hardened = linuxKernel.kernels.linux_6_1_hardened; linuxPackages_6_5_hardened = linuxKernel.packages.linux_6_5_hardened; linux_6_5_hardened = linuxKernel.kernels.linux_6_5_hardened; + linuxPackages_6_6_hardened = linuxKernel.packages.linux_6_6_hardened; + linux_6_6_hardened = linuxKernel.kernels.linux_6_6_hardened; # Hardkernel (Odroid) kernels. linuxPackages_hardkernel_latest = linuxKernel.packageAliases.linux_hardkernel_latest; diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix index 6c8b4ed280c72..647a2704440e6 100644 --- a/pkgs/top-level/linux-kernels.nix +++ b/pkgs/top-level/linux-kernels.nix @@ -287,6 +287,7 @@ in { linux_5_15_hardened = hardenedKernelFor kernels.linux_5_15 { }; linux_6_1_hardened = hardenedKernelFor kernels.linux_6_1 { }; linux_6_5_hardened = hardenedKernelFor kernels.linux_6_5 { }; + linux_6_6_hardened = hardenedKernelFor kernels.linux_6_6 { }; } // lib.optionalAttrs config.allowAliases { linux_4_9 = throw "linux 4.9 was removed because it will reach its end of life within 22.11"; @@ -637,6 +638,7 @@ in { linux_5_15_hardened = recurseIntoAttrs (packagesFor kernels.linux_5_15_hardened); linux_6_1_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_1_hardened); linux_6_5_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_5_hardened); + linux_6_6_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_6_hardened); linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen); linux_lqx = recurseIntoAttrs (packagesFor kernels.linux_lqx);