Commit ad38070b authored by Fabián Heredia Montiel's avatar Fabián Heredia Montiel
Browse files

linux/hardened/patches/6.4: init at 6.4.3-hardened1

parent 4f05a87f

nixos/tests/kernel-generic.nix

+1 −0
Original line number Diff line number Diff line
@@ -32,6 +32,7 @@ let 
      linux_5_15_hardened

      linux_6_1_hardened

      linux_6_3_hardened

      linux_6_4_hardened



      linux_testing;

  };

pkgs/os-specific/linux/kernel/hardened/config.nix

+1 −1
Original line number Diff line number Diff line
@@ -28,7 +28,7 @@ assert (versionAtLeast version "4.9"); 
  #

  # We set SECURITY_WRITABLE_HOOKS n primarily for documentation purposes; the

  # config builder fails to detect that it has indeed been unset.

  SECURITY_SELINUX_DISABLE = no;

  SECURITY_SELINUX_DISABLE = whenOlder "6.4" no; # On 6.4: error: unused option: SECURITY_SELINUX_DISABLE

  SECURITY_WRITABLE_HOOKS  = option no;



  STRICT_KERNEL_RWX = yes;

pkgs/os-specific/linux/kernel/hardened/patches.json

+10 −0
Original line number Diff line number Diff line
@@ -68,5 +68,15 @@ 
        },

        "sha256": "1mvcirkhqnf03cci3jiq077fs9b42a3xdk3zjkpyim3x43ydwzyb",

        "version": "6.3.12"

    },

    "6.4": {

        "patch": {

            "extra": "-hardened1",

            "name": "linux-hardened-6.4.3-hardened1.patch",

            "sha256": "1xwy9088f8qy7algv1gad90gd6sv03diz16jvfnk2yb01k4f87wv",

            "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.3-hardened1/linux-hardened-6.4.3-hardened1.patch"

        },

        "sha256": "18c8ikghvlr6h9jajy11dldck4h57wl301j14rxg7xhd6qlysd3i",

        "version": "6.4.3"

    }

}

pkgs/top-level/all-packages.nix

+2 −0
Original line number Diff line number Diff line
@@ -27605,6 +27605,8 @@ with pkgs; 
  linux_6_1_hardened = linuxKernel.kernels.linux_6_1_hardened;

  linuxPackages_6_3_hardened = linuxKernel.packages.linux_6_3_hardened;

  linux_6_3_hardened = linuxKernel.kernels.linux_6_3_hardened;

  linuxPackages_6_4_hardened = linuxKernel.packages.linux_6_4_hardened;

  linux_6_4_hardened = linuxKernel.kernels.linux_6_4_hardened;















  # Hardkernel (Odroid) kernels.















  linuxPackages_hardkernel_latest = linuxKernel.packageAliases.linux_hardkernel_latest;

























pkgs/top-level/linux-kernels.nix



+2
−0






























Original line number
Diff line number
Diff line








@@ -268,6 +268,7 @@ in {













    linux_5_15_hardened = hardenedKernelFor kernels.linux_5_15 { };















    linux_6_1_hardened = hardenedKernelFor kernels.linux_6_1 { };















    linux_6_3_hardened = hardenedKernelFor kernels.linux_6_3 { };













    linux_6_4_hardened = hardenedKernelFor kernels.linux_6_4 { };































  } // lib.optionalAttrs config.allowAliases {















    linux_4_9 = throw "linux 4.9 was removed because it will reach its end of life within 22.11";










@@ -614,6 +615,7 @@ in {













    linux_5_15_hardened = recurseIntoAttrs (packagesFor kernels.linux_5_15_hardened);















    linux_6_1_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_1_hardened);















    linux_6_3_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_3_hardened);













    linux_6_4_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_4_hardened);































    linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen);















    linux_lqx = recurseIntoAttrs (packagesFor kernels.linux_lqx);