mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-09-26 23:27:29 +03:00
linux: Init 4.18
This commit is contained in:
parent
c9035c6e12
commit
9236990057
@ -103,16 +103,17 @@ PAGE_POISONING_ZERO y
|
|||||||
PANIC_ON_OOPS y
|
PANIC_ON_OOPS y
|
||||||
PANIC_TIMEOUT -1
|
PANIC_TIMEOUT -1
|
||||||
|
|
||||||
GCC_PLUGINS y # Enable gcc plugin options
|
${optionalString (versionOlder version "4.18") ''
|
||||||
|
GCC_PLUGINS y # Enable gcc plugin options
|
||||||
|
# Gather additional entropy at boot time for systems that may not have appropriate entropy sources.
|
||||||
|
GCC_PLUGIN_LATENT_ENTROPY y
|
||||||
|
|
||||||
# Gather additional entropy at boot time for systems that may not have appropriate entropy sources.
|
${optionalString (versionAtLeast version "4.11") ''
|
||||||
GCC_PLUGIN_LATENT_ENTROPY y
|
GCC_PLUGIN_STRUCTLEAK y # A port of the PaX structleak plugin
|
||||||
|
''}
|
||||||
${optionalString (versionAtLeast version "4.11") ''
|
${optionalString (versionAtLeast version "4.14") ''
|
||||||
GCC_PLUGIN_STRUCTLEAK y # A port of the PaX structleak plugin
|
GCC_PLUGIN_STRUCTLEAK_BYREF_ALL y # Also cover structs passed by address
|
||||||
''}
|
''}
|
||||||
${optionalString (versionAtLeast version "4.14") ''
|
|
||||||
GCC_PLUGIN_STRUCTLEAK_BYREF_ALL y # Also cover structs passed by address
|
|
||||||
''}
|
''}
|
||||||
|
|
||||||
# Disable various dangerous settings
|
# Disable various dangerous settings
|
||||||
@ -121,8 +122,10 @@ PROC_KCORE n # Exposes kernel text image layout
|
|||||||
INET_DIAG n # Has been used for heap based attacks in the past
|
INET_DIAG n # Has been used for heap based attacks in the past
|
||||||
|
|
||||||
# Use -fstack-protector-strong (gcc 4.9+) for best stack canary coverage.
|
# Use -fstack-protector-strong (gcc 4.9+) for best stack canary coverage.
|
||||||
CC_STACKPROTECTOR_REGULAR n
|
${optionalString (versionOlder version "4.18") ''
|
||||||
CC_STACKPROTECTOR_STRONG y
|
CC_STACKPROTECTOR_REGULAR n
|
||||||
|
CC_STACKPROTECTOR_STRONG y
|
||||||
|
''}
|
||||||
|
|
||||||
# Enable compile/run-time buffer overflow detection ala glibc's _FORTIFY_SOURCE
|
# Enable compile/run-time buffer overflow detection ala glibc's _FORTIFY_SOURCE
|
||||||
${optionalString (versionAtLeast version "4.13") ''
|
${optionalString (versionAtLeast version "4.13") ''
|
||||||
|
18
pkgs/os-specific/linux/kernel/linux-4.18.nix
Normal file
18
pkgs/os-specific/linux/kernel/linux-4.18.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{ stdenv, buildPackages, hostPlatform, fetchurl, perl, buildLinux, modDirVersionArg ? null, ... } @ args:
|
||||||
|
|
||||||
|
with stdenv.lib;
|
||||||
|
|
||||||
|
buildLinux (args // rec {
|
||||||
|
version = "4.18";
|
||||||
|
|
||||||
|
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
|
||||||
|
modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg;
|
||||||
|
|
||||||
|
# branchVersion needs to be x.y
|
||||||
|
extraMeta.branch = concatStrings (intersperse "." (take 2 (splitString "." version)));
|
||||||
|
|
||||||
|
src = fetchurl {
|
||||||
|
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
|
||||||
|
sha256 = "1wgay4k8wj08fc711j290fvi81x75yib8iaa6r7csc7mkvsbrn0r";
|
||||||
|
};
|
||||||
|
} // (args.argsOverride or {}))
|
@ -13863,6 +13863,16 @@ with pkgs;
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
linux_4_18 = callPackage ../os-specific/linux/kernel/linux-4.18.nix {
|
||||||
|
kernelPatches =
|
||||||
|
[ kernelPatches.bridge_stp_helper
|
||||||
|
# See pkgs/os-specific/linux/kernel/cpu-cgroup-v2-patches/README.md
|
||||||
|
# when adding a new linux version
|
||||||
|
# kernelPatches.cpu-cgroup-v2."4.11"
|
||||||
|
kernelPatches.modinst_arg_list_too_long
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
linux_testing = callPackage ../os-specific/linux/kernel/linux-testing.nix {
|
linux_testing = callPackage ../os-specific/linux/kernel/linux-testing.nix {
|
||||||
kernelPatches = [
|
kernelPatches = [
|
||||||
kernelPatches.bridge_stp_helper
|
kernelPatches.bridge_stp_helper
|
||||||
@ -14056,7 +14066,7 @@ with pkgs;
|
|||||||
linux = linuxPackages.kernel;
|
linux = linuxPackages.kernel;
|
||||||
|
|
||||||
# Update this when adding the newest kernel major version!
|
# Update this when adding the newest kernel major version!
|
||||||
linuxPackages_latest = linuxPackages_4_17;
|
linuxPackages_latest = linuxPackages_4_18;
|
||||||
linux_latest = linuxPackages_latest.kernel;
|
linux_latest = linuxPackages_latest.kernel;
|
||||||
|
|
||||||
# Build the kernel modules for the some of the kernels.
|
# Build the kernel modules for the some of the kernels.
|
||||||
@ -14067,6 +14077,7 @@ with pkgs;
|
|||||||
linuxPackages_4_9 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_9);
|
linuxPackages_4_9 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_9);
|
||||||
linuxPackages_4_14 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_14);
|
linuxPackages_4_14 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_14);
|
||||||
linuxPackages_4_17 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_17);
|
linuxPackages_4_17 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_17);
|
||||||
|
linuxPackages_4_18 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_18);
|
||||||
# Don't forget to update linuxPackages_latest!
|
# Don't forget to update linuxPackages_latest!
|
||||||
|
|
||||||
# Intentionally lacks recurseIntoAttrs, as -rc kernels will quite likely break out-of-tree modules and cause failed Hydra builds.
|
# Intentionally lacks recurseIntoAttrs, as -rc kernels will quite likely break out-of-tree modules and cause failed Hydra builds.
|
||||||
|
Loading…
Reference in New Issue
Block a user