ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-09-22 04:57:56 +03:00
Code Issues Projects Releases Wiki Activity

Remove sec_perm patch that was needed by AUFS

Browse Source 
Now the kernel is unpatched by default on non-MIPS!
This commit is contained in:
Shea Levy 2014-03-21 04:36:15 -04:00
parent 20696f1620
commit e4961c63f7
3 changed files with 5 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkgs/os-specific/linux/kernel/patches.nix
View File

@ -44,12 +44,6 @@ rec {
features.apparmor = true;
};
sec_perm_2_6_24 =
{ name = "sec_perm-2.6.24";
patch = ./sec_perm-2.6.24.patch;
features.secPermPatch = true;
};
no_xsave =
{ name = "no-xsave";
patch = ./no-xsave.patch;

16
pkgs/os-specific/linux/kernel/sec_perm-2.6.24.patch
View File

@ -1,16 +0,0 @@
Index: linux-2.6.24-rc3/security/security.c
===================================================================
RCS file: /ext1/sysadm/transparent/repository/linux-2.6.24-rc3/security/security.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- linux-2.6.24-rc3/security/security.c 21 Nov 2007 13:03:11 -0000 1.1
+++ linux-2.6.24-rc3/security/security.c 21 Nov 2007 13:07:55 -0000 1.2
@@ -409,6 +409,7 @@ int security_inode_permission(struct ino
return 0;
return security_ops->inode_permission(inode, mask, nd);
}
+EXPORT_SYMBOL(security_inode_permission);
int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
{

27
pkgs/top-level/all-packages.nix
View File

@ -6767,9 +6767,6 @@ let
linux_3_2 = makeOverridable (import ../os-specific/linux/kernel/linux-3.2.nix) {
inherit fetchurl stdenv perl buildLinux;
kernelPatches =
[ kernelPatches.sec_perm_2_6_24
];
};
grsecurityOverrider = args: {
@ -6817,9 +6814,7 @@ let
linux_3_4 = makeOverridable (import ../os-specific/linux/kernel/linux-3.4.nix) {
inherit fetchurl stdenv perl buildLinux;
kernelPatches =
[ kernelPatches.sec_perm_2_6_24
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
kernelPatches.mips_fpu_sigill
];
@ -6839,10 +6834,7 @@ let
linux_3_10 = makeOverridable (import ../os-specific/linux/kernel/linux-3.10.nix) {
inherit fetchurl stdenv perl buildLinux;
kernelPatches =
[
kernelPatches.sec_perm_2_6_24
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
kernelPatches.mips_fpu_sigill
kernelPatches.mips_ext3_n32
@ -6860,10 +6852,7 @@ let
linux_3_11 = makeOverridable (import ../os-specific/linux/kernel/linux-3.11.nix) {
inherit fetchurl stdenv perl buildLinux;
kernelPatches =
[
kernelPatches.sec_perm_2_6_24
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
kernelPatches.mips_fpu_sigill
kernelPatches.mips_ext3_n32
@ -6872,10 +6861,7 @@ let
linux_3_12 = makeOverridable (import ../os-specific/linux/kernel/linux-3.12.nix) {
inherit fetchurl stdenv perl buildLinux;
kernelPatches =
[
kernelPatches.sec_perm_2_6_24
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
kernelPatches.mips_fpu_sigill
kernelPatches.mips_ext3_n32
@ -6884,10 +6870,7 @@ let
linux_3_13 = makeOverridable (import ../os-specific/linux/kernel/linux-3.13.nix) {
inherit fetchurl stdenv perl buildLinux;
kernelPatches =
[
kernelPatches.sec_perm_2_6_24
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
kernelPatches.mips_fpu_sigill
kernelPatches.mips_ext3_n32