diff options
Diffstat (limited to 'pkgs/os-specific/linux')
27 files changed, 429 insertions, 104 deletions
diff --git a/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix b/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix index 75ec2932c89..b7203a73763 100644 --- a/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix +++ b/pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "alsa-ucm-conf"; - version = "1.2.9"; + version = "1.2.10"; src = fetchurl { url = "mirror://alsa/lib/${pname}-${version}.tar.bz2"; - hash = "sha256-N09oM7/XfQpGdeSqK/t53v6FDlpGpdRUKkWWL0ueJyo="; + hash = "sha256-nCHj8B/wC6p1jfF+hnzTbiTrtBpr7ElzfpkQXhbyrpc="; }; dontBuild = true; diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index acb484ba6b6..c6c7d9d0f50 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -23,11 +23,11 @@ ]; in stdenv.mkDerivation rec { pname = "bluez"; - version = "5.66"; + version = "5.70"; src = fetchurl { url = "mirror://kernel/linux/bluetooth/${pname}-${version}.tar.xz"; - sha256 = "sha256-Of6mS1kMlJKYSgwnqJ/CA+HNx0hmCG77j0aYZ3qytXQ="; + sha256 = "sha256-N+Ny6RaVXhRMuIL4iOS+QImPEK47fCE93N1V7pwAkng="; }; patches = [ diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix index c85a75d1f17..789a59f751f 100644 --- a/pkgs/os-specific/linux/ell/default.nix +++ b/pkgs/os-specific/linux/ell/default.nix @@ -3,20 +3,20 @@ , autoreconfHook , pkg-config , dbus -, fetchpatch , sysctl +, gitUpdater }: stdenv.mkDerivation rec { pname = "ell"; - version = "0.58"; + version = "0.59"; outputs = [ "out" "dev" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - hash = "sha256-CwUwwvyT541aIvypVMqRhHkVJLna121Cme+v7c0FLWo="; + hash = "sha256-uJcGYT+JSdz/XTyJb/VUyedmSKJW/4BbTM3fw3ebtIc="; }; nativeBuildInputs = [ @@ -30,19 +30,17 @@ stdenv.mkDerivation rec { sysctl ]; - patches = [ - # /proc/sys/net/core/somaxconn doesn't always exist in the nix build environment - (fetchpatch { - name = "skip-sysctl-test-if-sysfs-not-available.patch"; - url = "https://patchwork.kernel.org/project/ell/patch/526DA75D-01AB-4D85-BF5C-5F25E5C39480@kloenk.dev/raw/"; - hash = "sha256-YYGYWQ67cbMLt6RnqZmHt+tpvVIDKPbSCqPIouk6alU="; - }) - ]; enableParallelBuilding = true; # tests sporadically fail on musl doCheck = !stdenv.hostPlatform.isMusl; + passthru = { + updateScript = gitUpdater { + url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; + }; + }; + meta = with lib; { homepage = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; description = "Embedded Linux Library"; diff --git a/pkgs/os-specific/linux/fuse/common.nix b/pkgs/os-specific/linux/fuse/common.nix index bbd871a1b9a..f4b8bfc5661 100644 --- a/pkgs/os-specific/linux/fuse/common.nix +++ b/pkgs/os-specific/linux/fuse/common.nix @@ -1,4 +1,4 @@ -{ version, sha256Hash }: +{ version, hash }: { lib, stdenv, fetchFromGitHub, fetchpatch , fusePackages, util-linux, gettext, shadow @@ -17,7 +17,7 @@ in stdenv.mkDerivation rec { owner = "libfuse"; repo = "libfuse"; rev = "${pname}-${version}"; - sha256 = sha256Hash; + inherit hash; }; preAutoreconf = "touch config.rpath"; @@ -48,6 +48,7 @@ in stdenv.mkDerivation rec { mesonFlags = lib.optionals isFuse3 [ "-Dudevrulesdir=/udev/rules.d" "-Duseroot=false" + "-Dinitscriptdir=" ]; preConfigure = '' diff --git a/pkgs/os-specific/linux/fuse/default.nix b/pkgs/os-specific/linux/fuse/default.nix index 6aa3e46d4e1..f692c2fb41c 100644 --- a/pkgs/os-specific/linux/fuse/default.nix +++ b/pkgs/os-specific/linux/fuse/default.nix @@ -7,11 +7,11 @@ let in { fuse_2 = mkFuse { version = "2.9.9"; - sha256Hash = "1yxxvm58c30pc022nl1wlg8fljqpmwnchkywic3r74zirvlcq23n"; + hash = "sha256-dgjM6M7xk5MHi9xPyCyvF0vq0KM8UCsEYBcMhkrdvfs="; }; fuse_3 = mkFuse { - version = "3.11.0"; - sha256Hash = "1wx80xxlvjn0wxhmkr1g91vwrgxssyzds1hizzxc2xrd4kjh9dfb"; + version = "3.16.2"; + hash = "sha256-QO9s+IkR0rkqIYNqt2IYST6AVBkCr56jcuuz5nKJuA4="; }; } diff --git a/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch b/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch index 903f30325df..582d3eb0dec 100644 --- a/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch +++ b/pkgs/os-specific/linux/fuse/fuse3-Do-not-set-FUSERMOUNT_DIR.patch @@ -1,12 +1,13 @@ +diff --git a/lib/meson.build b/lib/meson.build --- a/lib/meson.build +++ b/lib/meson.build @@ -37,8 +37,7 @@ libfuse = library('fuse3', libfuse_sources, version: meson.project_version(), soversion: '3', include_directories: include_dirs, dependencies: deps, install: true, link_depends: 'fuse_versionscript', -- c_args: [ '-DFUSE_USE_VERSION=35', +- c_args: [ '-DFUSE_USE_VERSION=312', - '-DFUSERMOUNT_DIR="@0@"'.format(fusermount_path) ], -+ c_args: [ '-DFUSE_USE_VERSION=35' ], ++ c_args: [ '-DFUSE_USE_VERSION=312' ], link_args: ['-Wl,--version-script,' + meson.current_source_dir() + '/fuse_versionscript' ]) diff --git a/pkgs/os-specific/linux/fuse/fuse3-install.patch b/pkgs/os-specific/linux/fuse/fuse3-install.patch index 147bcb439fb..769e3088664 100644 --- a/pkgs/os-specific/linux/fuse/fuse3-install.patch +++ b/pkgs/os-specific/linux/fuse/fuse3-install.patch @@ -1,18 +1,20 @@ ---- a/util/install_helper.sh 2019-07-10 12:00:15.984840142 +0200 -+++ b/util/install_helper.sh 2019-07-10 12:28:56.343011401 +0200 -@@ -37,10 +37,10 @@ - fi +--- a/util/install_helper.sh 2023-08-26 22:12:11.028651669 +0200 ++++ b/util/install_helper.sh 2023-08-26 22:38:03.165058694 +0200 +@@ -39,12 +39,12 @@ - install -D -m 644 "${MESON_SOURCE_ROOT}/util/udev.rules" \ + if [ "${udevrulesdir}" != "" ]; then + install -D -m 644 "${MESON_SOURCE_ROOT}/util/udev.rules" \ - "${DESTDIR}${udevrulesdir}/99-fuse3.rules" + "${sysconfdir}${udevrulesdir}/99-fuse3.rules" + fi - install -D -m 755 "${MESON_SOURCE_ROOT}/util/init_script" \ -- "${DESTDIR}/etc/init.d/fuse3" -+ "${sysconfdir}/init.d/fuse3" - + if [ "$initscriptdir" != "" ]; then + install -D -m 755 "${MESON_SOURCE_ROOT}/util/init_script" \ +- "${DESTDIR}${initscriptdir}/fuse3" ++ "${sysconfdir}${initscriptdir}/fuse3" - if test -x /usr/sbin/update-rc.d && test -z "${DESTDIR}"; then + if test -x /usr/sbin/update-rc.d && test -z "${DESTDIR}"; then + /usr/sbin/update-rc.d fuse3 start 34 S . start 41 0 6 . || /bin/true diff --git a/util/meson.build b/util/meson.build index aa0e734..06d4378 100644 --- a/util/meson.build diff --git a/pkgs/os-specific/linux/hwdata/default.nix b/pkgs/os-specific/linux/hwdata/default.nix index a64a0574d8f..1719dbe01ca 100644 --- a/pkgs/os-specific/linux/hwdata/default.nix +++ b/pkgs/os-specific/linux/hwdata/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "hwdata"; - version = "0.374"; + version = "0.375"; src = fetchFromGitHub { owner = "vcrhonek"; repo = "hwdata"; rev = "v${version}"; - hash = "sha256-RvjYd8iD6JkGhh6TDy/Qo+UzLxbhPvIJvhl/Rw14lbk="; + hash = "sha256-2cahF9kOtr1R42zhwdwRqXSbWK9EkknTPnjs0DJl4TU="; }; postPatch = '' diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix index 9d2848556ea..b82484514e5 100644 --- a/pkgs/os-specific/linux/iptables/default.nix +++ b/pkgs/os-specific/linux/iptables/default.nix @@ -2,31 +2,18 @@ , autoreconfHook, pkg-config, pruneLibtoolFiles, flex, bison , libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap , nftablesCompat ? true -, fetchpatch +, gitUpdater }: stdenv.mkDerivation rec { - version = "1.8.9"; + version = "1.8.10"; pname = "iptables"; src = fetchurl { url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.xz"; - sha256 = "72Y5pDvoMlpPjqaBI/+sI2y2lujHhQG2ToEGr7AIyH8="; + sha256 = "XMJVwYk1bjF9BwdVzpNx62Oht4PDRJj7jDAmTzzFnJw="; }; - patches = [ - (fetchpatch { - name = "format-security.patch"; - url = "https://git.netfilter.org/iptables/patch/?id=ed4082a7405a5838c205a34c1559e289949200cc"; - sha256 = "OdytFmHk+3Awu+sDQpGTl5/qip4doRblmW2vQzfNZiU="; - }) - (fetchurl { - name = "static.patch"; - url = "https://lore.kernel.org/netfilter-devel/20230402232939.1060151-1-hi@alyssa.is/raw"; - sha256 = "PkH+1HbJjBb3//ffBe0XUQok1lBwgj/STL8Ppu/28f4="; - }) - ]; - outputs = [ "out" "dev" "man" ]; nativeBuildInputs = [ @@ -35,10 +22,6 @@ stdenv.mkDerivation rec { buildInputs = [ libmnl libnetfilter_conntrack libnfnetlink libnftnl libpcap ]; - preConfigure = '' - export NIX_LDFLAGS="$NIX_LDFLAGS -lmnl -lnftnl" - ''; - configureFlags = [ "--enable-bpf-compiler" "--enable-devel" @@ -47,6 +30,8 @@ stdenv.mkDerivation rec { "--enable-shared" ] ++ lib.optional (!nftablesCompat) "--disable-nftables"; + enableParallelBuilding = true; + postInstall = lib.optionalString nftablesCompat '' rm $out/sbin/{iptables,iptables-restore,iptables-save,ip6tables,ip6tables-restore,ip6tables-save} ln -sv xtables-nft-multi $out/bin/iptables @@ -57,6 +42,13 @@ stdenv.mkDerivation rec { ln -sv xtables-nft-multi $out/bin/ip6tables-save ''; + passthru = { + updateScript = gitUpdater { + url = "https://git.netfilter.org/iptables"; + rev-prefix = "v"; + }; + }; + meta = with lib; { description = "A program to configure the Linux IP packet filtering ruleset"; homepage = "https://www.netfilter.org/projects/iptables/index.html"; diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index ff40e585b1d..e0a3c4319b8 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -119,7 +119,10 @@ in { hash = "sha256-eldLvCCALqdrUsp/rwcmf3IEXoYbGJFcUnKpjCer+IQ="; }; patches = [ - ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms + ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms + + # Fix regression turning `struct sockaddr_ll` flexible size. + ./revert-af_packet-flex.patch ]; }; } diff --git a/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch b/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch new file mode 100644 index 00000000000..ed6c8861d2f --- /dev/null +++ b/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch @@ -0,0 +1,31 @@ +Revert commit https://github.com/torvalds/linux/commit/a0ade8404c3bc2bf2631cb0f20d372eed22d9d96 + +The change caused API regression by turning fixed size struct to +flexible size struct. It was an unintentional change, broke `udp2raw`: + https://github.com/NixOS/nixpkgs/pull/252587#issuecomment-1744427473 +--- a/include/uapi/linux/if_packet.h ++++ b/include/uapi/linux/if_packet.h +@@ -18,11 +18,7 @@ struct sockaddr_ll { + unsigned short sll_hatype; + unsigned char sll_pkttype; + unsigned char sll_halen; +- union { +- unsigned char sll_addr[8]; +- /* Actual length is in sll_halen. */ +- __DECLARE_FLEX_ARRAY(unsigned char, sll_addr_flex); +- }; ++ unsigned char sll_addr[8]; + }; + + /* Packet types */ +--- a/net/packet/af_packet.c ++++ b/net/packet/af_packet.c +@@ -3607,7 +3607,7 @@ static int packet_getname(struct socket *sock, struct sockaddr *uaddr, + if (dev) { + sll->sll_hatype = dev->type; + sll->sll_halen = dev->addr_len; +- memcpy(sll->sll_addr_flex, dev->dev_addr, dev->addr_len); ++ memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len); + } else { + sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */ + sll->sll_halen = 0; diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index fb583551f1b..8ca01c5be4f 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -839,6 +839,8 @@ let CLEANCACHE = whenOlder "5.17" (option yes); CRASH_DUMP = option no; + FSCACHE_STATS = yes; + DVB_DYNAMIC_MINORS = option yes; # we use udev EFI_STUB = yes; # EFI bootloader in the bzImage itself diff --git a/pkgs/os-specific/linux/kernel/generic.nix b/pkgs/os-specific/linux/kernel/generic.nix index 74c47db6256..df67005dd81 100644 --- a/pkgs/os-specific/linux/kernel/generic.nix +++ b/pkgs/os-specific/linux/kernel/generic.nix @@ -135,8 +135,6 @@ let platformName = stdenv.hostPlatform.linux-kernel.name; # e.g. "defconfig" kernelBaseConfig = if defconfig != null then defconfig else stdenv.hostPlatform.linux-kernel.baseConfig; - # e.g. "bzImage" - kernelTarget = stdenv.hostPlatform.linux-kernel.target; makeFlags = lib.optionals (stdenv.hostPlatform.linux-kernel ? makeFlags) stdenv.hostPlatform.linux-kernel.makeFlags ++ extraMakeFlags; diff --git a/pkgs/os-specific/linux/kernel/kernels-org.json b/pkgs/os-specific/linux/kernel/kernels-org.json index 08222392499..67c92440f19 100644 --- a/pkgs/os-specific/linux/kernel/kernels-org.json +++ b/pkgs/os-specific/linux/kernel/kernels-org.json @@ -7,10 +7,6 @@ "version": "6.5.10", "hash": "sha256:12sswml8jvabv6bqx35lg3jj6gq8jjk365rghjngdy5d0j34jpx1" }, - "6.4": { - "version": "6.4.16", - "hash": "sha256:0zgj1z97jyx7wf12zrnlcp0mj4cl43ais9qsy6dh1jwylf2fq9ln" - }, "6.1": { "version": "6.1.61", "hash": "sha256:1kk4d7ph6pvgdrdmaklg15wf58nw9n7yqgkag7jdvqinzh99sb5d" diff --git a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix index 0763ffda26b..c58c4e67e4d 100644 --- a/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix +++ b/pkgs/os-specific/linux/kernel/linux-testing-bcachefs.nix @@ -6,27 +6,32 @@ # bcachefs-tools stores the expected-revision in: # https://evilpiepirate.org/git/bcachefs-tools.git/tree/.bcachefs_revision # but this does not means that it'll be the latest-compatible revision -, currentCommit ? "84f132d5696138bb038d2dc8f1162d2fab5ac832" -, diffHash ? "sha256-RaBWBU7rXjJFb1euFAFBHWCBQAG7npaCodjp/vMYpyw=" +, currentCommit ? "4d2faeb4fb58c389dc9f76b8d5ae991ef4497e04" +, diffHash ? "sha256-DtMc8P4lTRzvS6PVvD7WtWEPsfnxIXSpqMsKKWs+edI=" , kernelPatches # must always be defined in bcachefs' all-packages.nix entry because it's also a top-level attribute supplied by callPackage , argsOverride ? {} , ... } @ args: - # NOTE: bcachefs-tools should be updated simultaneously to preserve compatibility (kernel.override ( args // { - version = "${kernel.version}-bcachefs-unstable-${commitDate}"; - extraMeta = { - branch = "master"; - broken = stdenv.isAarch64; - maintainers = with lib.maintainers; [ davidak Madouura pedrohlc raitobezarius ]; - }; + argsOverride = { + version = "${kernel.version}-bcachefs-unstable-${commitDate}"; + modDirVersion = kernel.modDirVersion; + + extraMeta = { + homepage = "https://bcachefs.org/"; + branch = "master"; + maintainers = with lib.maintainers; [ davidak Madouura pedrohlc raitobezarius YellowOnion ]; + }; + } // argsOverride; structuredExtraConfig = with lib.kernel; { BCACHEFS_FS = module; BCACHEFS_QUOTA = option yes; BCACHEFS_POSIX_ACL = option yes; + # useful for bug reports + FTRACE = option yes; }; kernelPatches = [ { diff --git a/pkgs/os-specific/linux/kernel/manual-config.nix b/pkgs/os-specific/linux/kernel/manual-config.nix index d5b67b5efbe..2ba31fbc978 100644 --- a/pkgs/os-specific/linux/kernel/manual-config.nix +++ b/pkgs/os-specific/linux/kernel/manual-config.nix @@ -1,5 +1,5 @@ { lib, stdenv, buildPackages, runCommand, nettools, bc, bison, flex, perl, rsync, gmp, libmpc, mpfr, openssl -, libelf, cpio, elfutils, zstd, python3Minimal, zlib, pahole, kmod +, libelf, cpio, elfutils, zstd, python3Minimal, zlib, pahole, kmod, ubootTools , fetchpatch }: @@ -120,10 +120,6 @@ let # Ensure that depmod gets resolved through PATH sed -i Makefile -e 's|= /sbin/depmod|= depmod|' - # fixup for pre-5.4 kernels using the $(cd $foo && /bin/pwd) pattern - # FIXME: remove when no longer needed - substituteInPlace Makefile tools/scripts/Makefile.include --replace /bin/pwd pwd - # Don't include a (random) NT_GNU_BUILD_ID, to make the build more deterministic. # This way kernels can be bit-by-bit reproducible depending on settings # (e.g. MODULE_SIG and SECURITY_LOCKDOWN_LSM need to be disabled). @@ -368,8 +364,7 @@ stdenv.mkDerivation ((drvAttrs config stdenv.hostPlatform.linux-kernel kernelPat enableParallelBuilding = true; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr zstd python3Minimal kmod ] - ++ optional (stdenv.hostPlatform.linux-kernel.target == "uImage") buildPackages.ubootTools + nativeBuildInputs = [ perl bc nettools openssl rsync gmp libmpc mpfr zstd python3Minimal kmod ubootTools ] ++ optional (lib.versionOlder version "5.8") libelf ++ optionals (lib.versionAtLeast version "4.16") [ bison flex ] ++ optionals (lib.versionAtLeast version "5.2") [ cpio pahole zlib ] diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix index 43969919fb0..a55588b2cea 100644 --- a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -2,6 +2,9 @@ let # These names are how they are designated in https://xanmod.org. + + # NOTE: When updating these, please also take a look at the changes done to + # kernel config in the xanmod version commit ltsVariant = { version = "6.1.60"; hash = "sha256-KYCeONJxyFPee4pvBLRw/MBTzPU7D2oZCrAVr3t/yPM="; @@ -26,21 +29,10 @@ let }; structuredExtraConfig = with lib.kernel; { - # AMD P-state driver - X86_AMD_PSTATE = lib.mkOverride 60 yes; - # Google's BBRv3 TCP congestion Control TCP_CONG_BBR = yes; DEFAULT_BBR = yes; - # FQ-PIE Packet Scheduling - NET_SCH_DEFAULT = yes; - DEFAULT_FQ_PIE = yes; - - # Futex WAIT_MULTIPLE implementation for Wine / Proton Fsync. - FUTEX = yes; - FUTEX_PI = yes; - # WineSync driver for fast kernel-backed Wine WINESYNC = module; diff --git a/pkgs/os-specific/linux/kmod/default.nix b/pkgs/os-specific/linux/kmod/default.nix index 0843ca3556a..3f971e7a6ed 100644 --- a/pkgs/os-specific/linux/kmod/default.nix +++ b/pkgs/os-specific/linux/kmod/default.nix @@ -12,7 +12,7 @@ let in stdenv.mkDerivation rec { pname = "kmod"; - version = "30"; + version = "31"; # autogen.sh is missing from the release tarball, # and we need to run it to regenerate gtk_doc.make, @@ -21,7 +21,7 @@ in stdenv.mkDerivation rec { # https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/commit/.gitignore?id=61a93a043aa52ad62a11ba940d4ba93cb3254e78 src = fetchzip { url = "https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git/snapshot/kmod-${version}.tar.gz"; - sha256 = "sha256-/dih2LoqgRrAsVdHRwld28T8pXgqnzapnQhqkXnxbbc="; + hash = "sha256-FNR015/AoYBbi7Eb1M2TXH3yxUuddKICCu+ot10CdeQ="; }; outputs = [ "out" "dev" "lib" ] ++ lib.optional withDevdoc "devdoc"; diff --git a/pkgs/os-specific/linux/numatop/default.nix b/pkgs/os-specific/linux/numatop/default.nix index ad0138f18b7..f4995264b09 100644 --- a/pkgs/os-specific/linux/numatop/default.nix +++ b/pkgs/os-specific/linux/numatop/default.nix @@ -16,12 +16,14 @@ stdenv.mkDerivation rec { patches = [ (fetchpatch { - url = "https://github.com/intel/numatop/pull/54.patch"; + # https://github.com/intel/numatop/pull/54 + url = "https://github.com/intel/numatop/compare/eab0ac5253c5843aa0f0ac36e2eec7612207711b...c1001fd926c24eae2d40729492e07270ce133b72.patch"; sha256 = "sha256-TbMLv7TT9T8wE4uJ1a/AroyPPwrwL0eX5IBLsh9GTTM="; name = "fix-string-operations.patch"; }) (fetchpatch { - url = "https://github.com/intel/numatop/pull/64.patch"; + # https://github.com/intel/numatop/pull/64 + url = "https://github.com/intel/numatop/commit/635e2ce2ccb1ac793cc276a7fcb8a92b1ffefa5d.patch"; sha256 = "sha256-IevbSFJRTS5iQ5apHOVXzF67f3LJaW6j7DySFmVuyiM="; name = "fix-format-strings-mvwprintw.patch"; }) diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index b7824f20977..fbb116ab42a 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup unpackManually() { diff --git a/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh b/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh index 34f9b157945..ed2c60da261 100644 --- a/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh +++ b/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup mkdir -p $out/lib diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index b16bebbe3d6..9a0b2161ce4 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -1,5 +1,8 @@ -{ lib, stdenv, buildPackages, fetchurl, flex, cracklib, db4, gettext, audit, libxcrypt +{ lib, stdenv, buildPackages, fetchurl +, fetchpatch +, flex, cracklib, db4, gettext, audit, libxcrypt , nixosTests +, autoreconfHook269, pkg-config-unwrapped }: stdenv.mkDerivation rec { @@ -11,12 +14,24 @@ stdenv.mkDerivation rec { sha256 = "sha256-5OxxMakdpEUSV0Jo9JPG2MoQXIcJFpG46bVspoXU+U0="; }; - patches = [ ./suid-wrapper-path.patch ]; + patches = [ + ./suid-wrapper-path.patch + # Pull support for localization on non-default --prefix: + # https://github.com/NixOS/nixpkgs/issues/249010 + # https://github.com/linux-pam/linux-pam/pull/604 + (fetchpatch { + name = "bind-locales.patch"; + url = "https://github.com/linux-pam/linux-pam/commit/77bd338125cde583ecdfb9fd69619bcd2baf15c2.patch"; + hash = "sha256-tlc9RcLZpEH315NFD4sdN9yOco8qhC6+bszl4OHm+AI="; + }) + ]; outputs = [ "out" "doc" "man" /* "modules" */ ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ flex ] + # autoreconfHook269 is needed for `bind-locales.patch` above + # pkg-config-unwrapped is needed for `AC_CHECK_LIB` and `AC_SEARCH_LIBS` + nativeBuildInputs = [ flex autoreconfHook269 pkg-config-unwrapped ] ++ lib.optional stdenv.buildPlatform.isDarwin gettext; buildInputs = [ cracklib db4 libxcrypt ] diff --git a/pkgs/os-specific/linux/pam_p11/default.nix b/pkgs/os-specific/linux/pam_p11/default.nix index 8970f7ed628..0a7e02f4ad8 100644 --- a/pkgs/os-specific/linux/pam_p11/default.nix +++ b/pkgs/os-specific/linux/pam_p11/default.nix @@ -13,8 +13,10 @@ stdenv.mkDerivation rec { patches = [ # fix with openssl 3.x + # https://github.com/OpenSC/pam_p11/pull/22 (fetchpatch { - url = "https://github.com/OpenSC/pam_p11/pull/22.patch"; + name = "OpenSC-pam_p11-pull-22.patch"; + url = "https://github.com/OpenSC/pam_p11/compare/cd4eba2e921e1c2f93cde71922a76af99376246c...debd4f7acfaf998cfe4002e0be5c35ad9a9591b5.patch"; excludes = [ ".github/build.sh" ]; hash = "sha256-bm/agnBgvrr8L8yoGK4gzBqOGgsNWf9NIgcNJG7proE="; }) diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index 746f9b17a69..38fec65b333 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -17,13 +17,13 @@ in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.14.0"; + version = "4.14.1"; src = fetchFromGitHub { owner = "shadow-maint"; repo = pname; rev = version; - hash = "sha256-zopJevCv7ot8RLp/rSQGKO05eF4FjkLaOEMo9aq9Afo="; + hash = "sha256-DzPPnttnJSOMQwXWyFcz6fEtjwBC3p2PpZpBAQ/Ew18="; }; outputs = [ "out" "su" "dev" "man" ]; diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 01054fa7fc6..809bf48be1e 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -134,6 +134,8 @@ , withUtmp ? !stdenv.hostPlatform.isMusl # tests assume too much system access for them to be feasible for us right now , withTests ? false + # build only libudev and libsystemd +, buildLibsOnly ? false # name argument , pname ? "systemd" @@ -202,6 +204,14 @@ stdenv.mkDerivation (finalAttrs: { ./0017-core-don-t-taint-on-unmerged-usr.patch ./0018-tpm2_context_init-fix-driver-name-checking.patch ./0019-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch + + # Fix for `RuntimeError: ELF .dynamic section is missing.` + # https://github.com/systemd/systemd/issues/29381 + # https://github.com/systemd/systemd/pull/29392 + (fetchpatch { + url = "https://github.com/systemd/systemd/commit/cecbb162a3134b43d2ca160e13198c73ff34c3ef.patch"; + hash = "sha256-hWpUosTDA18mYm5nIb9KnjwOlnzbEHgzha/WpyHoC54="; + }) ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -372,7 +382,7 @@ stdenv.mkDerivation (finalAttrs: { patchShebangs tools test src/!(rpm|kernel-install|ukify) src/kernel-install/test-kernel-install.sh ''; - outputs = [ "out" "man" "dev" ]; + outputs = [ "out" "dev" ] ++ (lib.optional (!buildLibsOnly) "man"); nativeBuildInputs = [ @@ -436,7 +446,7 @@ stdenv.mkDerivation (finalAttrs: { ++ lib.optional withUkify (python3Packages.python.withPackages (ps: with ps; [ pefile ])) ; - #dontAddPrefix = true; + mesonBuildType = "release"; mesonFlags = [ "-Dversion-tag=${version}" @@ -697,7 +707,9 @@ stdenv.mkDerivation (finalAttrs: { export DESTDIR=/ ''; - postInstall = '' + mesonInstallTags = lib.optionals buildLibsOnly [ "devel" "libudev" "libsystemd" ]; + + postInstall = lib.optionalString (!buildLibsOnly) '' mkdir -p $out/example/systemd mv $out/lib/{binfmt.d,sysctl.d,tmpfiles.d} $out/example mv $out/lib/systemd/{system,user} $out/example/systemd @@ -715,7 +727,7 @@ stdenv.mkDerivation (finalAttrs: { find $out -name "*kernel-install*" -exec rm {} \; '' + lib.optionalString (!withDocumentation) '' rm -rf $out/share/doc - '' + lib.optionalString withKmod '' + '' + lib.optionalString (withKmod && !buildLibsOnly) '' mv $out/lib/modules-load.d $out/example ''; diff --git a/pkgs/os-specific/linux/util-linux/bcachefs-patch-set.patch b/pkgs/os-specific/linux/util-linux/bcachefs-patch-set.patch new file mode 100644 index 00000000000..068744d4f32 --- /dev/null +++ b/pkgs/os-specific/linux/util-linux/bcachefs-patch-set.patch @@ -0,0 +1,277 @@ +commit 68564ebb50f8afab5a9527c534417e247cca0b27 +Author: Filipe Manana <fdmanana@kernel.org> +Date: Thu Aug 17 10:20:13 2023 +0100 + + libmount: Fix regression when mounting with atime + + A regression was introduced in v2.39 that causes mounting with the atime + option to fail: + + $ mkfs.ext4 -F /dev/sdi + $ mount -o atime /dev/sdi /mnt/sdi + mount: /mnt/sdi: not mount point or bad option. + dmesg(1) may have more information after failed mount system call. + + The failure comes from the mount_setattr(2) call returning -EINVAL. This + is because we pass an invalid value for the attr_clr argument. From a + strace capture we have: + + mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=0, attr_clr=MOUNT_ATTR_NOATIME, propagation=0 /* MS_??? */, userns_fd=0}, 32) = -1 EINVAL (Invalid argument) + + We can't pass MOUNT_ATTR_NOATIME to mount_setattr(2) through the attr_clr + argument because all atime options are exclusive, so in order to set atime + one has to pass MOUNT_ATTR__ATIME to attr_clr and leave attr_set as + MOUNT_ATTR_RELATIME (which is defined as a value of 0). + + This can be read from the man page for mount_setattr(2) and also from the + kernel source: + + $ cat fs/namespace.c + static int build_mount_kattr(const struct mount_attr *attr, size_t usize, + struct mount_kattr *kattr, unsigned int flags) + { + (...) + /* + * Since the MOUNT_ATTR_<atime> values are an enum, not a bitmap, + * users wanting to transition to a different atime setting cannot + * simply specify the atime setting in @attr_set, but must also + * specify MOUNT_ATTR__ATIME in the @attr_clr field. + * So ensure that MOUNT_ATTR__ATIME can't be partially set in + * @attr_clr and that @attr_set can't have any atime bits set if + * MOUNT_ATTR__ATIME isn't set in @attr_clr. + */ + if (attr->attr_clr & MOUNT_ATTR__ATIME) { + if ((attr->attr_clr & MOUNT_ATTR__ATIME) != MOUNT_ATTR__ATIME) + return -EINVAL; + + /* + * Clear all previous time settings as they are mutually + * exclusive. + */ + kattr->attr_clr |= MNT_RELATIME | MNT_NOATIME; + switch (attr->attr_set & MOUNT_ATTR__ATIME) { + case MOUNT_ATTR_RELATIME: + kattr->attr_set |= MNT_RELATIME; + break; + case MOUNT_ATTR_NOATIME: + kattr->attr_set |= MNT_NOATIME; + break; + case MOUNT_ATTR_STRICTATIME: + break; + default: + return -EINVAL; + } + (...) + + So fix this by setting attr_clr MOUNT_ATTR__ATIME if we want to clear any + atime related option. + + Signed-off-by: Filipe Manana <fdmanana@kernel.org> + +diff --git a/libmount/src/optlist.c b/libmount/src/optlist.c +index 1e962ec6d..0702adae7 100644 +--- a/libmount/src/optlist.c ++++ b/libmount/src/optlist.c +@@ -875,7 +875,18 @@ int mnt_optlist_get_attrs(struct libmnt_optlist *ls, uint64_t *set, uint64_t *cl + + if (opt->ent->mask & MNT_INVERT) { + DBG(OPTLIST, ul_debugobj(ls, " clr: %s", opt->ent->name)); +- *clr |= x; ++ /* ++ * All atime settings are mutually exclusive so *clr must ++ * have MOUNT_ATTR__ATIME set. ++ * ++ * See the function fs/namespace.c:build_mount_kattr() ++ * in the linux kernel source. ++ */ ++ if (x == MOUNT_ATTR_RELATIME || x == MOUNT_ATTR_NOATIME || ++ x == MOUNT_ATTR_STRICTATIME) ++ *clr |= MOUNT_ATTR__ATIME; ++ else ++ *clr |= x; + } else { + DBG(OPTLIST, ul_debugobj(ls, " set: %s", opt->ent->name)); + *set |= x; +diff --git a/tests/expected/libmount/context-mount-flags b/tests/expected/libmount/context-mount-flags +index 960641863..eb71323dd 100644 +--- a/tests/expected/libmount/context-mount-flags ++++ b/tests/expected/libmount/context-mount-flags +@@ -3,3 +3,6 @@ ro,nosuid,noexec + successfully mounted + rw,nosuid,noexec + successfully umounted ++successfully mounted ++rw,relatime ++successfully umounted +diff --git a/tests/ts/libmount/context b/tests/ts/libmount/context +index f5b47185e..a5d2e81a3 100755 +--- a/tests/ts/libmount/context ++++ b/tests/ts/libmount/context +@@ -116,8 +116,15 @@ $TS_CMD_FINDMNT --kernel --mountpoint $MOUNTPOINT -o VFS-OPTIONS -n >> $TS_OUTPU + + ts_run $TESTPROG --umount $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG + is_mounted $DEVICE && echo "$DEVICE still mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG +-ts_finalize_subtest + ++# Test that the atime option works after the migration to use the new kernel mount APIs. ++ts_run $TESTPROG --mount -o atime $DEVICE $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG ++$TS_CMD_FINDMNT --kernel --mountpoint $MOUNTPOINT -o VFS-OPTIONS -n >> $TS_OUTPUT 2>> $TS_ERRLOG ++is_mounted $DEVICE || echo "$DEVICE not mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG ++ts_run $TESTPROG --umount $MOUNTPOINT >> $TS_OUTPUT 2>> $TS_ERRLOG ++is_mounted $DEVICE && echo "$DEVICE still mounted" >> $TS_OUTPUT 2>> $TS_ERRLOG ++ ++ts_finalize_subtest + + ts_init_subtest "mount-loopdev" + mkdir -p $MOUNTPOINT &> /dev/null + +commit 1ec71634aa4ef5ddca23d65c8a296f3614231e8a +Author: Colin Gillespie <colin@cgillespie.xyz> +Date: Wed Aug 9 18:28:07 2023 +1000 + + libblkid: (bcachefs) fix not detecting large superblocks + + Probing does not detect bcachefs filesystems with a superblock larger + than 4KiB. Bcachefs superblocks grow in size and can become much larger + than this. + + Increase the superblock maximum size limit to 1MiB. + + Validate the superblock isn't larger than the maximum size defined in + the superblocks layout section. + + (cherry picked from commit 48d573797797650d96456979797c0155d58f61cb) + +diff --git a/libblkid/src/superblocks/bcache.c b/libblkid/src/superblocks/bcache.c +index 40e702d75..236877042 100644 +--- a/libblkid/src/superblocks/bcache.c ++++ b/libblkid/src/superblocks/bcache.c +@@ -102,6 +102,15 @@ union bcachefs_sb_csum { + uint8_t raw[16]; + } __attribute__((packed)); + ++struct bcachefs_sb_layout { ++ uint8_t magic[16]; ++ uint8_t layout_type; ++ uint8_t sb_max_size_bits; ++ uint8_t nr_superblocks; ++ uint8_t pad[5]; ++ uint64_t sb_offset[61]; ++} __attribute__((packed)); ++ + struct bcachefs_super_block { + union bcachefs_sb_csum csum; + uint16_t version; +@@ -123,7 +132,7 @@ struct bcachefs_super_block { + uint64_t flags[8]; + uint64_t features[2]; + uint64_t compat[2]; +- uint8_t layout[512]; ++ struct bcachefs_sb_layout layout; + struct bcachefs_sb_field _start[]; + } __attribute__((packed)); + +@@ -143,7 +152,7 @@ struct bcachefs_super_block { + /* granularity of offset and length fields within superblock */ + #define BCACHEFS_SECTOR_SIZE 512 + /* maximum superblock size */ +-#define BCACHEFS_SB_MAX_SIZE 4096 ++#define BCACHEFS_SB_MAX_SIZE 0x100000 + /* fields offset within super block */ + #define BCACHEFS_SB_FIELDS_OFF offsetof(struct bcachefs_super_block, _start) + /* tag value for members field */ +@@ -302,6 +311,9 @@ static int probe_bcachefs(blkid_probe pr, const struct blkid_idmag *mag) + return BLKID_PROBE_NONE; + + sb_size = BCACHEFS_SB_FIELDS_OFF + BYTES(bcs); ++ if (sb_size > BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits) ++ return BLKID_PROBE_NONE; ++ + if (sb_size > BCACHEFS_SB_MAX_SIZE) + return BLKID_PROBE_NONE; + + +commit acbf17ae8f8ee0f941fe98ed12f115f2b349bba8 +Author: Karel Zak <kzak@redhat.com> +Date: Wed Aug 23 11:53:45 2023 +0200 + + libblkid: (bcachefs) fix compiler warning [-Werror=sign-compare] + + Addresses: https://github.com/util-linux/util-linux/pull/2427 + Signed-off-by: Karel Zak <kzak@redhat.com> + (cherry picked from commit 17873d38fc97913c0a31d4bd08cfbfe45c4de5be) + +diff --git a/libblkid/src/superblocks/bcache.c b/libblkid/src/superblocks/bcache.c +index 236877042..6ab3fe9d4 100644 +--- a/libblkid/src/superblocks/bcache.c ++++ b/libblkid/src/superblocks/bcache.c +@@ -311,7 +311,7 @@ static int probe_bcachefs(blkid_probe pr, const struct blkid_idmag *mag) + return BLKID_PROBE_NONE; + + sb_size = BCACHEFS_SB_FIELDS_OFF + BYTES(bcs); +- if (sb_size > BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits) ++ if (sb_size > ((uint64_t) BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits)) + return BLKID_PROBE_NONE; + + if (sb_size > BCACHEFS_SB_MAX_SIZE) + +commit 6b9fda87c4e5d0c6f945d7565197f157b9fa3d5f +Author: Thomas Weißschuh <thomas@t-8ch.de> +Date: Wed Aug 23 11:58:33 2023 +0200 + + libblkid: (bcachefs) fix size validation + + Avoid signed shift out-of-bounds. + + Also mark the constants explitly as unsigned instead of casting. + + Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de> + (cherry picked from commit befe455f59de8c7bc66b85ed52aae8cbc95325fa) + +diff --git a/libblkid/src/superblocks/bcache.c b/libblkid/src/superblocks/bcache.c +index 6ab3fe9d4..28ac4b52b 100644 +--- a/libblkid/src/superblocks/bcache.c ++++ b/libblkid/src/superblocks/bcache.c +@@ -142,17 +142,19 @@ struct bcachefs_super_block { + /* magic string len */ + #define BCACHE_SB_MAGIC_LEN (sizeof(BCACHE_SB_MAGIC) - 1) + /* super block offset */ +-#define BCACHE_SB_OFF 0x1000 ++#define BCACHE_SB_OFF 0x1000U + /* supper block offset in kB */ + #define BCACHE_SB_KBOFF (BCACHE_SB_OFF >> 10) + /* magic string offset within super block */ + #define BCACHE_SB_MAGIC_OFF offsetof(struct bcache_super_block, magic) + /* start of checksummed data within superblock */ +-#define BCACHE_SB_CSUMMED_START 8 ++#define BCACHE_SB_CSUMMED_START 8U + /* granularity of offset and length fields within superblock */ +-#define BCACHEFS_SECTOR_SIZE 512 ++#define BCACHEFS_SECTOR_SIZE 512U ++/* maximum superblock size shift */ ++#define BCACHEFS_SB_MAX_SIZE_SHIFT 0x10U + /* maximum superblock size */ +-#define BCACHEFS_SB_MAX_SIZE 0x100000 ++#define BCACHEFS_SB_MAX_SIZE (1U << BCACHEFS_SB_MAX_SIZE_SHIFT) + /* fields offset within super block */ + #define BCACHEFS_SB_FIELDS_OFF offsetof(struct bcachefs_super_block, _start) + /* tag value for members field */ +@@ -311,12 +313,16 @@ static int probe_bcachefs(blkid_probe pr, const struct blkid_idmag *mag) + return BLKID_PROBE_NONE; + + sb_size = BCACHEFS_SB_FIELDS_OFF + BYTES(bcs); +- if (sb_size > ((uint64_t) BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits)) +- return BLKID_PROBE_NONE; + + if (sb_size > BCACHEFS_SB_MAX_SIZE) + return BLKID_PROBE_NONE; + ++ if (bcs->layout.sb_max_size_bits > BCACHEFS_SB_MAX_SIZE_SHIFT) ++ return BLKID_PROBE_NONE; ++ ++ if (sb_size > (BCACHEFS_SECTOR_SIZE << bcs->layout.sb_max_size_bits)) ++ return BLKID_PROBE_NONE; ++ + sb = blkid_probe_get_sb_buffer(pr, mag, sb_size); + if (!sb) + return BLKID_PROBE_NONE; diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index 45c0d57cbff..d710fabb7ac 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -29,6 +29,7 @@ stdenv.mkDerivation rec { patches = [ ./rtcwake-search-PATH-for-shutdown.patch + ./bcachefs-patch-set.patch ]; # We separate some of the utilities into their own outputs. This |