grsecurity: 4.7.9-201610200819 -> 4.7.10-201610222037

Notably, this pulls in the dirtycow fix from upstream (but I've been unable to execute the POC exploits on grsec kernels without that fix ...)
2024-11-17 15:22:59 +01:00 · 2016-10-23 17:13:35 +02:00 · 2016-10-23 17:13:35 +02:00 · 5440c1a64c
commit 5440c1a64c
parent 9088abc337
2 changed files with 5 additions and 5 deletions
--- a/pkgs/os-specific/linux/kernel/linux-grsecurity.nix
+++ b/pkgs/os-specific/linux/kernel/linux-grsecurity.nix
@ -1,12 +1,12 @@
 { stdenv, fetchurl, perl, buildLinux, ... } @ args:

 import ./generic.nix (args // rec {
-  version = "4.7.9";
+  version = "4.7.10";
  extraMeta.branch = "4.7";

  src = fetchurl {
    url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "13g2b8ap2xyx0c35ka92j9j3x7mh610ax5fq2xl75787hqmdaf06";
+    sha256 = "1p2r5d0jcrak9gxp0339g9z198x9laf09h08ck4jllhhaajrnicj";
  };

  kernelPatches = args.kernelPatches;
--- a/pkgs/os-specific/linux/kernel/patches.nix
+++ b/pkgs/os-specific/linux/kernel/patches.nix
@ -86,9 +86,9 @@ rec {
  };

  grsecurity_testing = grsecPatch
-    { kver   = "4.7.9";
-      grrev  = "201610200819";
-      sha256 = "1q2j819g3yidd9m7myskx2g1rzrx3cw8fwjrzbbhaxv2kxjmrrjb";
+    { kver   = "4.7.10";
+      grrev  = "201610222037";
+      sha256 = "14zp8gsjgzp97mb479s27zzs2ya68dy1pb5izqqvp83xrx16rayc";
    };

  # This patch relaxes grsec constraints on the location of usermode helpers,