Remove sec_perm patch that was needed by AUFS
Now the kernel is unpatched by default on non-MIPS!
This commit is contained in:
parent
20696f1620
commit
e4961c63f7
3 changed files with 5 additions and 44 deletions
|
@ -44,12 +44,6 @@ rec {
|
|||
features.apparmor = true;
|
||||
};
|
||||
|
||||
sec_perm_2_6_24 =
|
||||
{ name = "sec_perm-2.6.24";
|
||||
patch = ./sec_perm-2.6.24.patch;
|
||||
features.secPermPatch = true;
|
||||
};
|
||||
|
||||
no_xsave =
|
||||
{ name = "no-xsave";
|
||||
patch = ./no-xsave.patch;
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
Index: linux-2.6.24-rc3/security/security.c
|
||||
===================================================================
|
||||
RCS file: /ext1/sysadm/transparent/repository/linux-2.6.24-rc3/security/security.c,v
|
||||
retrieving revision 1.1
|
||||
retrieving revision 1.2
|
||||
diff -u -p -r1.1 -r1.2
|
||||
--- linux-2.6.24-rc3/security/security.c 21 Nov 2007 13:03:11 -0000 1.1
|
||||
+++ linux-2.6.24-rc3/security/security.c 21 Nov 2007 13:07:55 -0000 1.2
|
||||
@@ -409,6 +409,7 @@ int security_inode_permission(struct ino
|
||||
return 0;
|
||||
return security_ops->inode_permission(inode, mask, nd);
|
||||
}
|
||||
+EXPORT_SYMBOL(security_inode_permission);
|
||||
|
||||
int security_inode_setattr(struct dentry *dentry, struct iattr *attr)
|
||||
{
|
|
@ -6767,9 +6767,6 @@ let
|
|||
|
||||
linux_3_2 = makeOverridable (import ../os-specific/linux/kernel/linux-3.2.nix) {
|
||||
inherit fetchurl stdenv perl buildLinux;
|
||||
kernelPatches =
|
||||
[ kernelPatches.sec_perm_2_6_24
|
||||
];
|
||||
};
|
||||
|
||||
grsecurityOverrider = args: {
|
||||
|
@ -6817,9 +6814,7 @@ let
|
|||
|
||||
linux_3_4 = makeOverridable (import ../os-specific/linux/kernel/linux-3.4.nix) {
|
||||
inherit fetchurl stdenv perl buildLinux;
|
||||
kernelPatches =
|
||||
[ kernelPatches.sec_perm_2_6_24
|
||||
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
[ kernelPatches.mips_fpureg_emu
|
||||
kernelPatches.mips_fpu_sigill
|
||||
];
|
||||
|
@ -6839,10 +6834,7 @@ let
|
|||
|
||||
linux_3_10 = makeOverridable (import ../os-specific/linux/kernel/linux-3.10.nix) {
|
||||
inherit fetchurl stdenv perl buildLinux;
|
||||
kernelPatches =
|
||||
[
|
||||
kernelPatches.sec_perm_2_6_24
|
||||
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
[ kernelPatches.mips_fpureg_emu
|
||||
kernelPatches.mips_fpu_sigill
|
||||
kernelPatches.mips_ext3_n32
|
||||
|
@ -6860,10 +6852,7 @@ let
|
|||
|
||||
linux_3_11 = makeOverridable (import ../os-specific/linux/kernel/linux-3.11.nix) {
|
||||
inherit fetchurl stdenv perl buildLinux;
|
||||
kernelPatches =
|
||||
[
|
||||
kernelPatches.sec_perm_2_6_24
|
||||
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
[ kernelPatches.mips_fpureg_emu
|
||||
kernelPatches.mips_fpu_sigill
|
||||
kernelPatches.mips_ext3_n32
|
||||
|
@ -6872,10 +6861,7 @@ let
|
|||
|
||||
linux_3_12 = makeOverridable (import ../os-specific/linux/kernel/linux-3.12.nix) {
|
||||
inherit fetchurl stdenv perl buildLinux;
|
||||
kernelPatches =
|
||||
[
|
||||
kernelPatches.sec_perm_2_6_24
|
||||
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
[ kernelPatches.mips_fpureg_emu
|
||||
kernelPatches.mips_fpu_sigill
|
||||
kernelPatches.mips_ext3_n32
|
||||
|
@ -6884,10 +6870,7 @@ let
|
|||
|
||||
linux_3_13 = makeOverridable (import ../os-specific/linux/kernel/linux-3.13.nix) {
|
||||
inherit fetchurl stdenv perl buildLinux;
|
||||
kernelPatches =
|
||||
[
|
||||
kernelPatches.sec_perm_2_6_24
|
||||
] ++ lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
kernelPatches = lib.optionals ((platform.kernelArch or null) == "mips")
|
||||
[ kernelPatches.mips_fpureg_emu
|
||||
kernelPatches.mips_fpu_sigill
|
||||
kernelPatches.mips_ext3_n32
|
||||
|
|
Loading…
Reference in a new issue