diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index ceb34fe0c76f..0f59d3ac7aad 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -558,6 +558,8 @@ let PERSISTENT_KEYRINGS = yes; # enable temporary caching of the last request_key() result KEYS_REQUEST_CACHE = whenAtLeast "5.3" yes; + # randomized slab caches + RANDOM_KMALLOC_CACHES = whenAtLeast "6.6" yes; } // optionalAttrs stdenv.hostPlatform.isx86_64 { # Enable Intel SGX X86_SGX = whenAtLeast "5.11" yes; @@ -572,6 +574,8 @@ let KVM_AMD_SEV = yes; # AMD SEV-SNP SEV_GUEST = whenAtLeast "5.19" module; + # Shadow stacks + X86_USER_SHADOW_STACK = whenAtLeast "6.6" yes; }; microcode = { diff --git a/pkgs/os-specific/linux/kernel/kernels-org.json b/pkgs/os-specific/linux/kernel/kernels-org.json index 926a172a7240..ab2775ab922d 100644 --- a/pkgs/os-specific/linux/kernel/kernels-org.json +++ b/pkgs/os-specific/linux/kernel/kernels-org.json @@ -34,5 +34,9 @@ "4.14": { "version": "4.14.328", "hash": "sha256:1igcpvnhwwrczfdsafmszvi0456k7f6j4cgpfw6v6afw09p95d8x" + }, + "6.6": { + "version": "6.6", + "hash": "sha256:1l2nisx9lf2vdgkq910n5ldbi8z25ky1zvl67zgwg2nxcdna09nr" } } diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index a6986c88419f..85ac74fae7db 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -493,6 +493,7 @@ mapAliases ({ linuxPackages_6_3 = linuxKernel.packages.linux_6_3; linuxPackages_6_4 = linuxKernel.packages.linux_6_4; linuxPackages_6_5 = linuxKernel.packages.linux_6_5; + linuxPackages_6_6 = linuxKernel.packages.linux_6_6; linuxPackages_rpi0 = linuxKernel.packages.linux_rpi1; linuxPackages_rpi02w = linuxKernel.packages.linux_rpi3; linuxPackages_rpi1 = linuxKernel.packages.linux_rpi1; @@ -517,6 +518,7 @@ mapAliases ({ linux_6_3 = linuxKernel.kernels.linux_6_3; linux_6_4 = linuxKernel.kernels.linux_6_4; linux_6_5 = linuxKernel.kernels.linux_6_5; + linux_6_6 = linuxKernel.kernels.linux_6_6; linux_rpi0 = linuxKernel.kernels.linux_rpi1; linux_rpi02w = linuxKernel.kernels.linux_rpi3; linux_rpi1 = linuxKernel.kernels.linux_rpi1; diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix index d796fa7164d0..e4b1133109f9 100644 --- a/pkgs/top-level/linux-kernels.nix +++ b/pkgs/top-level/linux-kernels.nix @@ -178,6 +178,14 @@ in { ]; }; + linux_6_6 = callPackage ../os-specific/linux/kernel/mainline.nix { + branch = "6.6"; + kernelPatches = [ + kernelPatches.bridge_stp_helper + kernelPatches.request_key_helper + ]; + }; + linux_testing = let testing = callPackage ../os-specific/linux/kernel/mainline.nix { # A special branch that tracks the kernel under the release process @@ -573,6 +581,7 @@ in { linux_5_15 = recurseIntoAttrs (packagesFor kernels.linux_5_15); linux_6_1 = recurseIntoAttrs (packagesFor kernels.linux_6_1); linux_6_5 = recurseIntoAttrs (packagesFor kernels.linux_6_5); + linux_6_6 = recurseIntoAttrs (packagesFor kernels.linux_6_6); } // lib.optionalAttrs config.allowAliases { linux_4_9 = throw "linux 4.9 was removed because it will reach its end of life within 22.11"; # Added 2022-11-08 linux_4_14 = throw "linux 4.14 was removed because it will reach its end of life within 23.11"; # Added 2023-10-11 @@ -633,7 +642,7 @@ in { packageAliases = { linux_default = packages.linux_6_1; # Update this when adding the newest kernel major version! - linux_latest = packages.linux_6_5; + linux_latest = packages.linux_6_6; linux_mptcp = throw "'linux_mptcp' has been moved to https://github.com/teto/mptcp-flake"; linux_rt_default = packages.linux_rt_5_4; linux_rt_latest = packages.linux_rt_6_1;