From 750784d77c8d9508fc9d02468122a3148ae6beee Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Wed, 24 Mar 2021 21:12:24 +0000
Subject: [PATCH 01/24] sleuthkit: 4.10.1 -> 4.10.2

---
 pkgs/tools/system/sleuthkit/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/tools/system/sleuthkit/default.nix b/pkgs/tools/system/sleuthkit/default.nix
index cf88dc846fb..be4eaf5f079 100644
--- a/pkgs/tools/system/sleuthkit/default.nix
+++ b/pkgs/tools/system/sleuthkit/default.nix
@@ -1,14 +1,14 @@
 { lib, stdenv, fetchFromGitHub, autoreconfHook, libewf, afflib, openssl, zlib }:
 
 stdenv.mkDerivation rec {
-  version = "4.10.1";
+  version = "4.10.2";
   pname = "sleuthkit";
 
   src = fetchFromGitHub {
     owner = "sleuthkit";
     repo = "sleuthkit";
     rev = "${pname}-${version}";
-    sha256 = "142kkpkpawpqyc88pr6xdvlagw6djaah1schyjxq9qdq9cnqx0dw";
+    sha256 = "sha256-N0/spV/Bxk/UNULPot82Vw1uTIxy/Arf84wqUp6W2Tc=";
   };
 
   postPatch = ''

From 52f33101dcc41a7a1b75a9f435ea83c4cf794e35 Mon Sep 17 00:00:00 2001
From: rowanG077 <goemansrowan@gmail.com>
Date: Thu, 25 Mar 2021 16:10:17 +0100
Subject: [PATCH 02/24] maintainers: add rowanG077

---
 maintainers/maintainer-list.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index 6270ac778ae..0562429f78d 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -8267,6 +8267,12 @@
       fingerprint = "1401 1B63 393D 16C1 AA9C  C521 8526 B757 4A53 6236";
     }];
   };
+  rowanG077 = {
+    email = "goemansrowan@gmail.com";
+    github = "rowanG077";
+    githubId = 7439756;
+    name = "Rowan Goemans";
+  };
   royneary = {
     email = "christian@ulrich.earth";
     github = "royneary";

From 84ec3af8024a4703f82e5050c9b7c3943d6faea4 Mon Sep 17 00:00:00 2001
From: rowanG077 <goemansrowan@gmail.com>
Date: Thu, 25 Mar 2021 16:10:57 +0100
Subject: [PATCH 03/24] powercap: init at 0.3.1

---
 pkgs/os-specific/linux/powercap/default.nix | 26 +++++++++++++++++++++
 pkgs/top-level/all-packages.nix             |  2 ++
 2 files changed, 28 insertions(+)
 create mode 100644 pkgs/os-specific/linux/powercap/default.nix

diff --git a/pkgs/os-specific/linux/powercap/default.nix b/pkgs/os-specific/linux/powercap/default.nix
new file mode 100644
index 00000000000..ad9de9f75d5
--- /dev/null
+++ b/pkgs/os-specific/linux/powercap/default.nix
@@ -0,0 +1,26 @@
+{ lib, stdenv, fetchFromGitHub, cmake }:
+
+stdenv.mkDerivation rec {
+  pname = "powercap";
+  version = "0.3.1";
+
+  src = fetchFromGitHub {
+    owner = "powercap";
+    repo = "powercap";
+    rev = "v${version}";
+    sha256 = "0f1sg1zsskcfralg9khwq7lmz25gvnyknza3bb0hmh1a9lw0jhdn";
+  };
+
+  nativeBuildInputs = [ cmake ];
+
+  cmakeFlags = [
+    "-DBUILD_SHARED_LIBS=On"
+  ];
+
+  meta = with lib; {
+    description = "Tools and library to read/write to the Linux power capping framework (sysfs interface)";
+    license = licenses.bsd3;
+    platforms = platforms.linux;
+    maintainers = with maintainers; [ rowanG077 ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 8dfaf25fc04..544a143152a 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -19429,6 +19429,8 @@ in
 
   power-calibrate = callPackage ../os-specific/linux/power-calibrate { };
 
+  powercap = callPackage ../os-specific/linux/powercap { };
+
   powerstat = callPackage ../os-specific/linux/powerstat { };
 
   smemstat = callPackage ../os-specific/linux/smemstat { };

From a11ee13c8a655edc73826031bf136c7170657b01 Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Fri, 26 Mar 2021 11:15:22 +0000
Subject: [PATCH 04/24] python38Packages.minidump: 0.0.15 -> 0.0.16

---
 pkgs/development/python-modules/minidump/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/python-modules/minidump/default.nix b/pkgs/development/python-modules/minidump/default.nix
index 60440ff4b48..45adc7adb74 100644
--- a/pkgs/development/python-modules/minidump/default.nix
+++ b/pkgs/development/python-modules/minidump/default.nix
@@ -5,11 +5,11 @@
 
 buildPythonPackage rec {
   pname = "minidump";
-  version = "0.0.15";
+  version = "0.0.16";
 
   src = fetchPypi {
     inherit pname version;
-    sha256 = "sha256-IVlzAsnl1KhErxWPi96hUFlIX4IN3Y9t8OicckdYUv0=";
+    sha256 = "65a71ca1da2b73ee96daa9d52e4fb9c9b80a849475502c6a1c2a80a68bd149b0";
   };
 
   # Upstream doesn't have tests

From 71b624a1ccd5c792fe5b2486863f6b51205769ab Mon Sep 17 00:00:00 2001
From: "Robert T. McGibbon" <rmcgibbo@gmail.com>
Date: Fri, 26 Mar 2021 09:50:31 -0400
Subject: [PATCH 05/24] python3Packages.apptools: 4.5.0 -> 5.1.0

---
 .../python-modules/apptools/default.nix       | 29 ++++++++++---------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/pkgs/development/python-modules/apptools/default.nix b/pkgs/development/python-modules/apptools/default.nix
index a03b051b11d..a6bb0584018 100644
--- a/pkgs/development/python-modules/apptools/default.nix
+++ b/pkgs/development/python-modules/apptools/default.nix
@@ -1,34 +1,35 @@
-{ lib, fetchPypi, buildPythonPackage, fetchpatch
+{ lib, fetchPypi, buildPythonPackage
 , configobj, six, traitsui
-, nose, tables, pandas
+, pytestCheckHook, tables, pandas
+, pythonOlder, importlib-resources
 }:
 
 buildPythonPackage rec {
   pname = "apptools";
-  version = "4.5.0";
+  version = "5.1.0";
 
   src = fetchPypi {
     inherit pname version;
-    sha256 = "10h52ibhr2aw076pivqxiajr9rpcr1mancg6xlpxzckcm3if02i6";
+    sha256 = "12x5lcs1cllpybz7f0i1lcwvmqsaa5n818wb2165lj049wqxx4yh";
   };
 
-  # PyTables issue; should be merged in next post-4.5.0 release (#117)
-  patches = [ (fetchpatch {
-      url = "https://github.com/enthought/apptools/commit/3734289d1a0ebd8513fa67f75288add31ed0113c.patch";
-      sha256 = "001012q1ib5cbib3nq1alh9ckzj588bfrywr8brkd1f6y1pgvngk";
-    })
+  propagatedBuildInputs = [
+    configobj
+    six
+    traitsui
+  ] ++ lib.optionals (pythonOlder "3.9") [
+    importlib-resources
   ];
 
-  propagatedBuildInputs = [ configobj six traitsui ];
-
   checkInputs = [
-    nose
     tables
     pandas
+    pytestCheckHook
   ];
 
-  doCheck = true;
-  checkPhase = "HOME=$TMP nosetests";
+  preCheck = ''
+    export HOME=$TMP
+  '';
 
   meta = with lib; {
     description = "Set of packages that Enthought has found useful in creating a number of applications.";

From 9f16573a14cc0c92dafdb6cf6011e7c2590937c3 Mon Sep 17 00:00:00 2001
From: Ryan Horiguchi <ryan.horiguchi@gmail.com>
Date: Fri, 26 Mar 2021 17:47:50 +0100
Subject: [PATCH 06/24] vscode-extensions.gruntfuggly.todo-tree: 0.0.206 ->
 0.0.208

---
 pkgs/misc/vscode-extensions/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/misc/vscode-extensions/default.nix b/pkgs/misc/vscode-extensions/default.nix
index 4fb1602c5bf..3f77906bce3 100644
--- a/pkgs/misc/vscode-extensions/default.nix
+++ b/pkgs/misc/vscode-extensions/default.nix
@@ -465,8 +465,8 @@ let
         mktplcRef = {
           name = "todo-tree";
           publisher = "Gruntfuggly";
-          version = "0.0.206";
-          sha256 = "1xalwk2bndb73p8p2b4w5qz7m1n80xyw67wb5qlq1rrfjchhicyv";
+          version = "0.0.208";
+          sha256 = "1yjz7i3f2f9a3i797vwa9vnxsh9lyxqr4k0ixx8v55h628kvafr9";
         };
         meta = with lib; {
           license = licenses.mit;

From 29d3a57806b9aff4dcff258fff9a156fd880b30c Mon Sep 17 00:00:00 2001
From: "Robert T. McGibbon" <rmcgibbo@gmail.com>
Date: Fri, 26 Mar 2021 14:15:41 -0400
Subject: [PATCH 07/24] python39Packages.pyregion: unbreak (#117630)

---
 .../python-modules/pyregion/default.nix       | 27 +++++++++++--------
 1 file changed, 16 insertions(+), 11 deletions(-)

diff --git a/pkgs/development/python-modules/pyregion/default.nix b/pkgs/development/python-modules/pyregion/default.nix
index 86a5ef6bfe0..6d33e18e4f9 100644
--- a/pkgs/development/python-modules/pyregion/default.nix
+++ b/pkgs/development/python-modules/pyregion/default.nix
@@ -1,13 +1,13 @@
 { lib
 , buildPythonPackage
-, fetchPypi
+, fetchFromGitHub
 , fetchpatch
 , pyparsing
 , numpy
 , cython
 , astropy
 , astropy-helpers
-, pytest
+, pytestCheckHook
 , pytest-astropy
 }:
 
@@ -15,15 +15,18 @@ buildPythonPackage rec {
   pname = "pyregion";
   version = "2.0";
 
-  src = fetchPypi {
-    inherit pname version;
-    sha256 = "a8ac5f764b53ec332f6bc43f6f2193ca13e8b7d5a3fb2e20ced6b2ea42a9d094";
+  # pypi src contains cython-produced .c files which don't compile
+  # with python3.9
+  src = fetchFromGitHub {
+    owner = "astropy";
+    repo = pname;
+    rev = version;
+    sha256 = "1izar7z606czcyws9s8bjbpb1xhqshpv5009rlpc92hciw7jv4kg";
   };
 
   propagatedBuildInputs = [
     pyparsing
     numpy
-    cython
     astropy
   ];
 
@@ -36,9 +39,9 @@ buildPythonPackage rec {
     })
   ];
 
-  nativeBuildInputs = [ astropy-helpers ];
+  nativeBuildInputs = [ astropy-helpers cython ];
 
-  checkInputs = [ pytest pytest-astropy ];
+  checkInputs = [ pytestCheckHook pytest-astropy ];
 
   # Disable automatic update of the astropy-helper module
   postPatch = ''
@@ -46,9 +49,11 @@ buildPythonPackage rec {
   '';
 
   # Tests must be run in the build directory
-  checkPhase = ''
-    cd build/lib.*
-    pytest
+  preCheck = ''
+    pushd build/lib.*
+  '';
+  postCheck = ''
+    popd
   '';
 
   meta = with lib; {

From 0661cf48823bc0ec6aa8aecfef5debfb8b2d4dd4 Mon Sep 17 00:00:00 2001
From: Gabriel Ebner <gebner@gebner.org>
Date: Fri, 26 Mar 2021 18:47:19 +0100
Subject: [PATCH 08/24] elan: 0.10.3 -> 0.11.0

Also adapt the patchelf patch from rustup, since Lean 4 now dynamically
links to gmp.
---
 .../0001-dynamically-patchelf-binaries.patch  | 40 +++++++++++++++++++
 .../science/logic/elan/default.nix            | 34 +++++++++++++---
 2 files changed, 69 insertions(+), 5 deletions(-)
 create mode 100644 pkgs/applications/science/logic/elan/0001-dynamically-patchelf-binaries.patch

diff --git a/pkgs/applications/science/logic/elan/0001-dynamically-patchelf-binaries.patch b/pkgs/applications/science/logic/elan/0001-dynamically-patchelf-binaries.patch
new file mode 100644
index 00000000000..b382e6f9e75
--- /dev/null
+++ b/pkgs/applications/science/logic/elan/0001-dynamically-patchelf-binaries.patch
@@ -0,0 +1,40 @@
+diff --git a/src/elan-dist/src/component/package.rs b/src/elan-dist/src/component/package.rs
+index fd9fe74..0fefa39 100644
+--- a/src/elan-dist/src/component/package.rs
++++ b/src/elan-dist/src/component/package.rs
+@@ -50,11 +50,35 @@ fn unpack_without_first_dir<R: Read>(archive: &mut tar::Archive<R>, path: &Path)
+         };
+ 
+         try!(entry.unpack(&full_path).chain_err(|| ErrorKind::ExtractingPackage));
++        nix_patchelf_if_needed(&full_path);
+     }
+ 
+     Ok(())
+ }
+ 
++fn nix_patchelf_if_needed(dest_path: &Path) {
++    let (is_bin, is_lib) = if let Some(p) = dest_path.parent() {
++        (p.ends_with("bin"), p.ends_with("lib"))
++    } else {
++        (false, false)
++    };
++
++    if is_bin {
++        let _ = ::std::process::Command::new("@patchelf@/bin/patchelf")
++            .arg("--set-interpreter")
++            .arg("@dynamicLinker@")
++            .arg(dest_path)
++            .output();
++    }
++    else if is_lib {
++        let _ = ::std::process::Command::new("@patchelf@/bin/patchelf")
++            .arg("--set-rpath")
++            .arg("@libPath@")
++            .arg(dest_path)
++            .output();
++    }
++}
++
+ #[derive(Debug)]
+ pub struct ZipPackage<'a>(temp::Dir<'a>);
+ 
diff --git a/pkgs/applications/science/logic/elan/default.nix b/pkgs/applications/science/logic/elan/default.nix
index bb10998b2f4..fab930e2c7b 100644
--- a/pkgs/applications/science/logic/elan/default.nix
+++ b/pkgs/applications/science/logic/elan/default.nix
@@ -1,24 +1,46 @@
-{ lib, pkg-config, curl, openssl, zlib, fetchFromGitHub, rustPlatform }:
+{ stdenv, lib, runCommand, patchelf, makeWrapper, pkg-config, curl
+, openssl, gmp, zlib, fetchFromGitHub, rustPlatform }:
+
+let
+  libPath = lib.makeLibraryPath [ gmp ];
+in
 
 rustPlatform.buildRustPackage rec {
   pname = "elan";
-  version = "0.10.3";
+  version = "0.11.0";
 
   src = fetchFromGitHub {
     owner = "kha";
     repo = "elan";
     rev = "v${version}";
-    sha256 = "sha256-YkGfuqtvVfPcxJ8UqD5QidcNEy5brTWGEK4fR64Yz70=";
+    sha256 = "1sl69ygdwhf80sx6m76x5gp1kwsw0rr1lv814cgzm8hvyr6g0jqa";
   };
 
-  cargoSha256 = "sha256-2fYicpoEERwD4OjdpseKQOkDvZlb7NnOZcb6Tu+rQdA=";
+  cargoSha256 = "1f881maf8jizd5ip7pc1ncbiq7lpggp0byma13pvqk7gisnqyr4r";
 
-  nativeBuildInputs = [ pkg-config ];
+  nativeBuildInputs = [ pkg-config makeWrapper ];
 
+  OPENSSL_NO_VENDOR = 1;
   buildInputs = [ curl zlib openssl ];
 
   cargoBuildFlags = [ "--features no-self-update" ];
 
+  patches = lib.optionals stdenv.isLinux [
+    # Run patchelf on the downloaded binaries.
+    # This necessary because Lean 4 now dynamically links to GMP.
+    (runCommand "0001-dynamically-patchelf-binaries.patch" {
+        CC = stdenv.cc;
+        patchelf = patchelf;
+        libPath = "$ORIGIN/../lib:${libPath}";
+      } ''
+     export dynamicLinker=$(cat $CC/nix-support/dynamic-linker)
+     substitute ${./0001-dynamically-patchelf-binaries.patch} $out \
+       --subst-var patchelf \
+       --subst-var dynamicLinker \
+       --subst-var libPath
+    '')
+  ];
+
   postInstall = ''
     pushd $out/bin
     mv elan-init elan
@@ -27,6 +49,8 @@ rustPlatform.buildRustPackage rec {
     done
     popd
 
+    wrapProgram $out/bin/elan --prefix "LD_LIBRARY_PATH" : "${libPath}"
+
     # tries to create .elan
     export HOME=$(mktemp -d)
     mkdir -p "$out/share/"{bash-completion/completions,fish/vendor_completions.d,zsh/site-functions}

From 24ec2cd1ed0c44357cfb45b8a96a67580a9a8c6e Mon Sep 17 00:00:00 2001
From: midchildan <git@midchildan.org>
Date: Sat, 27 Mar 2021 03:18:29 +0900
Subject: [PATCH 09/24] llfuse: disable tests on Darwin (#117695)

Fixes #117665. The tests require macFUSE[1], an external dependency to
be installed.

[1]: https://osxfuse.github.io/
---
 pkgs/development/python-modules/llfuse/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/python-modules/llfuse/default.nix b/pkgs/development/python-modules/llfuse/default.nix
index 16adf1beabd..44aa9136b07 100644
--- a/pkgs/development/python-modules/llfuse/default.nix
+++ b/pkgs/development/python-modules/llfuse/default.nix
@@ -35,12 +35,12 @@ buildPythonPackage rec {
     ${python.interpreter} setup.py build_cython
   '';
 
+  # On Darwin, the test requires macFUSE to be installed outside of Nix.
+  doCheck = !stdenv.isDarwin;
   checkInputs = [ pytestCheckHook which ];
 
   disabledTests = [
     "test_listdir" # accesses /usr/bin
-  ] ++ lib.optionals stdenv.isDarwin [
-    "uses_fuse"
   ];
 
   meta = with lib; {

From 3b66c5fd8f41b028b8f8ab4abefe8850d3284dac Mon Sep 17 00:00:00 2001
From: Ryan Horiguchi <ryan.horiguchi@gmail.com>
Date: Fri, 26 Mar 2021 21:46:07 +0100
Subject: [PATCH 10/24] gnomeExtensions.unite: 47 -> 48

---
 pkgs/desktops/gnome-3/extensions/unite/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/desktops/gnome-3/extensions/unite/default.nix b/pkgs/desktops/gnome-3/extensions/unite/default.nix
index b6fae261ea1..e2f7f547579 100644
--- a/pkgs/desktops/gnome-3/extensions/unite/default.nix
+++ b/pkgs/desktops/gnome-3/extensions/unite/default.nix
@@ -1,13 +1,13 @@
 { lib, stdenv, gnome3, fetchFromGitHub, xprop, glib }:
 stdenv.mkDerivation rec {
   pname = "gnome-shell-extension-unite";
-  version = "47";
+  version = "48";
 
   src = fetchFromGitHub {
     owner = "hardpixel";
     repo = "unite-shell";
     rev = "v${version}";
-    sha256 = "1ia8x5mqwsd5gv7sg981h2ngcr3jdr60947iqvnp6xqcw4rc72lr";
+    sha256 = "1rc9h7zrg9pvyl619ychcp0w7wmnf4ndaq2knv490kzhy0idj18j";
   };
 
   uuid = "unite@hardpixel.eu";

From a7d6642cf304148073e98ec86534f9e7ff4ae36e Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 10:03:46 -0400
Subject: [PATCH 11/24] linux-testing: 5.11-rc5 -> 5.12-rc4

- Sound SOC support was refactored in
torvalds/linux@43df5242af4ed67e8811257ab1bfe6a07e4a5858

- GMA3600 is part of GMA500 as of
torvalds/linux@26499e0518a77de29e7db2c53fb0d0e9e15be8fb
---
 .../linux/kernel/common-config.nix            | 33 ++++++++++++-------
 .../linux/kernel/linux-testing.nix            |  6 ++--
 2 files changed, 25 insertions(+), 14 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index 4fef56077c0..7ba05d13293 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -244,8 +244,9 @@ let
       # Allow specifying custom EDID on the kernel command line
       DRM_LOAD_EDID_FIRMWARE = yes;
       VGA_SWITCHEROO         = yes; # Hybrid graphics support
+      DRM_GMA500             = whenAtLeast "5.12" module;
       DRM_GMA600             = yes;
-      DRM_GMA3600            = yes;
+      DRM_GMA3600            = whenOlder "5.12" yes;
       DRM_VMWGFX_FBCON       = yes;
       # necessary for amdgpu polaris support
       DRM_AMD_POWERPLAY = whenBetween "4.5" "4.9" yes;
@@ -288,21 +289,31 @@ let
       SND_SOC_SOF_TOPLEVEL              = yes;
       SND_SOC_SOF_ACPI                  = module;
       SND_SOC_SOF_PCI                   = module;
-      SND_SOC_SOF_APOLLOLAKE_SUPPORT    = yes;
-      SND_SOC_SOF_CANNONLAKE_SUPPORT    = yes;
-      SND_SOC_SOF_COFFEELAKE_SUPPORT    = yes;
+      SND_SOC_SOF_APOLLOLAKE            = whenAtLeast "5.12" module;
+      SND_SOC_SOF_APOLLOLAKE_SUPPORT    = whenOlder "5.12" yes;
+      SND_SOC_SOF_CANNONLAKE            = whenAtLeast "5.12" module;
+      SND_SOC_SOF_CANNONLAKE_SUPPORT    = whenOlder "5.12" yes;
+      SND_SOC_SOF_COFFEELAKE            = whenAtLeast "5.12" module;
+      SND_SOC_SOF_COFFEELAKE_SUPPORT    = whenOlder "5.12" yes;
+      SND_SOC_SOF_COMETLAKE             = whenAtLeast "5.12" module;
       SND_SOC_SOF_COMETLAKE_H_SUPPORT   = whenOlder "5.8" yes;
-      SND_SOC_SOF_COMETLAKE_LP_SUPPORT  = yes;
-      SND_SOC_SOF_ELKHARTLAKE_SUPPORT   = yes;
-      SND_SOC_SOF_GEMINILAKE_SUPPORT    = yes;
+      SND_SOC_SOF_COMETLAKE_LP_SUPPORT  = whenOlder "5.12" yes;
+      SND_SOC_SOF_ELKHARTLAKE           = whenAtLeast "5.12" module;
+      SND_SOC_SOF_ELKHARTLAKE_SUPPORT   = whenOlder "5.12" yes;
+      SND_SOC_SOF_GEMINILAKE            = whenAtLeast "5.12" module;
+      SND_SOC_SOF_GEMINILAKE_SUPPORT    = whenOlder "5.12" yes;
       SND_SOC_SOF_HDA_AUDIO_CODEC       = yes;
       SND_SOC_SOF_HDA_COMMON_HDMI_CODEC = whenOlder "5.7" yes;
       SND_SOC_SOF_HDA_LINK              = yes;
-      SND_SOC_SOF_ICELAKE_SUPPORT       = yes;
+      SND_SOC_SOF_ICELAKE               = whenAtLeast "5.12" module;
+      SND_SOC_SOF_ICELAKE_SUPPORT       = whenOlder "5.12" yes;
       SND_SOC_SOF_INTEL_TOPLEVEL        = yes;
-      SND_SOC_SOF_JASPERLAKE_SUPPORT    = yes;
-      SND_SOC_SOF_MERRIFIELD_SUPPORT    = yes;
-      SND_SOC_SOF_TIGERLAKE_SUPPORT     = yes;
+      SND_SOC_SOF_JASPERLAKE            = whenAtLeast "5.12" module;
+      SND_SOC_SOF_JASPERLAKE_SUPPORT    = whenOlder "5.12" yes;
+      SND_SOC_SOF_MERRIFIELD            = whenAtLeast "5.12" module;
+      SND_SOC_SOF_MERRIFIELD_SUPPORT    = whenOlder "5.12" yes;
+      SND_SOC_SOF_TIGERLAKE             = whenAtLeast "5.12" module;
+      SND_SOC_SOF_TIGERLAKE_SUPPORT     = whenOlder "5.12" yes;
     };
 
     usb-serial = {
diff --git a/pkgs/os-specific/linux/kernel/linux-testing.nix b/pkgs/os-specific/linux/kernel/linux-testing.nix
index 1ed116cdfde..06efc5da1ec 100644
--- a/pkgs/os-specific/linux/kernel/linux-testing.nix
+++ b/pkgs/os-specific/linux/kernel/linux-testing.nix
@@ -3,15 +3,15 @@
 with lib;
 
 buildLinux (args // rec {
-  version = "5.11-rc5";
-  extraMeta.branch = "5.11";
+  version = "5.12-rc4";
+  extraMeta.branch = "5.12";
 
   # modDirVersion needs to be x.y.z, will always add .0
   modDirVersion = if (modDirVersionArg == null) then builtins.replaceStrings ["-"] [".0-"] version else modDirVersionArg;
 
   src = fetchurl {
     url = "https://git.kernel.org/torvalds/t/linux-${version}.tar.gz";
-    sha256 = "029nps41nrym5qz9lq832cys4rai04ig5xp9ddvrpazzh0lfnr4q";
+    sha256 = "06i6xnfbyn522pj9zksx6ka01yxwv8dsrb2z517grv682sp8j70k";
   };
 
   # Should the testing kernels ever be built on Hydra?

From bd2bb9e381cd14f88753dba16e173e4080076421 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 10:07:06 -0400
Subject: [PATCH 12/24] linux-hardened: Enable KFENCE

"Kernel Electric-Fence (KFENCE) is a low-overhead sampling-based memory safety
error detector. KFENCE detects heap out-of-bounds access, use-after-free, and
invalid-free errors."
---
 pkgs/os-specific/linux/kernel/hardened/config.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pkgs/os-specific/linux/kernel/hardened/config.nix b/pkgs/os-specific/linux/kernel/hardened/config.nix
index e4a7522fe59..20f9f5aaa14 100644
--- a/pkgs/os-specific/linux/kernel/hardened/config.nix
+++ b/pkgs/os-specific/linux/kernel/hardened/config.nix
@@ -91,4 +91,6 @@ assert (versionAtLeast version "4.9");
   CC_STACKPROTECTOR_REGULAR = whenOlder "4.18" no;
   CC_STACKPROTECTOR_STRONG  = whenOlder "4.18" yes;
 
+  # Detect out-of-bound reads/writes and use-after-free
+  KFENCE = whenAtLeast "5.12" yes;
 }

From a17346234a55f3bf76d0d3db06ac20a2b1e43763 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 11:06:29 -0400
Subject: [PATCH 13/24] linux: 4.14.226 -> 4.14.227

---
 pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix
index 5052d3754b3..1dd2521dfb2 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix
@@ -3,7 +3,7 @@
 with lib;
 
 buildLinux (args // rec {
-  version = "4.14.226";
+  version = "4.14.227";
 
   # modDirVersion needs to be x.y.z, will automatically add .0 if needed
   modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "09llp8jl5xgxxzj0f2sfx32annwyz82k1zmgd26zy90lz0d09p3s";
+    sha256 = "1iz029v407xv81prrvg4gr2ql8hvm0mpj21x9picwv05pk2d68h7";
   };
 } // (args.argsOverride or {}))

From dcd01727b41555fa6743bb80c5290ff0ad8f9750 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 11:06:53 -0400
Subject: [PATCH 14/24] linux: 4.19.182 -> 4.19.183

---
 pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix
index 8d2f607dbf6..3530d022369 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.19.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix
@@ -3,7 +3,7 @@
 with lib;
 
 buildLinux (args // rec {
-  version = "4.19.182";
+  version = "4.19.183";
 
   # modDirVersion needs to be x.y.z, will automatically add .0 if needed
   modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "0r93mgvjypmj0glg0912vfq9zbagi59w4d88ynz5gm8sl05pbnq5";
+    sha256 = "1xd5hjdjbsw7kpj9csgi8kk4ki3z46sqbiigjsr71psivxfxkkxs";
   };
 } // (args.argsOverride or {}))

From c9dcff241e69398a9a7046a55cf0605b3e12f461 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 11:07:02 -0400
Subject: [PATCH 15/24] linux: 4.4.262 -> 4.4.263

---
 pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix
index 941a1dda9b9..b2b5c43722e 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix
@@ -1,11 +1,11 @@
 { buildPackages, fetchurl, perl, buildLinux, ... } @ args:
 
 buildLinux (args // rec {
-  version = "4.4.262";
+  version = "4.4.263";
   extraMeta.branch = "4.4";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "0yz9qi4i46ndshxmb99kvv7lk6cbb09y7bzagq7sgvqaj4lwaw6j";
+    sha256 = "1qqh3n09pn87n6f7ain3am8k7j043vzm65qcvccq9as129y5w1a2";
   };
 } // (args.argsOverride or {}))

From 57ea233d162916dc384f5c84ae231951eda5a0e2 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 11:07:14 -0400
Subject: [PATCH 16/24] linux: 4.9.262 -> 4.9.263

---
 pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix
index 6d9bb6111dc..c07e1c98d48 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix
@@ -1,11 +1,11 @@
 { buildPackages, fetchurl, perl, buildLinux, ... } @ args:
 
 buildLinux (args // rec {
-  version = "4.9.262";
+  version = "4.9.263";
   extraMeta.branch = "4.9";
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
-    sha256 = "1zq77x9zf1wbk8n17rnblm5lfwlkin1xnxb3sxirwb9njm07cbmj";
+    sha256 = "1dhmgyg6asqg1pmhnzqymwz4bm6gy8gi0n2gr794as38dhn2szwz";
   };
 } // (args.argsOverride or {}))

From 9ce0fb815c88e6028f3ce9a2c45cc02fc075e913 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 11:07:32 -0400
Subject: [PATCH 17/24] linux: 5.11.8 -> 5.11.9

---
 pkgs/os-specific/linux/kernel/linux-5.11.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-5.11.nix b/pkgs/os-specific/linux/kernel/linux-5.11.nix
index 6f59b234ef4..cf9302757f6 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.11.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.11.nix
@@ -3,7 +3,7 @@
 with lib;
 
 buildLinux (args // rec {
-  version = "5.11.8";
+  version = "5.11.9";
 
   # modDirVersion needs to be x.y.z, will automatically add .0 if needed
   modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
-    sha256 = "17y8q0gy4b00rms6pgglzmzz4msvmn2frqvln9vac39m78k3kyci";
+    sha256 = "0dcqn6s85sd4zl7rv8ay88p5z12xvy2rma0dx6g6b480rg68sxal";
   };
 } // (args.argsOverride or {}))

From 1c7273cc1759bd55fb8d2dc023730813dfda0cec Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Wed, 24 Mar 2021 11:07:39 -0400
Subject: [PATCH 18/24] linux: 5.4.107 -> 5.4.108

---
 pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix
index cb5e9ef7a22..fdb32a2476f 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix
@@ -3,7 +3,7 @@
 with lib;
 
 buildLinux (args // rec {
-  version = "5.4.107";
+  version = "5.4.108";
 
   # modDirVersion needs to be x.y.z, will automatically add .0 if needed
   modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
-    sha256 = "0q3m4d96d0hhhzn71aarh314i4cx9h3qvhhi5hrmcsrnbxafyg0w";
+    sha256 = "0wi1ql7brfsdzvwbxrxvg12zfm54lbdjvfzxk1l3xlqvq83sq4pj";
   };
 } // (args.argsOverride or {}))

From 6765e61ed4d59a982da6df7fa52bcd246cbb125b Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Thu, 25 Mar 2021 09:27:12 -0400
Subject: [PATCH 19/24] linux: 5.10.25 -> 5.10.26

---
 pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix
index 80b3ee780cd..623a3a14f10 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.10.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix
@@ -3,7 +3,7 @@
 with lib;
 
 buildLinux (args // rec {
-  version = "5.10.25";
+  version = "5.10.26";
 
   # modDirVersion needs to be x.y.z, will automatically add .0 if needed
   modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {
 
   src = fetchurl {
     url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
-    sha256 = "1p8s8vp5b6vjmvhj3plm0pr0d9qp5lrwm6l40a4bjr1vk9myf2lk";
+    sha256 = "10hlc020imxxh71nvxhnnmd66bcxndfyi78v7wv7y5mcy4rjhlzw";
   };
 } // (args.argsOverride or {}))

From 435366bdd38b96b03fb07f0400b983eadd92819f Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Thu, 25 Mar 2021 09:28:05 -0400
Subject: [PATCH 20/24] linux/hardened/patches/4.14: 4.14.226-hardened1 ->
 4.14.227-hardened1

---
 pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index d1d8c9c5559..4f40ab491c7 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -1,9 +1,9 @@
 {
     "4.14": {
         "extra": "-hardened1",
-        "name": "linux-hardened-4.14.226-hardened1.patch",
-        "sha256": "12h42fsr1sc2zgr1cb2ais0aivg4hpg9x4gc762r7cd4l40fyyg9",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.226-hardened1/linux-hardened-4.14.226-hardened1.patch"
+        "name": "linux-hardened-4.14.227-hardened1.patch",
+        "sha256": "0g8s91cvcxin95is7hhap5i8vkn4k3570s28vnz8mf0jrcgwdgfd",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.227-hardened1/linux-hardened-4.14.227-hardened1.patch"
     },
     "4.19": {
         "extra": "-hardened1",

From 98d48280b796f8838300051713257c78f7c582e3 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Thu, 25 Mar 2021 09:28:07 -0400
Subject: [PATCH 21/24] linux/hardened/patches/4.19: 4.19.182-hardened1 ->
 4.19.183-hardened1

---
 pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 4f40ab491c7..a315c991612 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -7,9 +7,9 @@
     },
     "4.19": {
         "extra": "-hardened1",
-        "name": "linux-hardened-4.19.182-hardened1.patch",
-        "sha256": "02848qbglzj0w8lwic0fp19zc2b3d229ghfn804qx2h2rxh48c96",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.182-hardened1/linux-hardened-4.19.182-hardened1.patch"
+        "name": "linux-hardened-4.19.183-hardened1.patch",
+        "sha256": "1xi4fkvdvf1rjhrihi7im415x26hwmvhf3zrklm8hw2rmajdfrca",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.183-hardened1/linux-hardened-4.19.183-hardened1.patch"
     },
     "5.10": {
         "extra": "-hardened1",

From 036646460b4729e3e5293ef4e992fe320c29cebb Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Thu, 25 Mar 2021 09:28:08 -0400
Subject: [PATCH 22/24] linux/hardened/patches/5.11: 5.11.8-hardened1 ->
 5.11.9-hardened1

---
 pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index a315c991612..ac265bccff0 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -19,9 +19,9 @@
     },
     "5.11": {
         "extra": "-hardened1",
-        "name": "linux-hardened-5.11.8-hardened1.patch",
-        "sha256": "1qlvhj8g6vkg3bsd3fl27n6j5c3ykcyypigf22vfy8yl55mnbmv6",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.11.8-hardened1/linux-hardened-5.11.8-hardened1.patch"
+        "name": "linux-hardened-5.11.9-hardened1.patch",
+        "sha256": "169jcalr81ckad08vx489h8j6k42s0rzxbpkr6knyrd7rv06ddk0",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.11.9-hardened1/linux-hardened-5.11.9-hardened1.patch"
     },
     "5.4": {
         "extra": "-hardened1",

From 6052a427a1f7ef3c174454fb822f265e03dfc4fe Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Thu, 25 Mar 2021 09:28:10 -0400
Subject: [PATCH 23/24] linux/hardened/patches/5.4: 5.4.107-hardened1 ->
 5.4.108-hardened1

---
 pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index ac265bccff0..a8cdaafcdfe 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -25,8 +25,8 @@
     },
     "5.4": {
         "extra": "-hardened1",
-        "name": "linux-hardened-5.4.107-hardened1.patch",
-        "sha256": "1wy66a97zjrk2g061xj0va0km3y15m0w4p1bvqsyvjlj5x4wwmwh",
-        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.107-hardened1/linux-hardened-5.4.107-hardened1.patch"
+        "name": "linux-hardened-5.4.108-hardened1.patch",
+        "sha256": "1m208j0svysyn3m0acn10pd4wqjm203ampkhf1wimzpzs8wfasgj",
+        "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.108-hardened1/linux-hardened-5.4.108-hardened1.patch"
     }
 }

From 6042f10cbe046197b14ad8db99ebe2f0277ad4a8 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Fri, 26 Mar 2021 18:55:56 -0400
Subject: [PATCH 24/24] labeller: Add kernel subfolder

---
 .github/labeler.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/labeler.yml b/.github/labeler.yml
index 0db6fd7832b..77422234ab3 100644
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -53,6 +53,7 @@
 
 "6.topic: kernel":
   - pkgs/build-support/kernel/**/*
+  - pkgs/os-specific/linux/kernel/**/*
 
 "6.topic: lua":
   - pkgs/development/interpreters/lua-5/**/*