b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

linux/hardened: make GCC_STRUCTLEAK optional since it isn't an option

Browse source 
with GCC 12
This commit is contained in:
Fabián Heredia Montiel 2022-11-19 00:25:07 -06:00
parent cb57273236
commit 713db8d8f8
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkgs/os-specific/linux/kernel/hardened/config.nix
View file

@ -65,8 +65,8 @@ assert (stdenv.hostPlatform.isx86_64 -> versions.majorMinor version != "5.4");
# Gather additional entropy at boot time for systems that may not have appropriate entropy sources.
GCC_PLUGIN_LATENT_ENTROPY = yes;
GCC_PLUGIN_STRUCTLEAK = yes; # A port of the PaX structleak plugin
GCC_PLUGIN_STRUCTLEAK_BYREF_ALL = yes; # Also cover structs passed by address
GCC_PLUGIN_STRUCTLEAK = option yes; # A port of the PaX structleak plugin
GCC_PLUGIN_STRUCTLEAK_BYREF_ALL = option yes; # Also cover structs passed by address
GCC_PLUGIN_STACKLEAK = whenAtLeast "4.20" yes; # A port of the PaX stackleak plugin
GCC_PLUGIN_RANDSTRUCT = whenOlder "5.19" yes; # A port of the PaX randstruct plugin
GCC_PLUGIN_RANDSTRUCT_PERFORMANCE = whenOlder "5.19" yes;