Enable CC_STACKPROTECTOR_REGULAR on linux 3.14+

2024-11-28 18:03:04 +00:00 · 2014-04-02 17:58:54 -04:00 · 2014-04-02 17:58:54 -04:00 · 0c66dbaee6
commit 0c66dbaee6
parent 0b1e408b6b
1 changed files with 3 additions and 1 deletions
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@ -167,8 +167,10 @@ with stdenv.lib;
  STRICT_DEVMEM y # Filter access to /dev/mem
  SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default
  DEVKMEM n # Disable /dev/kmem
-  ${optionalString (versionOlder version "3.14") ''
+  ${if versionOlder version "3.14" then ''
    CC_STACKPROTECTOR y # Detect buffer overflows on the stack
+  '' else ''
+    CC_STACKPROTECTOR_REGULAR y
  ''}
  ${optionalString (versionAtLeast version "3.12") ''
    USER_NS y # Support for user namespaces