nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-25 16:33:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

make-derivation.nix: Float out knownHardeningFlags

Browse Source
This commit is contained in:
Robert Hensing 2024-03-12 18:41:57 +01:00
parent 464d8c4a6c
commit cac23248b1
1 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
pkgs/stdenv/generic/make-derivation.nix
View File

@ -110,6 +110,20 @@ let
makeDerivationExtensible (self: attrs // (if builtins.isFunction f0 || f0?__functor then f self attrs else f0)))
attrs;
knownHardeningFlags = [
"bindnow"
"format"
"fortify"
"fortify3"
"pic"
"pie"
"relro"
"stackprotector"
"strictoverflow"
"trivialautovarinit"
"zerocallusedregs"
];
makeDerivationArgument =
@ -235,19 +249,6 @@ let
# disabling fortify implies fortify3 should also be disabled
then unique (hardeningDisable ++ [ "fortify3" ])
else hardeningDisable;
knownHardeningFlags = [
"bindnow"
"format"
"fortify"
"fortify3"
"pic"
"pie"
"relro"
"stackprotector"
"strictoverflow"
"trivialautovarinit"
"zerocallusedregs"
];
defaultHardeningFlags =
(if stdenv.hasCC then stdenv.cc else {}).defaultHardeningFlags or
# fallback safe-ish set of flags