ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2025-01-08 06:28:50 +03:00
Code Issues Projects Releases Wiki Activity

kernel/hardened-config.nix: add STACKLEAK plugin on 4.20+

Browse Source
This commit is contained in:
Pierre Bourdon 2019-01-04 02:08:49 +01:00
parent 9dc0d94896
commit 0f7ca26a48
No known key found for this signature in database
GPG Key ID: 6FB80DCD84DA0F1C
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkgs/os-specific/linux/kernel/hardened-config.nix
View File

@ -113,6 +113,9 @@ ${optionalString (versionAtLeast version "4.11") ''
${optionalString (versionAtLeast version "4.14") ''
GCC_PLUGIN_STRUCTLEAK_BYREF_ALL y # Also cover structs passed by address
''}
${optionalString (versionAtLeast version "4.20") ''
GCC_PLUGIN_STACKLEAK y # A port of the PaX stackleak plugin
''}
# Disable various dangerous settings
ACPI_CUSTOM_METHOD n # Allows writing directly to physical memory