From 1cc8ea7cb4e4d5a9fa94869a2998ed17ec7bb9db Mon Sep 17 00:00:00 2001
From: Pierre Bourdon <delroth@gmail.com>
Date: Thu, 30 May 2019 02:16:45 +0900
Subject: [PATCH] nixos/malloc: add scudo from LLVM compiler-rt

---
 nixos/modules/config/malloc.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/nixos/modules/config/malloc.nix b/nixos/modules/config/malloc.nix
index 5fca39aa2e2a..bc51b9fc573a 100644
--- a/nixos/modules/config/malloc.nix
+++ b/nixos/modules/config/malloc.nix
@@ -21,6 +21,15 @@ let
         and scalable concurrency support.
       '';
     };
+
+    "scudo" = {
+      libPath = "${pkgs.llvmPackages.compiler-rt}/lib/linux/libclang_rt.scudo-x86_64.so";
+      description = ''
+        A user-mode allocator based on LLVM Sanitizer’s CombinedAllocator,
+        which aims at providing additional mitigations against heap based
+        vulnerabilities, while maintaining good performance.
+      '';
+    };
   };
 
   providerConf = providers."${cfg.provider}";