colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

linux/kernel/common-config.nix: mark FORTIFY_SOURCE as optional

Browse Source 
You cannot use it on clang-built kernels due to some LLVM bugs, namely:

* https://bugs.llvm.org/show_bug.cgi?id=50322
* https://bugs.llvm.org/show_bug.cgi?id=41459

so Kconfig forces it off, causing generate-config.pl to explode since it
is not marked optional.
This commit is contained in:
Bernardo Meurer 2022-02-01 09:18:12 -08:00
parent 8bb7bec755
commit 4c13b31801
No known key found for this signature in database
GPG Key ID: F4C0D53B8D14C246
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/os-specific/linux/kernel/common-config.nix
View File

@ -452,7 +452,7 @@ let
};
security = {
FORTIFY_SOURCE = whenAtLeast "4.13" yes;
FORTIFY_SOURCE = whenAtLeast "4.13" (option yes);
# https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html
DEBUG_LIST = yes;