colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
617,927 Commits 126 Branches 0 Tags 3.1 GiB
de973ce81f
Commit Graph

5 Commits

Author SHA1 Message Date
Robert Scott
4a91b3e798 cc-wrapper: add trivialautovarinit hardening flag support 
this equates to -ftrivial-auto-var-init=pattern

clang has removed support for -ftrivial-auto-var-init=zero and
are unlikely to re-add it, so use -ftrivial-auto-var-init=pattern
on both compilers if only to make behaviour more consistent
between the two.

add to pkgsExtraHardening's defaultHardeningFlags.
 2024-02-24 12:00:09 +00:00
Robert Scott
40868719b0 cc-wrapper: add zerocallusedregs hardening flag 
this uses the value `used-gpr` which seems to be a commonly
chosen value for general use
 2024-01-20 13:48:33 +00:00
Robert Scott
c09e1fa406 gcc: mark hardeningUnsupportedFlags fortify3 for all but gcc 12 2023-01-24 21:52:12 +00:00
regnat
14f66d60a7 Make the bootsrap respect the contentAddressedByDefault setting 
Patch every `derivation` call in the bootsrap process to add it a
conditional `__contentAddressed` parameter.

That way, passing `contentAddressedByDefault` means that the entire
build closure of a system can be content addressed
 2021-04-28 10:25:49 +02:00
John Ericson
7960a1b1b8 linux stdenv: Avoid assert false 
On one hand, don't want to pass garbage that affects hash, on the other
hand footguns are bad.

Now, factored out the derivation so only need to pass in what is used.
 2016-12-15 17:09:29 -05:00