diff options
| author | Bernardo Meurer <bernardo@meurer.org> | 2022-02-01 09:18:12 -0800 |
|---|---|---|
| committer | Bernardo Meurer <bernardo@meurer.org> | 2022-02-01 09:18:17 -0800 |
| commit | 4c13b318017e0e3c244d1e0e1f552d8239b1fda7 (patch) | |
| tree | e0083cefd92cd04e0a1d3b21d7c8afd61d4d0202 /pkgs/os-specific/linux/kernel/common-config.nix | |
| parent | 8bb7bec755775fd086d8dfe3ddbc128913e8dffa (diff) | |
| download | nixpkgs-4c13b318017e0e3c244d1e0e1f552d8239b1fda7.tar nixpkgs-4c13b318017e0e3c244d1e0e1f552d8239b1fda7.tar.gz nixpkgs-4c13b318017e0e3c244d1e0e1f552d8239b1fda7.tar.bz2 nixpkgs-4c13b318017e0e3c244d1e0e1f552d8239b1fda7.tar.lz nixpkgs-4c13b318017e0e3c244d1e0e1f552d8239b1fda7.tar.xz nixpkgs-4c13b318017e0e3c244d1e0e1f552d8239b1fda7.tar.zst nixpkgs-4c13b318017e0e3c244d1e0e1f552d8239b1fda7.zip | |
linux/kernel/common-config.nix: mark FORTIFY_SOURCE as optional
You cannot use it on clang-built kernels due to some LLVM bugs, namely: * https://bugs.llvm.org/show_bug.cgi?id=50322 * https://bugs.llvm.org/show_bug.cgi?id=41459 so Kconfig forces it off, causing generate-config.pl to explode since it is not marked optional.
Diffstat (limited to 'pkgs/os-specific/linux/kernel/common-config.nix')
| -rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 830ddf49810..34e1b10b32a 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -452,7 +452,7 @@ let }; security = { - FORTIFY_SOURCE = whenAtLeast "4.13" yes; + FORTIFY_SOURCE = whenAtLeast "4.13" (option yes); # https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html DEBUG_LIST = yes; |