summary refs log tree commit diff
path: root/pkgs/os-specific/linux
diff options
context:
space:
mode:
authorPierre Bourdon <delroth@gmail.com>2019-01-04 02:08:49 +0100
committerPierre Bourdon <delroth@gmail.com>2019-01-04 22:24:50 +0100
commit0f7ca26a48389bf9133573f5eaf2d7b30cf51625 (patch)
treeab2f9ddfb746b3007806a3838e2d120da4fb9086 /pkgs/os-specific/linux
parent9dc0d948965ecfa8bae20de5699f7d32cc6707a6 (diff)
downloadnixpkgs-0f7ca26a48389bf9133573f5eaf2d7b30cf51625.tar
nixpkgs-0f7ca26a48389bf9133573f5eaf2d7b30cf51625.tar.gz
nixpkgs-0f7ca26a48389bf9133573f5eaf2d7b30cf51625.tar.bz2
nixpkgs-0f7ca26a48389bf9133573f5eaf2d7b30cf51625.tar.lz
nixpkgs-0f7ca26a48389bf9133573f5eaf2d7b30cf51625.tar.xz
nixpkgs-0f7ca26a48389bf9133573f5eaf2d7b30cf51625.tar.zst
nixpkgs-0f7ca26a48389bf9133573f5eaf2d7b30cf51625.zip
kernel/hardened-config.nix: add STACKLEAK plugin on 4.20+
Diffstat (limited to 'pkgs/os-specific/linux')
-rw-r--r--pkgs/os-specific/linux/kernel/hardened-config.nix3


1 files changed, 3 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix
index 2454ecd0b05..9d28b3edf85 100644
--- a/pkgs/os-specific/linux/kernel/hardened-config.nix
+++ b/pkgs/os-specific/linux/kernel/hardened-config.nix
@@ -113,6 +113,9 @@ ${optionalString (versionAtLeast version "4.11") ''
 ${optionalString (versionAtLeast version "4.14") ''
   GCC_PLUGIN_STRUCTLEAK_BYREF_ALL y # Also cover structs passed by address
 ''}
+${optionalString (versionAtLeast version "4.20") ''
+  GCC_PLUGIN_STACKLEAK y # A port of the PaX stackleak plugin
+''}
 
 # Disable various dangerous settings
 ACPI_CUSTOM_METHOD n # Allows writing directly to physical memory

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-27 14:57:09 +0000