summary refs log tree commit diff
path: root/pkgs/stdenv/generic/make-derivation.nix
diff options
context:
space:
mode:
authorOrivej Desh <orivej@gmx.fr>2017-09-01 09:58:19 +0000
committerOrivej Desh <orivej@gmx.fr>2017-09-03 12:57:08 +0000
commit447240b19f1fc5ee5d33950560002b9661a3d10e (patch)
treece323d1fd92e065559e62761941a311922e16dd0 /pkgs/stdenv/generic/make-derivation.nix
parent3980abe191d4b9f8d4d60b101f67f3658f380a56 (diff)
downloadnixpkgs-447240b19f1fc5ee5d33950560002b9661a3d10e.tar
nixpkgs-447240b19f1fc5ee5d33950560002b9661a3d10e.tar.gz
nixpkgs-447240b19f1fc5ee5d33950560002b9661a3d10e.tar.bz2
nixpkgs-447240b19f1fc5ee5d33950560002b9661a3d10e.tar.lz
nixpkgs-447240b19f1fc5ee5d33950560002b9661a3d10e.tar.xz
nixpkgs-447240b19f1fc5ee5d33950560002b9661a3d10e.tar.zst
nixpkgs-447240b19f1fc5ee5d33950560002b9661a3d10e.zip
mkDerivation: explain "all" in hardeningDisable
https://github.com/NixOS/nixpkgs/pull/28806#discussion_r136516276
Diffstat (limited to 'pkgs/stdenv/generic/make-derivation.nix')
-rw-r--r--pkgs/stdenv/generic/make-derivation.nix1
1 files changed, 1 insertions, 0 deletions
diff --git a/pkgs/stdenv/generic/make-derivation.nix b/pkgs/stdenv/generic/make-derivation.nix
index c2f4f1c7b28..23a77719fa0 100644
--- a/pkgs/stdenv/generic/make-derivation.nix
+++ b/pkgs/stdenv/generic/make-derivation.nix
@@ -49,6 +49,7 @@ rec {
     # TODO(@Ericson2314): Make this more modular, and not O(n^2).
     let
       supportedHardeningFlags = [ "fortify" "stackprotector" "pie" "pic" "strictoverflow" "format" "relro" "bindnow" ];
+      # hardeningDisable additionally supports "all".
       erroneousHardeningFlags = lib.subtractLists supportedHardeningFlags (hardeningEnable ++ lib.remove "all" hardeningDisable);
     in if builtins.length erroneousHardeningFlags != 0
     then abort ("mkDerivation was called with unsupported hardening flags: " + lib.generators.toPretty {} {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-27 11:58:33 +0000