From aff1f4ab948b921ceaf2b81610f2f82454302b4b Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Fri, 26 Feb 2016 18:38:15 +0100
Subject: Use general hardening flag toggle lists

The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
---
 pkgs/os-specific/linux/setools/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pkgs/os-specific/linux/setools')

diff --git a/pkgs/os-specific/linux/setools/default.nix b/pkgs/os-specific/linux/setools/default.nix
index 6e8d9d3cf7a..5f539b9a97e 100644
--- a/pkgs/os-specific/linux/setools/default.nix
+++ b/pkgs/os-specific/linux/setools/default.nix
@@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
     "--with-tcl=${tcl}/lib"
   ];
 
-  hardening_format = false;
+  hardeningDisable = [ "format" ];
 
   NIX_CFLAGS_COMPILE = "-fstack-protector-all";
   NIX_LDFLAGS = "-L${libsepol}/lib -L${libselinux}/lib";
-- 
cgit 1.4.1