public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

linux-hardened: Disable GCC_PLUGIN_RANDSTRUCT

Browse Source
This commit is contained in:
Tim Steinbach 2017-10-11 13:50:20 -04:00
parent 48f0389bf8
commit 5dda1324be
No known key found for this signature in database
GPG Key ID: 472BFCCA96BD0EDA
1 changed files with 0 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkgs/os-specific/linux/kernel/hardened-config.nix
View File

@ -97,11 +97,6 @@ ${optionalString (versionAtLeast version "4.11") ''
GCC_PLUGIN_STRUCTLEAK y # A port of the PaX structleak plugin GCC_PLUGIN_STRUCTLEAK y # A port of the PaX structleak plugin
''} ''}
${optionalString (versionAtLeast version "4.13") ''
GCC_PLUGIN_RANDSTRUCT y # A port of the PaX randstruct plugin
GCC_PLUGIN_RANDSTRUCT_PERFORMANCE y
''}
# Disable various dangerous settings # Disable various dangerous settings
ACPI_CUSTOM_METHOD n # Allows writing directly to physical memory ACPI_CUSTOM_METHOD n # Allows writing directly to physical memory
PROC_KCORE n # Exposes kernel text image layout PROC_KCORE n # Exposes kernel text image layout