public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

treewide: disable pie in more places

Browse Source 
Some packages don’t work correctly with pie. Here I disable it for:

- busybox
- linux kernel
- kexectools

I also get rid of the Musl conditional for disabling pie in GCC and
Binutils. Some day we might want to enable PIE without Musl and it
will be useful to have the *just* work with our compiler and linkers.
This commit is contained in:
Matthew Bauer
2018-11-10 13:49:36 -06:00
parent 08d98b2e38
commit 76c956be5c
11 changed files with 12 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/development/compilers/gcc/4.8/default.nix
View File

@@ -177,7 +177,7 @@ stdenv.mkDerivation ({
inherit patches;
hardeningDisable = [ "format" ] ++ stdenv.lib.optional stdenv.targetPlatform.isMusl "pie";
hardeningDisable = [ "format" "pie" ];
outputs = [ "out" "lib" "man" "info" ];
setOutputFlags = false;

2
pkgs/development/compilers/gcc/4.9/default.nix
View File

@@ -185,7 +185,7 @@ stdenv.mkDerivation ({
inherit patches;
hardeningDisable = [ "format" ] ++ stdenv.lib.optional stdenv.targetPlatform.isMusl "pie";
hardeningDisable = [ "format" "pie" ];
outputs = if langJava || langGo then ["out" "man" "info"]
else [ "out" "lib" "man" "info" ];

2
pkgs/development/compilers/gcc/5/default.nix
View File

@@ -178,7 +178,7 @@ stdenv.mkDerivation ({
libc_dev = stdenv.cc.libc_dev;
hardeningDisable = [ "format" ] ++ stdenv.lib.optional stdenv.targetPlatform.isMusl "pie";
hardeningDisable = [ "format" "pie" ];
# This should kill all the stdinc frameworks that gcc and friends like to
# insert into default search paths.

2
pkgs/development/compilers/gcc/6/default.nix
View File

@@ -178,7 +178,7 @@ stdenv.mkDerivation ({
libc_dev = stdenv.cc.libc_dev;
hardeningDisable = [ "format" ] ++ stdenv.lib.optional stdenv.targetPlatform.isMusl "pie";
hardeningDisable = [ "format" "pie" ];
# This should kill all the stdinc frameworks that gcc and friends like to
# insert into default search paths.

2
pkgs/development/compilers/gcc/7/default.nix
View File

@@ -149,7 +149,7 @@ stdenv.mkDerivation ({
libc_dev = stdenv.cc.libc_dev;
hardeningDisable = [ "format" ] ++ stdenv.lib.optional stdenv.targetPlatform.isMusl "pie";
hardeningDisable = [ "format" "pie" ];
# This should kill all the stdinc frameworks that gcc and friends like to
# insert into default search paths.

2
pkgs/development/compilers/gcc/8/default.nix
View File

@@ -143,7 +143,7 @@ stdenv.mkDerivation ({
libc_dev = stdenv.cc.libc_dev;
hardeningDisable = [ "format" ] ++ stdenv.lib.optional stdenv.targetPlatform.isMusl "pie";
hardeningDisable = [ "format" "pie" ];
# This should kill all the stdinc frameworks that gcc and friends like to
# insert into default search paths.

2
pkgs/development/compilers/gcc/snapshot/default.nix
View File

@@ -137,7 +137,7 @@ stdenv.mkDerivation ({
libc_dev = stdenv.cc.libc_dev;
hardeningDisable = [ "format" ];
hardeningDisable = [ "format" "pie" ];
postPatch =
if targetPlatform != hostPlatform || stdenv.cc.libc != null then