From a58ec829e4a0e4a39e843b0b35f28d657a91d1c1 Mon Sep 17 00:00:00 2001
From: Thomas Tuegel <ttuegel@gmail.com>
Date: Thu, 20 Oct 2016 16:37:50 -0500
Subject: [PATCH] openblas: disable some hardening flags

---
 .../libraries/science/math/openblas/default.nix   | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/pkgs/development/libraries/science/math/openblas/default.nix b/pkgs/development/libraries/science/math/openblas/default.nix
index 368cb6d60aa..0cc79f6b44b 100644
--- a/pkgs/development/libraries/science/math/openblas/default.nix
+++ b/pkgs/development/libraries/science/math/openblas/default.nix
@@ -34,6 +34,21 @@ stdenv.mkDerivation {
 
   inherit blas64;
 
+  # Some hardening features are disabled due to sporadic failures in
+  # OpenBLAS-based programs. The problem may not be with OpenBLAS itself, but
+  # with how these flags interact with hardening measures used downstream.
+  # In either case, OpenBLAS must only be used by trusted code--it is
+  # inherently unsuitable for security-conscious applications--so there should
+  # be no objection to disabling these hardening measures.
+  hardeningDisable = [
+    # don't modify or move the stack
+    "stackprotector" "pic"
+    # don't alter index arithmetic
+    "strictoverflow"
+    # don't interfere with dynamic target detection.
+    "relro" "bindnow"
+  ];
+
   nativeBuildInputs = optionals stdenv.isDarwin [coreutils] ++ [gfortran perl which];
 
   makeFlags =