From f2f00c56e4e54e6df6393035b73796ab5d8cc48a Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Thu, 1 Aug 2013 00:38:54 +0200
Subject: [PATCH] linux: Enable stack protector

This may prevent exploitation of buffer overflows.
---
 pkgs/os-specific/linux/kernel/common-config.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index 2e64dae23fe..83417787f0d 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -165,6 +165,7 @@ with stdenv.lib;
   STRICT_DEVMEM y # Filter access to /dev/mem
   SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default
   DEVKMEM n # Disable /dev/kmem
+  CC_STACKPROTECTOR y # Detect buffer overflows on the stack
 
   # Misc. options.
   8139TOO_8129 y