1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-23 06:01:15 +00:00
nixpkgs/pkgs/stdenv/generic
Matthew Bauer 6d531f3541 make-derivation: enable pie hardening with musl
Fixes #49071

On ld.gold, we produce broken executables when linking with the Musl
libc. This appears to be a known bug when using ld.gold and Musl. This
thread describes the workaround as enabling PIE when using ld.gold and
Musl:

https://www.openwall.com/lists/musl/2015/05/01/5

By default we don’t enable PIE to avoid breaking things. But in the
Musl case we are breaking things by not enabling PIE. So this adds a
special case for defaultHardeningFlags which keeps the pie hardening
for everything. Any packages that break with PIE can add the pie flag
to disableHardeningFlags array (a no-op for now on anything but Musl).
2018-11-07 15:24:51 +01:00
..
builder.sh stdenvs: Distinguish between extraBuildInputs and extraNativeBuildInputs 2017-08-18 12:02:13 -04:00
check-meta.nix dovecot, opensmtpd: add link to test in meta.tests 2018-10-30 21:31:39 +09:00
default-builder.sh
default.nix top-level, stdenv: Make system and stdenv.system describe the hostPlatform. 2018-09-06 08:33:51 -04:00
make-derivation.nix make-derivation: enable pie hardening with musl 2018-11-07 15:24:51 +01:00
setup.sh stdenv: Improve ELF detection for isELF 2018-09-25 06:55:18 +02:00