cc-wrapper: add zerocallusedregs hardening flag

this uses the value `used-gpr` which seems to be a commonly chosen value for general use
author: Robert Scott <code@humanleg.org.uk> 2023-10-08 22:56:46 +0100
committer: Robert Scott <code@humanleg.org.uk> 2024-01-20 13:48:33 +0000
commit: 40868719b0ff142d0df5fba0f2ec7f370e072048 (patch)
tree: 40fba5f80f1034999349bd589b9dc0419f12384b /pkgs/stdenv/generic
parent: 81f22730b09c9b201c576195964d7b715f96c90a (diff)
download: nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar
nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.gz
nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.bz2
nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.lz
nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.xz
nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.zst
nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/pkgs/stdenv/generic/make-derivation.nix b/pkgs/stdenv/generic/make-derivation.nix
index cb1607c5e63a..54a03a56866b 100644
--- a/pkgs/stdenv/generic/make-derivation.nix
+++ b/pkgs/stdenv/generic/make-derivation.nix
@@ -249,6 +249,7 @@ let
     "relro"
     "stackprotector"
     "strictoverflow"
+    "zerocallusedregs"
   ];
   defaultHardeningFlags =
     (if stdenv.hasCC then stdenv.cc else {}).defaultHardeningFlags or
author	Robert Scott <code@humanleg.org.uk>	2023-10-08 22:56:46 +0100
committer	Robert Scott <code@humanleg.org.uk>	2024-01-20 13:48:33 +0000
commit	40868719b0ff142d0df5fba0f2ec7f370e072048 (patch)
tree	40fba5f80f1034999349bd589b9dc0419f12384b /pkgs/stdenv/generic
parent	81f22730b09c9b201c576195964d7b715f96c90a (diff)
download	nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.gz nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.bz2 nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.lz nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.xz nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.tar.zst nixlib-40868719b0ff142d0df5fba0f2ec7f370e072048.zip