diff options
| author | John Ericson <John.Ericson@Obsidian.Systems> | 2017-08-25 01:14:43 -0400 |
|---|---|---|
| committer | Robin Gloster <mail@glob.in> | 2017-08-30 17:53:42 +0200 |
| commit | 822a8d01481e4cb2bab7e82a01637eceddaba5a2 (patch) | |
| tree | 95c1822afe2b79d527a58224b7fd75b6b8527d77 /pkgs | |
| parent | 823fb278d3a48abdb37637aed3769b9282d4774f (diff) | |
| download | nixlib-822a8d01481e4cb2bab7e82a01637eceddaba5a2.tar nixlib-822a8d01481e4cb2bab7e82a01637eceddaba5a2.tar.gz nixlib-822a8d01481e4cb2bab7e82a01637eceddaba5a2.tar.bz2 nixlib-822a8d01481e4cb2bab7e82a01637eceddaba5a2.tar.lz nixlib-822a8d01481e4cb2bab7e82a01637eceddaba5a2.tar.xz nixlib-822a8d01481e4cb2bab7e82a01637eceddaba5a2.tar.zst nixlib-822a8d01481e4cb2bab7e82a01637eceddaba5a2.zip | |
cc-wrapper: Remove redundant hardening
GCC just passes `-z ...` flags to ld unaltered, and they are already passed to LD anyways. On the other hand, `-pie` affects gcc behavior too.
Diffstat (limited to 'pkgs')
| -rw-r--r-- | pkgs/build-support/cc-wrapper/add-hardening.sh | 1 | ||||
| -rw-r--r-- | pkgs/build-support/cc-wrapper/cc-wrapper.sh | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/pkgs/build-support/cc-wrapper/add-hardening.sh b/pkgs/build-support/cc-wrapper/add-hardening.sh index aa8eb720486c..af98ea03e529 100644 --- a/pkgs/build-support/cc-wrapper/add-hardening.sh +++ b/pkgs/build-support/cc-wrapper/add-hardening.sh @@ -43,6 +43,7 @@ if [[ -z "${hardeningDisableMap[all]:-}" ]]; then hardeningCFlags+=('-fPIE') if [[ ! ("$*" =~ " -shared " || "$*" =~ " -static ") ]]; then if [[ -n "${NIX_DEBUG:-}" ]]; then echo HARDENING: enabling LDFlags -pie >&2; fi + hardeningCFlags+=('-pie') hardeningLDFlags+=('-pie') fi ;; diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh index 1c654ea47567..6099535600c7 100644 --- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh @@ -138,7 +138,7 @@ if [ "$dontLink" != 1 ]; then # Add the flags that should only be passed to the compiler when # linking. - extraAfter+=($NIX_@infixSalt@_CFLAGS_LINK "${hardeningLDFlags[@]}") + extraAfter+=($NIX_@infixSalt@_CFLAGS_LINK) # Add the flags that should be passed to the linker (and prevent # `ld-wrapper' from adding NIX_@infixSalt@_LDFLAGS again). |