diff options
Diffstat (limited to 'nixpkgs/nixos/modules/config/malloc.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/config/malloc.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/config/malloc.nix b/nixpkgs/nixos/modules/config/malloc.nix index 5fca39aa2e2a..dfa86a44a326 100644 --- a/nixpkgs/nixos/modules/config/malloc.nix +++ b/nixpkgs/nixos/modules/config/malloc.nix @@ -21,6 +21,15 @@ let and scalable concurrency support. ''; }; + + "scudo" = { + libPath = "${pkgs.llvmPackages.compiler-rt}/lib/linux/libclang_rt.scudo-x86_64.so"; + description = '' + A user-mode allocator based on LLVM Sanitizer’s CombinedAllocator, + which aims at providing additional mitigations against heap based + vulnerabilities, while maintaining good performance. + ''; + }; }; providerConf = providers."${cfg.provider}"; @@ -82,5 +91,7 @@ in config = mkIf (cfg.provider != "libc") { environment.variables.LD_PRELOAD = providerLibPath; + systemd.extraConfig = "DefaultEnvironment=\"LD_PRELOAD=${providerLibPath}\""; + systemd.user.extraConfig = "DefaultEnvironment=\"LD_PRELOAD=${providerLibPath}\""; }; } |