about summary refs log tree commit diff
path: root/pkgs/build-support/cc-wrapper/add-hardening.sh
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/build-support/cc-wrapper/add-hardening.sh')
-rw-r--r--pkgs/build-support/cc-wrapper/add-hardening.sh10
1 files changed, 0 insertions, 10 deletions
diff --git a/pkgs/build-support/cc-wrapper/add-hardening.sh b/pkgs/build-support/cc-wrapper/add-hardening.sh
index b0e39e455ffc..a35ff3cb4260 100644
--- a/pkgs/build-support/cc-wrapper/add-hardening.sh
+++ b/pkgs/build-support/cc-wrapper/add-hardening.sh
@@ -6,7 +6,6 @@ if [[ -v hardeningEnable[@] ]]; then
   hardeningFlags+=(${hardeningEnable[@]})
 fi
 hardeningCFlags=()
-hardeningLDFlags=()
 
 declare -A hardeningDisableMap
 
@@ -44,7 +43,6 @@ if [[ -z "${hardeningDisableMap[all]:-}" ]]; then
           if [[ ! ("$*" =~ " -shared " || "$*" =~ " -static ") ]]; then
             if (( "${NIX_DEBUG:-0}" >= 1 )); then echo HARDENING: enabling LDFlags -pie >&2; fi
             hardeningCFlags+=('-pie')
-            hardeningLDFlags+=('-pie')
           fi
           ;;
         pic)
@@ -59,14 +57,6 @@ if [[ -z "${hardeningDisableMap[all]:-}" ]]; then
           if (( "${NIX_DEBUG:-0}" >= 1 )); then echo HARDENING: enabling format >&2; fi
           hardeningCFlags+=('-Wformat' '-Wformat-security' '-Werror=format-security')
           ;;
-        relro)
-          if (( "${NIX_DEBUG:-0}" >= 1 )); then echo HARDENING: enabling relro >&2; fi
-          hardeningLDFlags+=('-z' 'relro')
-          ;;
-        bindnow)
-          if (( "${NIX_DEBUG:-0}" >= 1 )); then echo HARDENING: enabling bindnow >&2; fi
-          hardeningLDFlags+=('-z' 'now')
-          ;;
         *)
           # Ignore unsupported. Checked in Nix that at least *some*
           # tool supports each flag.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-16 19:24:22 +0000