From 27b9f5d65ee452c9a1a49a2e245b2a45ee1d65ab Mon Sep 17 00:00:00 2001
From: Robin Gloster <mail@glob.in>
Date: Sun, 14 Aug 2016 02:13:16 +0000
Subject: xorg.*: disable relro/bindnow hardening

Breaks the module system at runtime otherwise.
---
 pkgs/servers/x11/xorg/builder.sh    | 3 ---
 pkgs/servers/x11/xorg/default.nix   | 4 +++-
 pkgs/servers/x11/xorg/overrides.nix | 1 -
 3 files changed, 3 insertions(+), 5 deletions(-)

(limited to 'pkgs')

diff --git a/pkgs/servers/x11/xorg/builder.sh b/pkgs/servers/x11/xorg/builder.sh
index 15da0b51795b..055886374df4 100644
--- a/pkgs/servers/x11/xorg/builder.sh
+++ b/pkgs/servers/x11/xorg/builder.sh
@@ -46,7 +46,4 @@ fi
 
 enableParallelBuilding=1
 
-# breaks module loading
-hardeningDisable="bindnow"
-
 genericBuild
diff --git a/pkgs/servers/x11/xorg/default.nix b/pkgs/servers/x11/xorg/default.nix
index 4a2ac2469d82..24b6cafd1bc2 100644
--- a/pkgs/servers/x11/xorg/default.nix
+++ b/pkgs/servers/x11/xorg/default.nix
@@ -9,7 +9,9 @@ let
   mkDerivation = name: attrs:
     let newAttrs = (overrides."${name}" or (x: x)) attrs;
         stdenv = newAttrs.stdenv or args.stdenv;
-    in stdenv.mkDerivation (removeAttrs newAttrs [ "stdenv" ]);
+      in stdenv.mkDerivation ((removeAttrs newAttrs [ "stdenv" ]) // {
+        hardeningDisable = [ "bindnow" "relro" ];
+      });
 
   overrides = import ./overrides.nix {inherit args xorg;};
 
diff --git a/pkgs/servers/x11/xorg/overrides.nix b/pkgs/servers/x11/xorg/overrides.nix
index bcef1a5419f6..5660957011c7 100644
--- a/pkgs/servers/x11/xorg/overrides.nix
+++ b/pkgs/servers/x11/xorg/overrides.nix
@@ -430,7 +430,6 @@ in
                                         # and there are no fonts in this package anyway
           "--enable-glamor"
         ];
-        hardeningDisable = [ "relro" ];
         postInstall = ''
           rm -fr $out/share/X11/xkb/compiled
           ln -s /var/tmp $out/share/X11/xkb/compiled
-- 
cgit 1.4.1