Admins will be upgrading ORNL GitLab Servers on Saturday, 16 May 2026, from 7 AM until 11 AM EST. Repositories will experience intermittent outages during this time.

Unverified Commit 996b65cf authored May 06, 2017 by Joachim Fasting

linux_hardened: enable structleak plugin

A port of the PaX structleak plugin.  Note that this version of structleak
seems to cover less ground than the PaX original (only marked structs are
zeroed). [1]

[1]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61f13eaa1ee17728c41370100d2d45c254ce76f

parent 1816e2b9

pkgs/os-specific/linux/kernel/hardened-config.nix

+4 −0

Original line number	Diff line number	Diff line
		@@ -15,6 +15,10 @@ assert (versionAtLeast version "4.9");
		''
		GCC_PLUGINS y # Enable gcc plugin options

		${optionalString (versionAtLeast version "4.11") ''
		GCC_PLUGIN_STRUCTLEAK y # A port of the PaX structleak plugin
		''}

		DEBUG_WX y # A one-time check for W+X mappings at boot; doesn't do anything beyond printing a warning

		${optionalString (versionAtLeast version "4.10") ''

Admin message