glibc: disable pie hardening, limit to musl for now

2018-11-14 17:49:24 -06:00 · 2018-11-14 17:49:24 -06:00 · db0abe98bf
commit db0abe98bf
parent 6ebb2c385b
1 changed files with 4 additions and 1 deletions
--- a/pkgs/development/libraries/glibc/default.nix
+++ b/pkgs/development/libraries/glibc/default.nix
@ -35,7 +35,10 @@ callPackage ./common.nix { inherit stdenv; } {
    # The stackprotector and fortify hardening flags are autodetected by glibc
    # and enabled by default if supported. Setting it for every gcc invocation
    # does not work.
-    hardeningDisable = [ "stackprotector" "fortify" ];
+    hardeningDisable = [ "stackprotector" "fortify" ]
+    # XXX: Not actually musl-speciic but since only musl enables pie by default,
+    #      limit rebuilds by only disabling pie w/musl
+      ++ stdenv.lib.optional stdenv.hostPlatform.isMusl "pie";

    # When building glibc from bootstrap-tools, we need libgcc_s at RPATH for
    # any program we run, because the gcc will have been placed at a new