linuxPackages_4_14_hardened: fix eval

Not sure if this is the right thing to do, but apparently we want this setting for <4.18, so we hard-code it for 4.14 via `mkForce` (previously this has led to conflicting definitions which is why the hardened 4.14 kernel never seems to have evaluated properly).
author: Maximilian Bosch <maximilian@mbosch.me> 2021-08-16 11:44:02 +0200
committer: Maximilian Bosch <maximilian@mbosch.me> 2021-08-16 20:46:02 +0200
commit: 099113751e66899a620bb3e23875d421fc40804f (patch)
tree: e4a9f390d4c808b02e227891d6268f6d79bc4d50 /pkgs/os-specific/linux/kernel/hardened/config.nix
parent: a5341beb789c66ed24a11396dda28f2a1303768e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/pkgs/os-specific/linux/kernel/hardened/config.nix b/pkgs/os-specific/linux/kernel/hardened/config.nix
index 20f9f5aaa147b..973e6d50adfe5 100644
--- a/pkgs/os-specific/linux/kernel/hardened/config.nix
+++ b/pkgs/os-specific/linux/kernel/hardened/config.nix
@@ -88,7 +88,7 @@ assert (versionAtLeast version "4.9");
   INET_MPTCP_DIAG   = option no;
 
   # Use -fstack-protector-strong (gcc 4.9+) for best stack canary coverage.
-  CC_STACKPROTECTOR_REGULAR = whenOlder "4.18" no;
+  CC_STACKPROTECTOR_REGULAR = lib.mkForce (whenOlder "4.18" no);
   CC_STACKPROTECTOR_STRONG  = whenOlder "4.18" yes;
 
   # Detect out-of-bound reads/writes and use-after-free
author	Maximilian Bosch <maximilian@mbosch.me>	2021-08-16 11:44:02 +0200
committer	Maximilian Bosch <maximilian@mbosch.me>	2021-08-16 20:46:02 +0200
commit	099113751e66899a620bb3e23875d421fc40804f (patch)
tree	e4a9f390d4c808b02e227891d6268f6d79bc4d50 /pkgs/os-specific/linux/kernel/hardened/config.nix
parent	a5341beb789c66ed24a11396dda28f2a1303768e (diff)