From 1816e2b96084f982a0536f40953383d42c082b8d Mon Sep 17 00:00:00 2001
From: Joachim Fasting <joachifm@fastmail.fm>
Date: Tue, 2 May 2017 16:21:26 +0200
Subject: [PATCH] linux_hardened: BUG on struct validation failure

---
 pkgs/os-specific/linux/kernel/hardened-config.nix | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix
index 78fb1e368be7..bff15b05fd94 100644
--- a/pkgs/os-specific/linux/kernel/hardened-config.nix
+++ b/pkgs/os-specific/linux/kernel/hardened-config.nix
@@ -17,6 +17,10 @@ GCC_PLUGINS y # Enable gcc plugin options
 
 DEBUG_WX y # A one-time check for W+X mappings at boot; doesn't do anything beyond printing a warning
 
+${optionalString (versionAtLeast version "4.10") ''
+  BUG_ON_DATA_CORRUPTION y # BUG if kernel struct validation detects corruption
+''}
+
 # Additional validation of commonly targetted structures
 DEBUG_CREDENTIALS y
 DEBUG_NOTIFIERS y