linux config: revert BPF_JIT_ALWAYS_ON=yes

This reverts a small bit of af808bd82 from PR #73328. Fixes #79304: tests.installer.simpleUefiSystemdBoot.x86_64-linux I still don't know why the regression happened, but this feature doesn't seem important enough to block channel now, though it reportedly helps to mitigate spectre 2 attack CVE-2017-5715.
author: Vladimír Čunát <v@cunat.cz> 2020-02-08 21:09:35 +0100
committer: Vladimír Čunát <v@cunat.cz> 2020-02-09 08:22:00 +0100
commit: 8130f3c1c2bb0e533b5e150c39911d6e61dcecc2 (patch)
tree: c9937116766fcc5bf15f100c13be473617236e6d
parent: c32ccccd9d28106802b7be432bcce78b3d4f2bd1 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index 7ecff5207df86..f9579a9fde53d 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -114,7 +114,7 @@ let
       CLS_U32_PERF       = yes;
       CLS_U32_MARK       = yes;
       BPF_JIT            = whenPlatformHasEBPFJit yes;
-      BPF_JIT_ALWAYS_ON  = whenPlatformHasEBPFJit yes;
+      BPF_JIT_ALWAYS_ON  = no; # whenPlatformHasEBPFJit yes; # see https://github.com/NixOS/nixpkgs/issues/79304
       HAVE_EBPF_JIT      = whenPlatformHasEBPFJit yes;
       BPF_STREAM_PARSER  = whenAtLeast "4.19" yes;
       XDP_SOCKETS        = whenAtLeast "4.19" yes;
author	Vladimír Čunát <v@cunat.cz>	2020-02-08 21:09:35 +0100
committer	Vladimír Čunát <v@cunat.cz>	2020-02-09 08:22:00 +0100
commit	8130f3c1c2bb0e533b5e150c39911d6e61dcecc2 (patch)
tree	c9937116766fcc5bf15f100c13be473617236e6d
parent	c32ccccd9d28106802b7be432bcce78b3d4f2bd1 (diff)