diff options
author | Emily <vcs@emily.moe> | 2020-04-04 22:55:15 +0100 |
---|---|---|
committer | Emily <vcs@emily.moe> | 2020-04-17 16:13:39 +0100 |
commit | 8c68055432d501d604e906dfca242eed60c48e35 (patch) | |
tree | 35252ec489d75f883bc3ddaf0b536f961ee9c30f /pkgs/os-specific | |
parent | 8efe83c22e8c7a33847255bec30c4a9d5be8abe9 (diff) |
linux_*_hardened: don't set MODIFY_LDT_SYSCALL
Upstreamed in anthraxx/linux-hardened@05644876fa5dc3a67a8ea4b396e2214a2f8e8411.
Diffstat (limited to 'pkgs/os-specific')
-rw-r--r-- | pkgs/os-specific/linux/kernel/hardened-config.nix | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix index 154365a5be53c..75cfd68ef0d38 100644 --- a/pkgs/os-specific/linux/kernel/hardened-config.nix +++ b/pkgs/os-specific/linux/kernel/hardened-config.nix @@ -17,10 +17,6 @@ with (stdenv.lib.kernel.whenHelpers version); assert (versionAtLeast version "4.9"); optionalAttrs (stdenv.hostPlatform.platform.kernelArch == "x86_64") { - # Note: this config depends on EXPERT y and so will not take effect, hence - # it is left "optional" for now. - MODIFY_LDT_SYSCALL = option no; - # Randomize position of kernel and memory. RANDOMIZE_BASE = yes; RANDOMIZE_MEMORY = yes; |