diff options
| author | Emily <vcs@emily.moe> | 2020-03-07 18:48:08 +0000 |
|---|---|---|
| committer | Emily <vcs@emily.moe> | 2020-03-07 18:50:40 +0000 |
| commit | b628400f5e70c361cc74e6a5c1d041f6a2189e5f (patch) | |
| tree | ca743c200a791f85d8652eef9e93e7f16a0e2638 /pkgs/os-specific/linux | |
| parent | 82b54d490663b6d87b7b34b9cfc0985df8b49c7d (diff) | |
| download | nixlib-b628400f5e70c361cc74e6a5c1d041f6a2189e5f.tar nixlib-b628400f5e70c361cc74e6a5c1d041f6a2189e5f.tar.gz nixlib-b628400f5e70c361cc74e6a5c1d041f6a2189e5f.tar.bz2 nixlib-b628400f5e70c361cc74e6a5c1d041f6a2189e5f.tar.lz nixlib-b628400f5e70c361cc74e6a5c1d041f6a2189e5f.tar.xz nixlib-b628400f5e70c361cc74e6a5c1d041f6a2189e5f.tar.zst nixlib-b628400f5e70c361cc74e6a5c1d041f6a2189e5f.zip | |
linuxPackages_{,_latest,_testing}_hardened: enable 32-bit emulation
Per discussion in #81943. Resolves #79798.
Diffstat (limited to 'pkgs/os-specific/linux')
| -rw-r--r-- | pkgs/os-specific/linux/kernel/hardened-config.nix | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix index 156a4cf44234..00aceefa1330 100644 --- a/pkgs/os-specific/linux/kernel/hardened-config.nix +++ b/pkgs/os-specific/linux/kernel/hardened-config.nix @@ -18,8 +18,7 @@ assert (versionAtLeast version "4.9"); optionalAttrs (stdenv.hostPlatform.platform.kernelArch == "x86_64") { DEFAULT_MMAP_MIN_ADDR = freeform "65536"; # Prevent allocation of first 64K of memory - # Reduce attack surface by disabling various emulations - IA32_EMULATION = no; + # Reduce attack surface by disabling X32 X86_X32 = no; # Note: this config depends on EXPERT y and so will not take effect, hence # it is left "optional" for now. |