about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--pkgs/os-specific/linux/kernel/hardened-config.nix3
-rw-r--r--pkgs/top-level/all-packages.nix1
2 files changed, 1 insertions, 3 deletions
diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix
index 156a4cf44234..00aceefa1330 100644
--- a/pkgs/os-specific/linux/kernel/hardened-config.nix
+++ b/pkgs/os-specific/linux/kernel/hardened-config.nix
@@ -18,8 +18,7 @@ assert (versionAtLeast version "4.9");
 optionalAttrs (stdenv.hostPlatform.platform.kernelArch == "x86_64") {
   DEFAULT_MMAP_MIN_ADDR = freeform "65536";  # Prevent allocation of first 64K of memory
 
-  # Reduce attack surface by disabling various emulations
-  IA32_EMULATION     = no;
+  # Reduce attack surface by disabling X32
   X86_X32            = no;
   # Note: this config depends on EXPERT y and so will not take effect, hence
   # it is left "optional" for now.
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 5574d0cc76aa..f47f8df580a8 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -16828,7 +16828,6 @@ in
 
   # Hardened linux
   hardenedLinuxPackagesFor = kernel: linuxPackagesFor (kernel.override {
-    features.ia32Emulation = false;
     structuredExtraConfig = import ../os-specific/linux/kernel/hardened-config.nix {
       inherit stdenv;
       inherit (kernel) version;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-18 17:23:40 +0000