From a4d56d0635fc372288b405c5d7d501a60d1a2512 Mon Sep 17 00:00:00 2001
From: Tim Steinbach <tim@nequissimus.com>
Date: Tue, 3 Jul 2018 08:35:04 -0400
Subject: linux-hardened: Adjust config for 4.17.4

---
 pkgs/os-specific/linux/kernel/hardened-config.nix | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'pkgs/os-specific/linux')

diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix
index 5ae128741129..7e277617b61a 100644
--- a/pkgs/os-specific/linux/kernel/hardened-config.nix
+++ b/pkgs/os-specific/linux/kernel/hardened-config.nix
@@ -28,7 +28,9 @@ ${optionalString (stdenv.platform.kernelArch == "x86_64") ''
   # Reduce attack surface by disabling various emulations
   IA32_EMULATION n
   X86_X32 n
-  MODIFY_LDT_SYSCALL? n
+  ${optionalString (versionOlder version "4.17") ''
+    MODIFY_LDT_SYSCALL? n
+  ''}
 
   VMAP_STACK y # Catch kernel stack overflows
 
-- 
cgit 1.4.1