commit 1fd6aaa5ca0af6c0be43979a43747c8a7a6786e7 · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

fork atom

linux-hardened: Adjust config for 4.17.4

(cherry picked from commit a4d56d0635fc372288b405c5d7d501a60d1a2512)

authored by Tim Steinbach and committed by Uli Baum 7 years ago 1fd6aaa5 ba00e916

+3 -1

1 changed file

expand all

unified split

pkgs

os-specific

linux

kernel

hardened-config.nix

+3 -1

pkgs/os-specific/linux/kernel/hardened-config.nix

··· 28 # Reduce attack surface by disabling various emulations 29 IA32_EMULATION n 30 X86_X32 n 31 - MODIFY_LDT_SYSCALL? n 32 33 VMAP_STACK y # Catch kernel stack overflows 34

··· 28 # Reduce attack surface by disabling various emulations 29 IA32_EMULATION n 30 X86_X32 n 31 + ${optionalString (versionOlder version "4.17") '' 32 + MODIFY_LDT_SYSCALL? n 33 + ''} 34 35 VMAP_STACK y # Catch kernel stack overflows 36