linux_*_hardened: don't set VMAP_STACK

This has been on by default upstream for as long as it's been an option.
bjornfor · Apr 17, 2020 · 3d4c8ae · 3d4c8ae
1 parent 7d5352d
commit 3d4c8ae
Showing 1 changed file with 0 additions and 1 deletion.
diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix
@@ -22,7 +22,6 @@ optionalAttrs (stdenv.hostPlatform.platform.kernelArch == "x86_64") {
   # Note: this config depends on EXPERT y and so will not take effect, hence
   # it is left "optional" for now.
   MODIFY_LDT_SYSCALL = option no;
-  VMAP_STACK         = yes; # Catch kernel stack overflows
 
   # Randomize position of kernel and memory.
   RANDOMIZE_BASE   = yes;