summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/amnesia2
-rw-r--r--wiki/src/contribute/design/kernel_hardening.mdwn15
2 files changed, 1 insertions, 16 deletions
diff --git a/config/amnesia b/config/amnesia
index e0d285b..4351540 100644
--- a/config/amnesia
+++ b/config/amnesia
@@ -13,7 +13,7 @@
# Base for the string that will be passed to "lb config --bootappend-live"
# FIXME: see [[bugs/sdmem_on_eject_broken_for_CD]] for explanation why we
# need to set block.events_dfl_poll_msecs
-AMNESIA_APPEND="live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails kaslr slab_nomerge slub_debug=FZ mce=0 vsyscall=none"
+AMNESIA_APPEND="live-media=removable apparmor=1 security=apparmor nopersistence noprompt timezone=Etc/UTC block.events_dfl_poll_msecs=1000 splash noautologin module=Tails kaslr slab_nomerge slub_debug=FZ mce=0"
# Options passed to isohybrid
AMNESIA_ISOHYBRID_OPTS="-h 255 -s 63"
diff --git a/wiki/src/contribute/design/kernel_hardening.mdwn b/wiki/src/contribute/design/kernel_hardening.mdwn
index fc09be2..2e5222e 100644
--- a/wiki/src/contribute/design/kernel_hardening.mdwn
+++ b/wiki/src/contribute/design/kernel_hardening.mdwn
@@ -47,21 +47,6 @@ command line, `slab_nomerge` is implied. But having `slab_nomerge`
explicitely declared can help prevent regressions where disabling of
debugging features is desired but re-enabling of merging is not.
-#### `vsyscall=none`
-
-Virtual syscalls are the obsolete predecessor of vDSO calls.
-Unfortunately, both `vsyscall=native` and `vsyscall=emulate` (the
-default) have a negative security impact, with the latter a little
-less so. Namely, they provide a target for any attacker who has
-control of the return instruction pointer, which is increasingly
-common these days now that attackers need to resort to ROP and similar
-attacks which target a process' control flow. The impact of this is
-with reduced compatibility, however only legacy statically compiled
-binaries and old versions of glibc used vsyscalls. All software on
-modern Tails uses vDSO instead. If for some reason a program does try
-to use a vsyscall, the process will crash with a memory access
-violation, and won't bring the whole system down.
-
#### `mce=0`
Mostly useful for systems with ECC memory, setting `mce` to 0 will