From 8dbd385e1cc6f486b8913235ed92e952ae96c16a Mon Sep 17 00:00:00 2001
From: Shea Levy <shea@shealevy.com>
Date: Mon, 18 May 2015 14:32:29 -0400
Subject: [PATCH] kernel config: Fix grsecurity-specific config

Refs 13a38440c6993438ec7847eb8f00ad66fb3fd946
---
 pkgs/os-specific/linux/kernel/common-config.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index 4f3813f6ed8..25b707614ed 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -234,7 +234,7 @@ with stdenv.lib;
   # Security related features.
   STRICT_DEVMEM y # Filter access to /dev/mem
   SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default
-  ${optionalString (!features.grsecurity or true) ''
+  ${optionalString (!(features.grsecurity or false)) ''
     DEVKMEM n # Disable /dev/kmem
   ''}
   ${if versionOlder version "3.14" then ''
@@ -380,7 +380,7 @@ with stdenv.lib;
 
   # Virtualisation.
   PARAVIRT? y
-  ${optionalString (!features.grsecurity or true)
+  ${optionalString (!(features.grsecurity or false))
     (if versionAtLeast version "3.10" then ''
       HYPERVISOR_GUEST y
     '' else ''