@@ -222,6 +222,23 @@ echo 'Optional Features:'

 		echo "    $(wrap_color '(note that cgroup swap accounting is not enabled in your kernel config, you can enable it by setting boot option "swapaccount=1")' bold black)"

 	fi

 }

+{

+	if is_set LEGACY_VSYSCALL_NATIVE; then

+		echo -n "- "; wrap_good "CONFIG_LEGACY_VSYSCALL_NATIVE" 'enabled'

+	elif is_set LEGACY_VSYSCALL_EMULATE; then

+		echo -n "- "; wrap_good "CONFIG_LEGACY_VSYSCALL_EMULATE" 'enabled'

+	elif is_set LEGACY_VSYSCALL_NONE; then

+		echo -n "- "; wrap_bad "CONFIG_LEGACY_VSYSCALL_NONE" 'enabled'

+		echo "    $(wrap_color '(containers using eglibc <= 2.13 will not work. Switch to' bold black)"

+		echo "    $(wrap_color ' "CONFIG_VSYSCALL_[NATIVE|EMULATE]" or use "vsyscall=[native|emulate]"' bold black)"

+		echo "    $(wrap_color ' on kernel command line. Note that this will disable ASLR for the,' bold black)"

+		echo "    $(wrap_color ' VDSO which may assist in exploiting security vulnerabilities.)' bold black)"

+	# else Older kernels (prior to 3dc33bd30f3e, released in v4.40-rc1) do

+	#      not have these LEGACY_VSYSCALL options and are effectively

+	#      LEGACY_VSYSCALL_EMULATE. Even older kernels are presumably

+	#      effectively LEGACY_VSYSCALL_NATIVE.

+	fi

+}

 if [ "$kernelMajor" -lt 4 ] || [ "$kernelMajor" -eq 4 -a "$kernelMinor" -le 5 ]; then

 	check_flags MEMCG_KMEM