diff --git a/nixos.nix b/nixos.nix
index fa5ac98..02d94f9 100644
--- a/nixos.nix
+++ b/nixos.nix
@@ -118,7 +118,7 @@ in
                           env
                           ;
                         syscall = {
-                          inherit (app) multiarch bluetooth;
+                          inherit (app) compat multiarch bluetooth;
                           deny_devel = !app.devel;
                         };
                         map_real_uid = app.mapRealUid;
diff --git a/options.nix b/options.nix
index e2c44cc..7f44ef4 100644
--- a/options.nix
+++ b/options.nix
@@ -151,6 +151,7 @@ in
                 default = true;
               };
 
+              compat = mkEnableOption "disable syscall filter extensions";
               devel = mkEnableOption "development kernel APIs";
               multiarch = mkEnableOption "multiarch kernel support";
               bluetooth = mkEnableOption "AF_BLUETOOTH socket operations";