BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nixos/hardened: disable ftrace by default

Browse source
This commit is contained in:
Joachim Fasting 2019-07-04 18:50:48 +02:00
parent 44b6999614
commit c233e24d54
No known key found for this signature in database
GPG key ID: 5C204DF675C90294
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
nixos/modules/profiles/hardened.nix
View file

@ -89,4 +89,7 @@ with lib;
#
# The value is taken from the KSPP recommendations (Debian uses 4096).
boot.kernel.sysctl."vm.mmap_min_addr" = mkDefault 65536;
# Disable ftrace debugging
boot.kernel.sysctl."kernel.ftrace_enabled" = mkDefault false;
}