nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-01 07:01:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

nixos/hardened profile: always enable pti

Browse Source
This commit is contained in:
Joachim Fasting 2019-01-05 13:50:36 +01:00
parent 3f1f443125
commit 167578163a
No known key found for this signature in database
GPG Key ID: 5C204DF675C90294
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/modules/profiles/hardened.nix
View File

@ -40,6 +40,9 @@ with lib;
# Disable legacy virtual syscalls
"vsyscall=none"
# Enable PTI even if CPU claims to be safe from meltdown
"pti=on"
];
boot.blacklistedKernelModules = [