diff options
| author | Robert Scott <code@humanleg.org.uk> | 2023-03-29 22:32:24 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-03-29 22:32:24 +0100 |
| commit | 9a6aabc4740790ef3bbb246b86d029ccf6759658 (patch) | |
| tree | d3c4863dc64a2e1b087dc9a368f439d46536a10e /nixos | |
| parent | bede0015fdc3850ecfb7225d726b8b32f5fa21aa (diff) | |
| parent | a76bd96e4bfa869fd51310574490ff6e2659685a (diff) | |
| download | nixpkgs-9a6aabc4740790ef3bbb246b86d029ccf6759658.tar nixpkgs-9a6aabc4740790ef3bbb246b86d029ccf6759658.tar.gz nixpkgs-9a6aabc4740790ef3bbb246b86d029ccf6759658.tar.bz2 nixpkgs-9a6aabc4740790ef3bbb246b86d029ccf6759658.tar.lz nixpkgs-9a6aabc4740790ef3bbb246b86d029ccf6759658.tar.xz nixpkgs-9a6aabc4740790ef3bbb246b86d029ccf6759658.tar.zst nixpkgs-9a6aabc4740790ef3bbb246b86d029ccf6759658.zip | |
Merge pull request #223548 from enc0urage/fix-graphene-hardened
nixos/malloc: set vm.max_map_count when using graphene-hardened
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/config/malloc.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/nixos/modules/config/malloc.nix b/nixos/modules/config/malloc.nix index 4db0480b155..b740ebfccb2 100644 --- a/nixos/modules/config/malloc.nix +++ b/nixos/modules/config/malloc.nix @@ -97,6 +97,7 @@ in }; config = mkIf (cfg.provider != "libc") { + boot.kernel.sysctl."vm.max_map_count" = mkIf (cfg.provider == "graphene-hardened") (mkDefault 1048576); environment.etc."ld-nix.so.preload".text = '' ${providerLibPath} ''; |