diff options
| author | Izorkin <izorkin@elven.pw> | 2019-12-05 11:20:07 +0300 |
|---|---|---|
| committer | Matthieu Coudron <coudron@iij.ad.jp> | 2019-12-07 12:06:23 +0100 |
| commit | 928fdab4a100be81739592d115ff7fc734fae3ca (patch) | |
| tree | fc3ab6312ad1a08ce881e11a143384c4d4c79cda /pkgs/os-specific/linux/kernel/common-config.nix | |
| parent | abc9b32fc609427b5c9e6e280ac73c3f299382e3 (diff) | |
| download | nixpkgs-928fdab4a100be81739592d115ff7fc734fae3ca.tar nixpkgs-928fdab4a100be81739592d115ff7fc734fae3ca.tar.gz nixpkgs-928fdab4a100be81739592d115ff7fc734fae3ca.tar.bz2 nixpkgs-928fdab4a100be81739592d115ff7fc734fae3ca.tar.lz nixpkgs-928fdab4a100be81739592d115ff7fc734fae3ca.tar.xz nixpkgs-928fdab4a100be81739592d115ff7fc734fae3ca.tar.zst nixpkgs-928fdab4a100be81739592d115ff7fc734fae3ca.zip | |
linux: add in kernel 5.4 lockdown feature
Diffstat (limited to 'pkgs/os-specific/linux/kernel/common-config.nix')
| -rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index ff3e4fb2562..8158865ab29 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -363,6 +363,7 @@ let SECURITY_APPARMOR = yes; DEFAULT_SECURITY_APPARMOR = yes; + SECURITY_LOCKDOWN_LSM = whenAtLeast "5.4" yes; } // optionalAttrs (!stdenv.hostPlatform.isAarch32) { # Detect buffer overflows on the stack |