diff options
| -rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index ff3e4fb2562..8158865ab29 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -363,6 +363,7 @@ let SECURITY_APPARMOR = yes; DEFAULT_SECURITY_APPARMOR = yes; + SECURITY_LOCKDOWN_LSM = whenAtLeast "5.4" yes; } // optionalAttrs (!stdenv.hostPlatform.isAarch32) { # Detect buffer overflows on the stack |