From a3d7b0af229f79b9ffbc062175a5780d80fc3f32 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Thu, 13 Feb 2020 02:03:21 +0200
Subject: [PATCH] etc/default/grub.d/lockdown.cfg: notes + lockdown=integrity
 comment

---
 etc/default/grub.d/lockdown.cfg | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/etc/default/grub.d/lockdown.cfg b/etc/default/grub.d/lockdown.cfg
index 63a1d757..99d40180 100644
--- a/etc/default/grub.d/lockdown.cfg
+++ b/etc/default/grub.d/lockdown.cfg
@@ -3,4 +3,12 @@
 # confidentiality, kernel features that allow userland to extract
 # confidential information from the kernel are also disabled.
 # https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html
+
 GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT lockdown=confidentiality"
+#GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT lockdown=integrity"
+
+# Notes:
+# * Zaldaryn loses ethernet in lockdown mode.
+# * Itwjyg kernel panics (attempted to kill init) on lockdown=confidentiality,
+#   works with lockdown=integrity. MacBook weirdness?
+# * Kincarron, Rbtpzn, have no problems.