etc/default/grub.d: add lockdown.cfg
This commit is contained in:
parent
60899ca667
commit
b770e356cb
|
@ -0,0 +1,6 @@
|
|||
# Enable the kernel lockdown feature. If set to integrity, kernel features
|
||||
# that allow userland to modify the running kernel are disabled. If set to
|
||||
# confidentiality, kernel features that allow userland to extract
|
||||
# confidential information from the kernel are also disabled.
|
||||
# https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html
|
||||
GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT lockdown=confidentiality"
|
Loading…
Reference in New Issue