scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-01 19:07:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update 60-custom.just.readme.md to put new kargs in the correct section (#357)

Browse Source 
the new kargs were added to set-kargs-hardening, not set-kargs-hardening-unstable
This commit is contained in:
spaceoden
2024-08-02 12:01:52 -08:00
committed by GitHub
parent 9f56f2ff06
commit c21a697252
1 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
files/system/usr/share/ublue-os/just/60-custom.just.readme.md
View File

@@ -62,16 +62,6 @@
`mitigations=auto,nosmt`
## Included in set-kargs-hardening-unstable
**Fill IOMMU protection gap by setting the busmaster bit during early boot**
`efi=disable_early_pci_dma`
**Disable debugfs to prevent exposure of sensitive kernel information**
`debugfs=off`
**Turn on spectre_v2 mitigations at boot time for all programs**
`spectre_v2=on`
@@ -86,4 +76,14 @@
**Mitigate unprivileged speculative access to data by using the microcode mitigation when available or by disabling AVX on affected systems where the microcode hasnt been updated to include the mitigation.**
`gather_data_sampling=force`
`gather_data_sampling=force`
## Included in set-kargs-hardening-unstable
**Fill IOMMU protection gap by setting the busmaster bit during early boot**
`efi=disable_early_pci_dma`
**Disable debugfs to prevent exposure of sensitive kernel information**
`debugfs=off`