felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-05-20 21:41:12 +02:00
Code Issues Projects Releases Wiki Activity
Files
0d7f05e56d6b96402889f15a4c3ee98698396500
pvv-nixos-config/base/mitigations.nix

25 lines
427 B
Nix
Raw Blame History

{ pkgs, lib, ... }:
let
modulesToBan = [
# copy.fail
"af_alg"
"algif_aead"
"algif_hash"
"algif_rng"
"algif_skcipher"
# dirtyfrag / Fragnesia
"esp4"
"esp6"
"rxrpc"
# PinTheft
"rds"
];
in
{
boot.blacklistedKernelModules = modulesToBan;
boot.extraModprobeConfig = lib.concatMapStringsSep "\n" (mod: "install ${mod} ${lib.getExe' pkgs.coreutils "false"}") modulesToBan;
}
Reference in New Issue View Git Blame Copy Permalink