From 48ff4f119735dc60c3e2794a71b00757b838d877 Mon Sep 17 00:00:00 2001
From: Joachim Fasting <joachifm@fastmail.fm>
Date: Tue, 23 Apr 2019 22:21:40 +0200
Subject: nixos/hardened: use graphene-hardened malloc by default

---
 nixos/modules/profiles/hardened.nix | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'nixos/modules')

diff --git a/nixos/modules/profiles/hardened.nix b/nixos/modules/profiles/hardened.nix
index 9ab2ee87a19e..87bf66333c61 100644
--- a/nixos/modules/profiles/hardened.nix
+++ b/nixos/modules/profiles/hardened.nix
@@ -14,6 +14,8 @@ with lib;
 
   nix.allowedUsers = mkDefault [ "@users" ];
 
+  environment.memoryAllocator.provider = mkDefault "graphene-hardened";
+
   security.hideProcessInformation = mkDefault true;
 
   security.lockKernelModules = mkDefault true;
-- 
cgit 1.4.1