From 74f554ba0823667a234dda9322cf3bb4446dcdb9 Mon Sep 17 00:00:00 2001
From: Kevin Klopfenstetin <kk@sudo-i.net>
Date: Tue, 2 Apr 2024 20:36:31 +0000
Subject: [PATCH] fix: bpf program failes due of linux LSM Lockdown Commonly
 used Kubernetes CNI using multiple feature are blocked by this parameter

Signed-off-by: Kevin Klopfenstein <kk@sudo-i.net>
---
 pkg/machinery/kernel/kernel.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/machinery/kernel/kernel.go b/pkg/machinery/kernel/kernel.go
index 2242f4b8b4..c5963ddfdf 100644
--- a/pkg/machinery/kernel/kernel.go
+++ b/pkg/machinery/kernel/kernel.go
@@ -35,7 +35,7 @@ var DefaultArgs = []string{
 
 // SecureBootArgs returns the kernel commandline options required for secure boot.
 var SecureBootArgs = []string{
-	"lockdown=confidentiality",
+	"lockdown=integrity",
 }
 
 // Param represents a kernel system property.