...
init_on_alloc=1: Fill newly allocated pages and heap objects with zeroes.init_on_free=1: Fill freed pages and heap objects with zeroes.slab_nomerge: Disable merging of slabs with similar size.pti=on: Enable the control Page Table Isolation of user and kernel address spaces.slub_debug=ZF: Enable red zoning (Z) and zanity checks (F) on for all slabs (more details here).randomize_kstack_offset=on: Enable kernel stack offset randomization.slab_common.usercopy_fallback=N:iommu=pt: Get best performance using the SR-IOV (TODO).security=yama: Use theyamasecurity module to enable at boot.mce=0: TODODisables the time in us to wait for other CPUs on machine checks.rng_core.default_quality=500: Set the value of the entropy for the system.lsm=apparmor,lockdown,capability,landlock,yama,bpf: Set the order of LSM initialization.
...