apparmor-profile-everything is another reason to set this. During boot, a lot of apparmor messages are displayed on the console which slows down boot speed a large amount. We can probably set it in the initramfs so stuff before systemd-sysctl gets hidden too.