| Message ID | 20220128145846.79272-1-krzysztof.kozlowski@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | [J/realtime] UBUNTU: [Config] realtime: sync LSM list with base (+landlock) | expand |
Acked-by: Tim Gardner <tim.gardner@canonical.com> Make sure CONFIG_BPF_LSM=y or you will get a boot panic. On 1/28/22 7:58 AM, Krzysztof Kozlowski wrote: > Set CONFIG_LSM to same value as base kernel, so include the landlock. > > BugLink: https://bugs.launchpad.net/bugs/1786013 > Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> > --- > debian.realtime/config/config.common.ubuntu | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/debian.realtime/config/config.common.ubuntu b/debian.realtime/config/config.common.ubuntu > index c634ebc54753..c5dd8cf65e6c 100644 > --- a/debian.realtime/config/config.common.ubuntu > +++ b/debian.realtime/config/config.common.ubuntu > @@ -5370,7 +5370,7 @@ CONFIG_LPC_SCH=m > # CONFIG_LP_CONSOLE is not set > CONFIG_LRU_CACHE=m > CONFIG_LSI_ET1011C_PHY=m > -CONFIG_LSM="lockdown,yama,integrity,apparmor" > +CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor" > CONFIG_LSM_MMAP_MIN_ADDR=0 > CONFIG_LS_EXTIRQ=y > CONFIG_LS_SCFG_MSI=y
On 28/01/2022 15:58, Krzysztof Kozlowski wrote: > Set CONFIG_LSM to same value as base kernel, so include the landlock. > > BugLink: https://bugs.launchpad.net/bugs/1786013 > Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> > --- > debian.realtime/config/config.common.ubuntu | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Applied to realtime Best regards, Krzysztof
diff --git a/debian.realtime/config/config.common.ubuntu b/debian.realtime/config/config.common.ubuntu index c634ebc54753..c5dd8cf65e6c 100644 --- a/debian.realtime/config/config.common.ubuntu +++ b/debian.realtime/config/config.common.ubuntu @@ -5370,7 +5370,7 @@ CONFIG_LPC_SCH=m # CONFIG_LP_CONSOLE is not set CONFIG_LRU_CACHE=m CONFIG_LSI_ET1011C_PHY=m -CONFIG_LSM="lockdown,yama,integrity,apparmor" +CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor" CONFIG_LSM_MMAP_MIN_ADDR=0 CONFIG_LS_EXTIRQ=y CONFIG_LS_SCFG_MSI=y
Set CONFIG_LSM to same value as base kernel, so include the landlock. BugLink: https://bugs.launchpad.net/bugs/1786013 Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@canonical.com> --- debian.realtime/config/config.common.ubuntu | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)