Hello, I want to request you to add AppArmor support to the linux-aarch64 kernel. This feature is added in Arch Linux (x86_64), you could almost certainly use that for references. I think it should be as simple as adding a few kernel compile time options: https://wiki.archlinux.org/index.php/AppArmor#Custom_kernel.
linux-aarch64 kernel:
$this->bbcode_second_pass_code('', '
$ zgrep -i apparmor /proc/config.gz
# CONFIG_SECURITY_APPARMOR is not set
CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
')
linux kernel (Arch Linux x86_64):
$this->bbcode_second_pass_code('', '
$ zgrep -i apparmor /proc/config.gz
CONFIG_SECURITY_APPARMOR=y
CONFIG_SECURITY_APPARMOR_HASH=y
CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
# CONFIG_SECURITY_APPARMOR_DEBUG is not set
# CONFIG_DEFAULT_SECURITY_APPARMOR is not set
')
P.S.: I think you should consider making the kernel config options the same as upstream Arch Linux x86_64 in the future. I know there is some things that need to be a bit different in the kernel to port it to ARM but having the general non-architecture dependent options the same as upstream would be nice.