Please add AppArmor support to linux-aarch64

Discussion about U-Boot and the kernel.

Please add AppArmor support to linux-aarch64

Postby aYmnq2ZgvU2jSv57 » Sat Feb 06, 2021 9:15 am

Hello, I want to request you to add AppArmor support to the linux-aarch64 kernel. This feature is added in Arch Linux (x86_64), you could almost certainly use that for references. I think it should be as simple as adding a few kernel compile time options: https://wiki.archlinux.org/index.php/AppArmor#Custom_kernel.

linux-aarch64 kernel:
$this->bbcode_second_pass_code('', '
$ zgrep -i apparmor /proc/config.gz
# CONFIG_SECURITY_APPARMOR is not set
CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
')

linux kernel (Arch Linux x86_64):
$this->bbcode_second_pass_code('', '
$ zgrep -i apparmor /proc/config.gz
CONFIG_SECURITY_APPARMOR=y
CONFIG_SECURITY_APPARMOR_HASH=y
CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
# CONFIG_SECURITY_APPARMOR_DEBUG is not set
# CONFIG_DEFAULT_SECURITY_APPARMOR is not set
')

P.S.: I think you should consider making the kernel config options the same as upstream Arch Linux x86_64 in the future. I know there is some things that need to be a bit different in the kernel to port it to ARM but having the general non-architecture dependent options the same as upstream would be nice.
aYmnq2ZgvU2jSv57
 
Posts: 2
Joined: Sun Oct 04, 2020 8:42 am

Return to U-Boot/Kernel

Who is online

Users browsing this forum: No registered users and 2 guests