[PATCH 1/1] UBUNTU: ARM: Enable AA with SECURITYFS for imx51

[Brad Figg]

Amit Kucheria wrote:
> On Wed, Mar 25, 2009 at 01:11:23PM +0000, Andy Whitcroft wrote:
>> On Tue, Mar 24, 2009 at 03:43:46PM -0700, Brad Figg wrote:
>>> It is necessary to have SECURITYFS enabled at the same time
>>> as AA.
>>>
>>> Signed-off-by: Brad Figg <brad.figg at canonical.com>
>>> ---
>>>  debian/config/armel/config           |    1 -
>>>  debian/config/armel/config.imx51     |    3 ++-
>>>  debian/config/armel/config.iop32x    |    1 +
>>>  debian/config/armel/config.ixp4xx    |    1 +
>>>  debian/config/armel/config.versatile |    1 +
>>>  5 files changed, 5 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/debian/config/armel/config b/debian/config/armel/config
>>> index f485def..47bd110 100644
>>> --- a/debian/config/armel/config
>>> +++ b/debian/config/armel/config
>>> @@ -322,7 +322,6 @@ CONFIG_SCSI_DMA=y
>>>  # CONFIG_SCSI_LOGGING is not set
>>>  # CONFIG_SCSI_SRP_ATTRS is not set
>>>  CONFIG_SCSI_WAIT_SCAN=m
>>> -# CONFIG_SECURITYFS is not set
>>>  CONFIG_SELECT_MEMORY_MODEL=y
>>>  CONFIG_SERIAL_CORE=y
>>>  CONFIG_SERIAL_CORE_CONSOLE=y
>>> diff --git a/debian/config/armel/config.imx51 b/debian/config/armel/config.imx51
>>> index 335aa0d..36abaa3 100644
>>> --- a/debian/config/armel/config.imx51
>>> +++ b/debian/config/armel/config.imx51
>>> @@ -1186,8 +1186,9 @@ CONFIG_SDIO_UNIFI_FS=m
>>>  CONFIG_SDMA_IRAM=y
>>>  CONFIG_SDMA_IRAM_SIZE=0x1000
>>>  CONFIG_SECURITY=y
>>> +CONFIG_SECURITYFS=y
>>>  CONFIG_SECURITY_APPARMOR=y
>>> -CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0
>>> +CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
>> Do we know why this changed here?
> 
> 0 -> 1?
> 
> That enables AA on bootup. We were compiling AA in, but disabling it on bootup till Brad found the problem.
> 

I thought that since I'd found the problem and turned on the securityfs
in the config we'd want to enable AA.

Was I mistaken?

Brad

-- 
Brad Figg brad.figg at canonical.com http://www.canonical.com