[PATCH 0/3][E] LSM changes for Eoan

Tyler Hicks tyhicks at canonical.com
Wed Sep 25 21:43:51 UTC 2019

BugLink: https://launchpad.net/bugs/1845383
BugLink: https://launchpad.net/bugs/1845391

I set out to enable building the SafeSetID LSM in our Eoan kernel and
came across a needed bug fix and a small cleanup for the CONFIG_LSM
value that we have in our kernel configs.

None of these changes are urgent and could be deferred to E+1, if

The functional result of the patch set is that the SafeSetID LSM will be
built but not enabled by default. A system administrator can then make
use of SafeSetID, if desired, using the "lsm" kernel command-line


Micah Morton (1):
  LSM: SafeSetID: Stop releasing uninitialized ruleset

Tyler Hicks (2):
  UBUNTU: [Config] loadpin shouldn't be in CONFIG_LSM
  UBUNTU: [Config] Build SafeSetID LSM but don't enable it by default

 debian.master/config/annotations          | 6 +++---
 debian.master/config/config.common.ubuntu | 4 ++--
 security/safesetid/securityfs.c           | 3 ++-
 3 files changed, 7 insertions(+), 6 deletions(-)


More information about the kernel-team mailing list