I also noticed this issue with the latest Ubuntu 22.04 amd64 release
image (ami-09d56f8956ab235b3). It does not have "bpf" in CONFIG_LSM.
root@:/home/ubuntu# uname -a
Linux 5.15.0-1004-aws #6-Ubuntu SMP Thu Mar 31 09:44:20 UTC 2022 x86_64
x86_64 x86_64 GNU/Linux
root@:/home/ubuntu#
root@:/home/ubuntu# grep LSM /boot/config-$(uname -r)
CONFIG_BPF_LSM=y
CONFIG_IIO_ST_LSM6DSX=m
CONFIG_IIO_ST_LSM6DSX_I2C=m
CONFIG_IIO_ST_LSM6DSX_SPI=m
CONFIG_IIO_ST_LSM6DSX_I3C=m
CONFIG_IIO_ST_LSM9DS0=m
CONFIG_IIO_ST_LSM9DS0_I2C=m
CONFIG_IIO_ST_LSM9DS0_SPI=m
CONFIG_LSM_MMAP_MIN_ADDR=0
CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
CONFIG_IMA_LSM_RULES=y
CONFIG_LSM="landlock,lockdown,yama,integrity,apparmor"
root@:/home/ubuntu#
Update: I thought this was an immutable kernel config option, but I found the
corresponding kernel boot flag.
./Documentation/admin-guide/kernel-parameters.txt
lsm=lsm1,...,lsmN
[SECURITY] Choose order of LSM initialization. This
overrides CONFIG_LSM, and the "security=" parameter.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964941
Title:
Adding bpf to CONFIG_LSM in 5.13 kernels
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1964941/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs