pygoscelis: Enable landlock support \o/

2021-06-28 11:03:33 +02:00 · 2021-06-28 11:03:33 +02:00 · 4969453569
commit 4969453569
parent 6a316dd50c
1 changed files with 3 additions and 3 deletions
--- a/6
+++ b/6
@ -4864,7 +4864,7 @@ CONFIG_SECURITY=y
 # CONFIG_SECURITYFS is not set
 # CONFIG_SECURITY_NETWORK is not set
 CONFIG_PAGE_TABLE_ISOLATION=y
-# CONFIG_SECURITY_PATH is not set
+CONFIG_SECURITY_PATH=y
 CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
 CONFIG_HARDENED_USERCOPY=y
 # CONFIG_HARDENED_USERCOPY_FALLBACK is not set
@ -4882,11 +4882,11 @@ CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
 # CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE is not set
 CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY=y
 # CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
-# CONFIG_SECURITY_LANDLOCK is not set
+CONFIG_SECURITY_LANDLOCK=y
 # CONFIG_INTEGRITY is not set
 # CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set
 CONFIG_DEFAULT_SECURITY_DAC=y
-CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity,bpf"
+CONFIG_LSM="landlock,lockdown,yama,loadpin,safesetid,integrity,bpf"
 #
 # Kernel hardening options