diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2019-02-01 14:36:50 +0100 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2019-02-01 19:43:52 +0100 |
| commit | ffec3d1894ffd05966b50efa49ca19af76c9ea81 (patch) | |
| tree | 90259a29dee7634b81d4e6a7a81e86cee46dae6c | |
| parent | 6e68dcb92212d7c1123a02340b2a03aeff9f312d (diff) | |
dashboard/config: add lsm= cmdline arg for stacked modules
It won't take effect right now as security= has precedence over lsm=.
But it won't harm too and later we will only need to remove security=.
Also it will work with this custom patch for syzbot:
https://groups.google.com/d/msg/syzkaller/BSgVCTSShRQ/E6lFuiDpFwAJ
Update #973
| -rw-r--r-- | dashboard/config/upstream-apparmor.cmdline | 1 | ||||
| -rw-r--r-- | dashboard/config/upstream-selinux.cmdline | 1 | ||||
| -rw-r--r-- | dashboard/config/upstream-smack.cmdline | 1 |
3 files changed, 3 insertions, 0 deletions
diff --git a/dashboard/config/upstream-apparmor.cmdline b/dashboard/config/upstream-apparmor.cmdline index 844820520..6ec599e99 100644 --- a/dashboard/config/upstream-apparmor.cmdline +++ b/dashboard/config/upstream-apparmor.cmdline @@ -1,4 +1,5 @@ security=apparmor +lsm=yama,safesetid,integrity,tomoyo,apparmor ima_policy=tcb workqueue.watchdog_thresh=140 kvm-intel.nested=1 diff --git a/dashboard/config/upstream-selinux.cmdline b/dashboard/config/upstream-selinux.cmdline index 23064ced7..c1c80f8dd 100644 --- a/dashboard/config/upstream-selinux.cmdline +++ b/dashboard/config/upstream-selinux.cmdline @@ -1,4 +1,5 @@ security=selinux +lsm=yama,safesetid,integrity,selinux,tomoyo ima_policy=tcb workqueue.watchdog_thresh=140 kvm-intel.nested=1 diff --git a/dashboard/config/upstream-smack.cmdline b/dashboard/config/upstream-smack.cmdline index e574a7201..b5b302e4c 100644 --- a/dashboard/config/upstream-smack.cmdline +++ b/dashboard/config/upstream-smack.cmdline @@ -1,4 +1,5 @@ security=smack +lsm=yama,safesetid,integrity,smack,tomoyo ima_policy=tcb workqueue.watchdog_thresh=140 kvm-intel.nested=1 |