diff options
| author | Akshat Agarwal <humancalico@disroot.org> | 2021-11-02 16:43:55 +0530 |
|---|---|---|
| committer | Akshat Agarwal <humancalico@disroot.org> | 2021-11-09 16:29:40 +0530 |
| commit | 972d7e74f61e2ded43e8ff998c1b8678c14f8e49 (patch) | |
| tree | a8b9bce1ad980a1e64fa51f4bae5062f59369880 /pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch | |
| parent | 3ce3e50053b5b3a512b6ea528826c104ddf296fa (diff) | |
linux-kernel: enable BPF_LSM
Enables instrumentation of the security hooks with BPF programs for
implementing dynamic MAC and Audit Policies.
The BPF LSM was merged into the Linux kernel 5.7
This has already been enabled in Fedora (version 33 onwards), Ubuntu
(Hirsute Hippo), Flatcar Linux, Arch Linux.
Distros like Ubuntu don't enable bpf in CONFIG_LSM by default to avoid
any performance penalty so similar to that this commit enables
CONFIG_BPF_LSM but doesn't add bpf to the default list in CONFIG_LSM,
users willing to use this feature could boot with the lsm=...bpf
parameter on the kernel
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=641cd7b06c911c5935c34f24850ea18690649917
https://outflux.net/blog/archives/2020/09/21/security-things-in-linux-v5-7/
https://lwn.net/Articles/813057/
https://github.com/flatcar-linux/Flatcar/issues/343
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1905975
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983329
Diffstat (limited to 'pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch')
0 files changed, 0 insertions, 0 deletions