projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d61c57f) | patch
apparmor: Enable tuning of policy paranoid load for embedded systems
authorJohn Johansen <john.johansen@canonical.com>
Wed, 3 Feb 2021 09:35:12 +0000 (01:35 -0800)
committerJohn Johansen <john.johansen@canonical.com>
Sat, 9 Jul 2022 22:13:59 +0000 (15:13 -0700)
commit5bfcbd22ee4e6ad5ae698518fadd0f03ea109537
tree6724a92839d6ab4b84e590ecf14a09911df81090tree | snapshot
parentd61c57fde81915c04b41982f66a159ccc014e799commit | diff
apparmor: Enable tuning of policy paranoid load for embedded systems

AppArmor by default does an extensive check on loaded policy that
can take quite some time on limited resource systems. Allow
disabling this check for embedded systems where system images are
readonly and have checksumming making the need for the embedded
policy to be fully checked to be redundant.

Note: basic policy checks are still done.

Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/Kconfig diff | blob | history
security/apparmor/lsm.c diff | blob | history
security/apparmor/policy_unpack.c diff | blob | history
MicroBlaze GIT Repository