From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47246C4338F for ; Tue, 27 Jul 2021 06:11:59 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D94BD60551 for ; Tue, 27 Jul 2021 06:11:58 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org D94BD60551 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.ozlabs.org Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4GYmf54WP6z30CC for ; Tue, 27 Jul 2021 16:11:57 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=TOanCZ+6; dkim-atps=neutral Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2a00:1450:4864:20::633; helo=mail-ej1-x633.google.com; envelope-from=ratankgupta31@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=TOanCZ+6; dkim-atps=neutral Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4GYmdK5bSKz30QG for ; Tue, 27 Jul 2021 16:11:16 +1000 (AEST) Received: by mail-ej1-x633.google.com with SMTP id o5so20386624ejy.2 for ; Mon, 26 Jul 2021 23:11:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=z2geAxQQZjHNdjg8Xf9U/+2X5AQAbrWjLVQKQEJQT0s=; b=TOanCZ+6Z/A3WFRauLzwvNmg2gVKnb3oVYd7g+uOpwpoyw37Ih99GwGR5zBdVbXFSd 2adSYnJzQOaeH+OJ/6LNhjG0IKRPaa4oeJ+IobR9rvuuHbDv3S42WgAtg00nBFKmTa20 lTrhBoJ7+nYNKWd360FgRTQxa/MBn8NOBOMi1QBc7IskCtWg2CbToYc8mFz0a/0fa24c 7hvK3XDXlFQACjk2OrSAL2vowotjHlBNgfdRcOxFKPi1uPBJy4uqddJDny99qRCe1V/x dLHBW/OFP2vx0esrJ93b4zJLHGL2h/wpa+V8/IqJfcuG9LaoP9NXXFZ6iqX6+KGkQfnc EQRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=z2geAxQQZjHNdjg8Xf9U/+2X5AQAbrWjLVQKQEJQT0s=; b=guHabMd7jASaDFmhmtwqTR32JF51UCe1xMDReTMzT/DPCLsdA0N2ViHQXbudlFOhjo K/N01avBhEPftjA1ZDPvkuko27CRxq9FTpZUoGZlT1vWi4Yt2W1kR6KDjcxQ8D3B4m4v fG4IoOff3neGQWqIsSehUWogLVPZkCv8ulAAbqSBaFxUNqlV8+1NOnm4zLSOwfEOROMl Zzu/LXxlZbHv7GW8ANU5lN5kuZnul6Xp/M7385OkwgGn7wCjfJfyZgepcFsFt4u4cOlk ywoHwjdDS17pbc1Nt7mpQQBD+MeAgQJdfvodrOlHMqdjWro+EZpY38I4KtLQOeZUMDDu Kncw== X-Gm-Message-State: AOAM5315+gLR6wXm0tdBTiVFb5xmMbxVXBqLcis5sJi6zGtXKDP4Tbu/ 1kbRJBSjkd+tS3lTktjphJ7KY2XqvN727BDBd+fE4PWsr9Q= X-Google-Smtp-Source: ABdhPJxGPZg9AJv1syLss3/M/PbYEOuwX3dwQ3MSzVEC8rpEhHV69CuW1EdwQOO036R27b/MCvvZnQaJdLBYhuNAzCI= X-Received: by 2002:a17:906:eb99:: with SMTP id mh25mr20624881ejb.330.1627366272522; Mon, 26 Jul 2021 23:11:12 -0700 (PDT) MIME-Version: 1.0 From: Ratan Gupta Date: Tue, 27 Jul 2021 11:41:01 +0530 Message-ID: Subject: apparmor support To: joel@jms.id.au, openbmc@lists.ozlabs.org Content-Type: multipart/alternative; boundary="00000000000097de8c05c814bca8" X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+openbmc=archiver.kernel.org@lists.ozlabs.org Sender: "openbmc" --00000000000097de8c05c814bca8 Content-Type: text/plain; charset="UTF-8" Hi All, I was trying to pull apparmor in openbmc, all the user space application got pulled however I was unable to build the kernel with apparmor support. I made the following kernel configuration to include the apparmor( https://github.com/openbmc/linux/blob/dev-5.10/Documentation/admin-guide/LSM/apparmor.rst ) CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y CONFIG_SECURITY_PATH=y *CONFIG_SECURITY_APPARMOR=yCONFIG_DEFAULT_SECURITY="apparmor"CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1* CONFIG_AUDIT=y In the build tree, kernel is not picking the above config parameters and I was getting the following logs in the config_build_log which suggest that kernel doesn't like these config. tmp/work-shared/hgx/kernel-source/.kernel-meta/cfg/merge_config_build.log Value requested for CONFIG_SECURITY_PATH not in final .config Requested value: CONFIG_SECURITY_PATH=y CONFIG_SECURITY_PATH=y Actual value: Value requested for CONFIG_SECURITY_APPARMOR not in final .config Requested value: CONFIG_SECURITY_APPARMOR=y CONFIG_SECURITY_APPARMOR=y Actual value: Value requested for CONFIG_DEFAULT_SECURITY not in final .config Requested value: CONFIG_DEFAULT_SECURITY="apparmor" CONFIG_DEFAULT_SECURITY="apparmor" Actual value: Value requested for CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE not in final .config Requested value: CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 Actual value: Can somebody suggest me what I am missing here? Ratan Gupta --00000000000097de8c05c814bca8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Hi All,

I was trying to pull apparmor in openbmc, = all the user space application got pulled however I was unable to build the= kernel with apparmor support.

I made the following kernel configur= ation to include the apparmor( https://github.co= m/openbmc/linux/blob/dev-5.10/Documentation/admin-guide/LSM/apparmor.rst)

CONFIG_SECURITYFS=3Dy
CONFIG_SECURITY_NETWORK=3Dy
CO= NFIG_SECURITY_PATH=3Dy
CONFIG_SECURITY_APPARMOR=3Dy
CONFIG_DEFAULT= _SECURITY=3D"apparmor"
CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALU= E=3D1
CONFIG_AUDIT=3Dy

In the = build tree, kernel is not picking the above config parameters and I was get= ting the following logs in the config_build_log which suggest that kernel d= oesn't like these config.

tmp/work-shared/hgx/= kernel-source/.kernel-meta/cfg/merge_config_build.log

Value requested for CONFIG_SECURITY_PATH not in final .config
Request= ed value: =C2=A0CONFIG_SECURITY_PATH=3Dy
CONFIG_SECURITY_PATH=3Dy
Act= ual value:

Value requested for CONFIG_SECURITY_APPARMOR not in final= .config
Requested value: =C2=A0CONFIG_SECURITY_APPARMOR=3Dy
CONFIG_S= ECURITY_APPARMOR=3Dy
Actual value:

Value requested for CONFIG_DEF= AULT_SECURITY not in final .config
Requested value: =C2=A0CONFIG_DEFAULT= _SECURITY=3D"apparmor"
CONFIG_DEFAULT_SECURITY=3D"apparmo= r"
Actual value:

Value requested for CONFIG_SECURITY_APPARMO= R_BOOTPARAM_VALUE not in final .config
Requested value: =C2=A0CONFIG_SEC= URITY_APPARMOR_BOOTPARAM_VALUE=3D1
CONFIG_SECURITY_APPARMOR_BOOTPARAM_VA= LUE=3D1
Actual value:

Can somebo= dy suggest me what I am missing here?

Ratan Gupta<= /div>

--00000000000097de8c05c814bca8--