I want to enable the BPF LSM, I have added
lsm=lockdown,capability,yama,apparmor,bpf
to GRUB_CMDLINE_LINUX_DEFAULT
in /etc/default/grub
, and run update-grub
. After rebooting, it still displays lockdown,capability,yama,apparmor
for cat /sys/kernel/security/lsm
.
The cat /proc/cmdline
displays
BOOT_IMAGE=/boot/vmlinuz-5.8.0-48-generic root=UUID=a94e991b-4a4b-42ae-9729-ef5199478c48 ro debian-installer/custom-installation=/custom find_preseed=/preseed.cfg auto preseed/file=/floppy/preseed.cfg automatic-ubiquity noprompt priority=critical locale=en_US console-setup/modelcode=evdev lsm=lockdown,capability,yama,apparmor,bpf
My kernel version is 5.8.0-48-generic
from uname -r
.
Best Answer
Ubuntu 20.04
Adding bpf to CONFIG_LSM, then rebooting worked for me.