Source: linux Version: 5.5.13-2 Severity: wishlist Tags: patch X-Debbugs-CC: quentin@isovalent.com Dear Maintainer(s), LOCKDOWN_CONFIDENTIALITY_MAX restricts a lot of useful features, even security ones (like monitoring via BPF), while not adding that much value for common use cases. Recently, Ubuntu, RedHat and SUSE changed the default to LOCKDOWN_INTEGRITY_MAX. I believe we should do the same. MR: https://salsa.debian.org/kernel-team/linux/-/merge_requests/230 References: https://github.com/iovisor/bcc/issues/2565#issuecomment-606566675 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1868626 https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=ef7c6600bb3e https://bugzilla.redhat.com/show_bug.cgi?id=1815571 Thanks! -- Kind regards, Luca Boccassi
Attachment:
signature.asc
Description: This is a digitally signed message part