Re: CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE

2017-04-11 Thread Christian Göttsche
I am using the boot flag *checkreqprot=0* without any complications or policy changes. @Laurent if you are willing, one could alter the selinux-activate script to set the boot flag @Ben > Maybe we'll go with the new default for buster. if there are no objections from the Debian SELinux team or

Bug#906729: Please fix SELinux labels of /vmlinuz symlink after kernel update

2020-01-25 Thread Christian Göttsche
It is not needed for anything to work correctly; it is just that objects should have the context defined by the SELinux policy. The root_t context should only be used by the root path directory, anything else is suspicious and should be avoided. Also if one sets up an alert for incorrect labeled

Bug#948365: mkinitramfs: do not copy SELinux file attributes

2020-01-09 Thread Christian Göttsche
Instead of adding the option `--no-preserve=context,xattr`, the option `-Z` is a better way.

Bug#948365: mkinitramfs: do not copy SELinux file attributes

2020-01-07 Thread Christian Göttsche
context or at least it should be configured by the SELinux policy writer. Please consider using the option 'no-preserve=context,xattr'. Best regards Christian Göttsche --- /root/workspace/mkinitramfs 2020-01-07 21:09:49.015636826 +0100 +++ /usr/sbin/mkinitramfs 2020-01-07 21:10

Bug#963868: linux-image-amd64: 5.7.6 crash

2020-08-06 Thread Christian Göttsche
Control: tags -1 fixed-upstream Fixed in 5.7.13 ee27c88788b88c9c1c75e3a9ce580c79c2dba009 ("drm/amd/display: Clear dm_state for fast updates")

Bug#963868: linux-image-amd64: 5.7.6 crash (maybe amdgpu and temperature related)

2020-06-28 Thread Christian Göttsche
Related: https://bugzilla.kernel.org/show_bug.cgi?id=207383

Bug#963868: linux-image-amd64: 5.7.6 crash (maybe amdgpu and temperature related)

2020-06-28 Thread Christian Göttsche
Package: linux-image-amd64 Version: 5.7.6-1 Severity: important Linux 5.7.6 crashed probably caused by watching twitch via firefox. After rebooting and opening twitch again and it crashed again. Rebooting into Linux 5.6.14 did not result in a crash. Maybe it's temperature/throttling related.

Bug#1022202: linux: rebuild upgrades of running kernel breaks module loading

2022-10-21 Thread Christian Göttsche
source: linux version: 6.0.2-1+b1 severity: important Upgrading the package of the currently running kernel, e.g. for rebuilds like 6.0.2-1+b1, breaks module loading until the next reboot. Trying to load modules by applications, e.g. qemu, will fail: Oct 21 22:23:23 debianHome kernel: BPF:

Bug#1025845: linux: please enable CONFIG_KFENCE

2022-12-10 Thread Christian Göttsche
Source: linux Version: 6.0.12-1 Tags: security Please enable support for Kernel Electric-Fence (KFENCE), a memory safety error detector, see https://docs.kernel.org/dev-tools/kfence.html. Whether to actually enable it by default (do not set CONFIG_KFENCE_SAMPLE_INTERVAL) or disable it (set

Bug#1041855: linux-image-6.4.0-1-amd64: IO wait regression

2023-07-24 Thread Christian Göttsche
Package: src:linux Version: 6.4.4-1 Severity: serious Dear Maintainer, Kernel 6.4.4 is affected by a regression causing one core be report high IO wait utilization. See https://lore.kernel.org/lkml/12251678.o9o76zd...@natalenko.name/