Public bug reported:
The CONFIG_FANOTIFY_ACCESS_PERMISSIONS option is required for certain
security products, like Microsoft Defender for Endpoints, to operate
correctly. As far as I can tell, it causes no overhead (when not
actively using it), in terms of code size or startup time.
It is currently disabled in the Focal Fossa -kvm kernel:
$ grep CONFIG_FANOTIFY /boot/config-5.4.0-1032-kvm
CONFIG_FANOTIFY=y
# CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set
While it is enabled in the -generic kernel:
$ grep CONFIG_FANOTIFY /boot/config-5.4.0-65-generic
CONFIG_FANOTIFY=y
CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y
The same goes for Bionic Beaver.
** Affects: linux-kvm (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1915688
Title:
Please enable CONFIG_FANOTIFY_ACCESS_PERMISSIONS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1915688/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
