Turning this option off is only significant in 4.12 kernels and newer, where the LSM hooks make use of __ro_after_init if CONFIG_SECURITY_SELINUX_DISABLE is disabled.
Per the discussion on the kernel-team list (https://lists.ubuntu.com/archives/kernel-team/2019-July/102026.html), I've made sure the test won't fail for kernels older than 4.12 regardless of whether CONFIG_SECURITY_SELINUX_DISABLE is set or unset: https://git.launchpad.net/qa-regression-testing/commit/?id=3a1752a5f5743fb330336b4d01f0a6a4200fe31f
Thanks.
Turning this option off is only significant in 4.12 kernels and newer, where the LSM hooks make use of __ro_after_init if CONFIG_ SECURITY_ SELINUX_ DISABLE is disabled.
Per the discussion on the kernel-team list (https:/ /lists. ubuntu. com/archives/ kernel- team/2019- July/102026. html), I've made sure the test won't fail for kernels older than 4.12 regardless of whether CONFIG_ SECURITY_ SELINUX_ DISABLE is set or unset: https:/ /git.launchpad. net/qa- regression- testing/ commit/ ?id=3a1752a5f57 43fb330336b4d01 f0a6a4200fe31f
Thanks.