From 5f3729800ffababd51df0ad56427a67369ef5f2d Mon Sep 17 00:00:00 2001
From: Jan Alexander Steffens <heftig@archlinux.org>
Date: Sun, 19 Jun 2022 20:12:32 +0000
Subject: [PATCH] FS#75102: Add integrity to LSM

This only initializes a cache which is used by IMA. So it does nothing
useful. Still, we technically have the integrity LSM and this removes a
footgun should IMA ever get enabled.
---
 PKGBUILD | 2 +-
 config   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/PKGBUILD b/PKGBUILD
index c26c461..dd0ad3c 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -26,7 +26,7 @@ validpgpkeys=(
   'C7E7849466FE2358343588377258734B41C31549'  # David Runge <dvzrv@archlinux.org>
 )
 sha256sums=('SKIP'
-            '6379ddf576a09bf353e2dc83eb93e2ba34dc4be82ce07e30a6eb5e7ca8872048')
+            '533d32e1f6c33f7f390796af18dc3dca0a6aa294f8e9340600cd86c8df65e25b')
 
 export KBUILD_BUILD_HOST=archlinux
 export KBUILD_BUILD_USER=$pkgbase
diff --git a/config b/config
index 37b7984..d714a9b 100644
--- a/config
+++ b/config
@@ -10221,7 +10221,7 @@ CONFIG_INTEGRITY_AUDIT=y
 # CONFIG_DEFAULT_SECURITY_TOMOYO is not set
 # CONFIG_DEFAULT_SECURITY_APPARMOR is not set
 CONFIG_DEFAULT_SECURITY_DAC=y
-CONFIG_LSM="landlock,lockdown,yama,bpf"
+CONFIG_LSM="landlock,lockdown,yama,integrity,bpf"
 
 #
 # Kernel hardening options