On Tue, Jun 12, 2018 at 4:42 PM Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > > On Tue, 2018-04-17 at 15:56 -0700, Matthew Garrett wrote: > > The kernel is taking security.apparmor into account when validating EVM, > > so evmctl should be doing the same. > > > > Signed-off-by: Matthew Garrett <mjg59@xxxxxxxxxx> > > The XATTR_NAME_APPARMOR is dependent on the version of > "/usr/include/linux/xattr.h". Without it defined, evmctl fails to > build. Hmm, true. Is it reasonable to just hardcode it rather than using the define?
