Comment 2 for bug 1987998

Performing verification for Jammy

I started a fresh Jammy VM, running 5.15.0-52-generic from -updates.

I edited /etc/default/grub and set GRUB_CMDLINE_LINUX_DEFAULT to "lsm=landlock,bpf,apparmor", updated grub, and rebooted.

The system panicked with the usual splat:

[ 0.355151] LSM: Security Framework initializing
[ 0.356309] landlock: Up and running.
[ 0.357186] LSM support for eBPF active
[ 0.358143] Kernel panic - not syncing: security_add_hooks Too many LSMs registered.
[ 0.359849] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.15.0-52-generic #58-Ubuntu
[ 0.360292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014
[ 0.360292] Call Trace:
[ 0.360292] <TASK>
[ 0.360292] show_stack+0x52/0x5c
[ 0.360292] dump_stack_lvl+0x4a/0x63
[ 0.360292] dump_stack+0x10/0x16
[ 0.360292] panic+0x149/0x321
[ 0.360292] security_add_hooks+0x45/0x13a
[ 0.360292] apparmor_init+0x189/0x1ef
[ 0.360292] initialize_lsm+0x54/0x74
[ 0.360292] ordered_lsm_init+0x379/0x392
[ 0.360292] security_init+0x40/0x49
[ 0.360292] start_kernel+0x454/0x4ca
[ 0.360292] x86_64_start_reservations+0x24/0x2a
[ 0.360292] x86_64_start_kernel+0xfb/0x106
[ 0.360292] secondary_startup_64_no_verify+0xc2/0xcb
[ 0.360292] </TASK>
[ 0.360292] ---[ end Kernel panic - not syncing: security_add_hooks Too many LSMs registered. ]---

I then rebooted, enabled -proposed, and installed 5.15.0-53-generic, and rebooted again.

The system came up fine, with all the LSMs enabled:

[ 0.312038] LSM: Security Framework initializing
[ 0.313217] landlock: Up and running.
[ 0.314065] LSM support for eBPF active
[ 0.314999] AppArmor: AppArmor initialized

The 5.15.0-53-generic kernel in -proposed fixes the issue, happy to mark verified for Jammy.