Comment 20 for bug 2019040

@all
First I checked with Luca and understood that he considers it generally good to enable those options, but his immediate need atm is on azure.

@Luca
I talked to a friend (thanks Gauthier) in regard to have a look at these options in the current azure kernel. At least there, on current lunar, the options seem to be already in place:

ubuntu@lunar:~$ uname -r
6.2.0-1008-azure
ubuntu@lunar:~$ grep -i dm_verity /boot/config-6.2.0-1008-azure
CONFIG_DM_VERITY=m
CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y
CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y
# CONFIG_DM_VERITY_FEC is not set
ubuntu@lunar:~$ grep -i CONFIG_IMA_ARCH_POLICY /boot/config-6.2.0-1008-azure
CONFIG_IMA_ARCH_POLICY=y