Ubuntu
linux-kvm package

Please enable CONFIG_FANOTIFY_ACCESS_PERMISSIONS

Bug #1915688 reported by Rene H. Larsen on 2021-02-15

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	linux-kvm (Ubuntu)	New	Undecided	Unassigned

Bug Description

The CONFIG_FANOTIFY_ACCESS_PERMISSIONS option is required for certain security products, like Microsoft Defender for Endpoints, to operate correctly. As far as I can tell, it causes no overhead (when not actively using it), in terms of code size or startup time.

It is currently disabled in the Focal Fossa -kvm kernel:

$ grep CONFIG_FANOTIFY /boot/config-5.4.0-1032-kvm
CONFIG_FANOTIFY=y
# CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set

While it is enabled in the -generic kernel:

$ grep CONFIG_FANOTIFY /boot/config-5.4.0-65-generic
CONFIG_FANOTIFY=y
CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y

The same goes for Bionic Beaver.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux-kvm package

Please enable CONFIG_FANOTIFY_ACCESS_PERMISSIONS

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
linux-kvm package