diff --git a/tools/packaging/kernel/configs/fragments/common/lsm.conf b/tools/packaging/kernel/configs/fragments/common/lsm.conf
new file mode 100644
index 0000000000..6dc685fca7
--- /dev/null
+++ b/tools/packaging/kernel/configs/fragments/common/lsm.conf
@@ -0,0 +1,12 @@
+# SELinux support:
+CONFIG_AUDIT=y
+CONFIG_AUDITSYSCALL=y
+CONFIG_LSM_MMAP_MIN_ADDR=6553
+CONFIG_NETWORK_SECMARK=y
+CONFIG_SECURITY_NETWORK=y
+CONFIG_SECURITY_SELINUX=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM=y
+CONFIG_SECURITY_SELINUX_DEVELOP=y
+CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
+CONFIG_SECURITY_SELINUX_SIDTAB_HASH_BITS=9
+CONFIG_SECURITY_SELINUX_SID2STR_CACHE_SIZE=256
diff --git a/tools/packaging/kernel/kata_config_version b/tools/packaging/kernel/kata_config_version
index f906e1845d..c17e934b51 100644
--- a/tools/packaging/kernel/kata_config_version
+++ b/tools/packaging/kernel/kata_config_version
@@ -1 +1 @@
-96
+97