Build 20211229 added 'lsm=apparmor' as a kernel parameter into
GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub.

Please change it to 'lsm=integrity,apparmor' to allow using IMA (e.g.
'ima_policy=tcb' kernel parameter). That avoids kernel oops breaking boot [1]:

[    1.210321][    T1] Kernel panic - not syncing: integrity_inode_get:
lsm=integrity required.
[    1.212119][    T1] CPU: 0 PID: 1 Comm: swapper/0 Not tainted
5.15.12-1-default #1 openSUSE Tumbleweed
dacaf19d133e8023737b25567dc90a32d973f26e
[    1.215246][    T1] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS rel-1.14.0-0-g155821a-rebuilt.opensuse.org 04/01/2014
[    1.218496][    T1] Call Trace:
[    1.219715][    T1]  <TASK>
[    1.220844][    T1]  dump_stack_lvl+0x46/0x5a
[    1.222144][    T1]  panic+0xf3/0x2cb
[    1.223326][    T1]  integrity_inode_get.cold+0x13/0x13
[    1.224710][    T1]  process_measurement+0x86e/0x960
[    1.226069][    T1]  ? aa_file_perm+0x112/0x480
[    1.227359][    T1]  ? select_task_rq_fair+0x15a/0x1350
[    1.228744][    T1]  ? __kernel_read+0x14a/0x2d0
[    1.230068][    T1]  ? profile_signal_perm.part.0+0x91/0xb0
[    1.231516][    T1]  ima_bprm_check+0x55/0xb0
[    1.232810][    T1]  bprm_execve+0x22a/0x660
[    1.234104][    T1]  ? rest_init+0xc0/0xc0
[    1.235372][    T1]  kernel_execve+0x12e/0x1b0
[    1.236689][    T1]  kernel_init+0x76/0x120
[    1.237982][    T1]  ret_from_fork+0x22/0x30
[    1.239278][    T1]  </TASK>
[    1.240462][    T1] Kernel Offset: 0x7600000 from 0xffffffff81000000
(relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[    1.243605][    T1] Rebooting in 90 seconds..

[1] https://openqa.opensuse.org/tests/2122167#step/boot_ltp/13