|| ||Jiri Kosina <jkosina-AlSwsSmVLrQ-AT-public.gmane.org> |
|| ||Matthew Garrett <mjg-H+wXaHxf7aLQT0dZR+AlfA-AT-public.gmane.org> |
|| ||Re: [RFC] Second attempt at kernel secure boot support |
|| ||Mon, 29 Oct 2012 08:49:41 +0100 (CET)|
|| ||Article, Thread
On Thu, 20 Sep 2012, Matthew Garrett wrote:
> This is pretty much identical to the first patchset, but with the capability
> renamed (CAP_COMPROMISE_KERNEL) and the kexec patch dropped. If anyone wants
> to deploy these then they should disable kexec until support for signed
> kexec payloads has been merged.
Apparently your patchset currently doesn't handle device firmware loading,
nor do you seem to mention in in the comments.
I believe signed firmware loading should be put on plate as well, right?
to post comments)