Much ado about SBAT
Much ado about SBAT
Posted Jul 21, 2023 15:39 UTC (Fri) by bluca (subscriber, #118303)In reply to: Much ado about SBAT by zdzichu
Parent article: Much ado about SBAT
Posted Jul 22, 2023 16:32 UTC (Sat)
by zdzichu (subscriber, #17118)
[Link] (2 responses)
What gen numbers they will get in answer?
Posted Jul 22, 2023 16:53 UTC (Sat)
by excors (subscriber, #95769)
[Link] (1 responses)
Posted Aug 4, 2023 8:43 UTC (Fri)
by ghane (guest, #1805)
[Link]
Assume there are two sets of exploits, set A (which Google feels Handset OEMs can fix by themselves quickly) and set B (which need blobs from Qualcomm, etc). These are called (eg) 01 July 2023 and 05 July 2023 (the 1 and 5 are constant).
If you fix set A, you roll out the update, and claim "1 July 2023". You then have time to talk to upstream chip manufacturors, and at some time roll out "5 July 2023".
You cannot claim 1 Aug 2023, (or any future version) however, till 5 July 2023 has been included.
So from a user (and app developer) point of view, any "1" date means you are no more than 1 month behind that month, and a "5" means that you are current till that month.
Much ado about SBAT
Fedora backports the fix for 001 in their kernel. Arch backports fix for 002. They need to get new generation ID for their patched kernels, so they ask central authority.
Much ado about SBAT
Much ado about SBAT