https://bugzilla.suse.com/show_bug.cgi?id=1209006 https://bugzilla.suse.com/show_bug.cgi?id=1209006#c29 --- Comment #29 from Joey Lee <jlee@suse.com> --- (In reply to Jiri Slaby from comment #17)

(In reply to Stefan Dirsch from comment #14)

...

...

But we will need to change the rpm scripts of Nvidia driver again when Eric Snowberg's patch set be merged on mainline if we want to follow upstream's approach.

Ok. But I need to know in which way. And I would like to have the time to prepare this beforehand ...

Ok, this is enough.

commit 44ca817f15b215421a4c788790dd5351c186d1df (HEAD -> stable, origin/users/jslaby/stable/for-next) Author: Jiri Slaby <jslaby@suse.cz> Date: Thu Mar 9 07:01:29 2023 +0100

Disable lockdown. (bsc#1209006)

This somehow doesn't play good wrt to external modules.

When all is ready again, we can revert this revert.

master still have the patchset enabled, we can tune there...

I have sent new change to master/for-next. I port the KEYS-Make-use-of-platform-keyring-for-module-signatu.patch patch, and also set CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT=y to detect secure boot. -- You are receiving this mail because: You are on the CC list for the bug.