Comment # 8 on bug 1173158 from 
Hrm, that's bad, I thoguht that we had a kind of automatic key enrollment for
Nvidia in the past, at least at the beginning of the Secure Boot support.

The problem isn't too serious on TW because the TW kernel (i.e. the upstream
kernel) still has no strict lockdown.  SLE / Leap kernel has a stricter
lockdown, so it can be an actual problem.  It might be a problem on TW as well
once when the upstream accepts the more lockdown.

IOW, it's not only about CONFIG_MODULE_SIG.  Rather the key point is whether
the kernel has a lockdown feature for the unsigned module or not.

You are receiving this mail because: