Comment # 29 on bug 1209006 from 
(In reply to Jiri Slaby from comment #17)
> (In reply to Stefan Dirsch from comment #14)
> > > But we will need to change the rpm scripts of Nvidia driver again when Eric
> > > Snowberg's patch set be merged on mainline if we want to follow upstream's
> > > approach.
> > 
> > Ok. But I need to know in which way. And I would like to have the time to
> > prepare this beforehand ...
> 
> Ok, this is enough.
> 
> commit 44ca817f15b215421a4c788790dd5351c186d1df (HEAD -> stable,
> origin/users/jslaby/stable/for-next)
> Author: Jiri Slaby <jslaby@suse.cz>
> Date:   Thu Mar 9 07:01:29 2023 +0100
> 
>     Disable lockdown. (bsc#1209006)
>     
>     This somehow doesn't play good wrt to external modules.
>     
>     When all is ready again, we can revert this revert.
> 
> 
> master still have the patchset enabled, we can tune there...

I have sent new change to master/for-next.

I port the KEYS-Make-use-of-platform-keyring-for-module-signatu.patch patch,
and also set CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT=y to detect secure boot.

You are receiving this mail because: