On Wed, Jan 16, 2013 at 03:44:02PM +0800, joeyli wrote:
於 二,2013-01-15 於 23:10 -0800,Greg KH 提到:
On Wed, Jan 16, 2013 at 02:49:34PM +0800, Lee, Chun-Yi wrote:
Patch-mainline: Not yet, reviewing (contributed by Takashi) Target: openSUSE 12.3
Why do we want to add this feature to 12.3 when it isn't needed by anyone? And it's not accepted upstream either.
thanks,
greg k-h
The purpose of this patch set is for sign driver firmware to avoid attacker change the firmware to attack system. Takashi sent patches to upstream for ask other experts' thinking.
But, yes, upstream didn't accept it until now.
Now? I don't see them in Linus's tree, do you? And all firmware should already be signed, you are trying to extend the chain-of-trust to a different processor on the system, which is _way_ beyond what UEFI is asking for, and beyond anything that anyone has ever suggested. I really don't think these are necessary, does anyone else? greg k-h -- To unsubscribe, e-mail: opensuse-kernel+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kernel+owner@opensuse.org