On 23.08.2016 13:32, Josh Boyer wrote:
On Tue, Aug 23, 2016 at 7:23 AM, Thorsten Leemhuis fedora@leemhuis.info wrote:
On 22.08.2016 23:14, Laura Abbott wrote:
Hmmm. Is that really a good description of the current situation in this context? What patches are we actually talking about? I see about ten in git that are related to secure boot; among them are these: http://pkgs.fedoraproject.org/cgit/rpms/kernel.git/tree/Add-option-to-automa... http://pkgs.fedoraproject.org/cgit/rpms/kernel.git/tree/Add-secure_modules-c... http://pkgs.fedoraproject.org/cgit/rpms/kernel.git/tree/efi-Disable-secure-b... http://pkgs.fedoraproject.org/cgit/rpms/kernel.git/tree/Add-sysrq-option-to-...
There are more.
Yeah, I know; guess you missed the "[…] see about ten […]" above. Whatever, that's not why I'm writing this mail.
That was already done once.
Yeah, but back then Ubuntu wasn't on board iirc, as they afaics added some of those patches only a few months ago. When 15.10 was released you could still load unsigned modules even when secure boot was enabled; that changed with a kernel update (I was told) and was different in 16.04 from the start.
IOW: one more and important player in the field with similar goals. I guess that was one of the points I wanted to make but didn't state clearly enough.
[…] I don't want people to get them impression that it will be simple or trivial to upstream.
+1
Cu, knurd