lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Nov 2017 21:44:47 +0000 From: David Howells <dhowells@...hat.com> To: Alan Cox <gnomes@...rguk.ukuu.org.uk> Cc: dhowells@...hat.com, "Luis R. Rodriguez" <mcgrof@...nel.org>, "AKASHI, Takahiro" <takahiro.akashi@...aro.org>, Mimi Zohar <zohar@...ux.vnet.ibm.com>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Jan Blunck <jblunck@...radead.org>, Julia Lawall <julia.lawall@...6.fr>, Marcus Meissner <meissner@...e.de>, Gary Lin <GLin@...e.com>, linux-security-module@...r.kernel.org, linux-efi <linux-efi@...r.kernel.org>, linux-kernel@...r.kernel.org, Matthew Garrett <mjg59@...gle.com> Subject: Re: Firmware signing -- Re: [PATCH 00/27] security, efi: Add kernel lockdown Alan Cox <gnomes@...rguk.ukuu.org.uk> wrote: > So you don't actually need to sign a lot of PC class firmware because > it's already signed. Whilst that may be true, we either have to check signatures on every bit of firmware that the appropriate driver doesn't say is meant to be signed or not bother. David
Powered by blists - more mailing lists