| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+55aFzGFZT68ih446DeQbB69Fyk_wT6b7PGq0iz-gctUGQq_A@mail.gmail.com>
Date: Tue, 3 Apr 2018 14:01:41 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Matthew Garrett <mjg59@...gle.com>
Cc: Andrew Lutomirski <luto@...nel.org>,
David Howells <dhowells@...hat.com>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
James Morris <jmorris@...ei.org>,
Alan Cox <gnomes@...rguk.ukuu.org.uk>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
jforbes@...hat.com, linux-man@...r.kernel.org, jlee@...e.com,
LSM List <linux-security-module@...r.kernel.org>,
Linux API <linux-api@...r.kernel.org>,
Kees Cook <keescook@...omium.org>,
linux-efi <linux-efi@...r.kernel.org>
Subject: Re: [GIT PULL] Kernel lockdown for secure boot
On Tue, Apr 3, 2018 at 1:54 PM, Matthew Garrett <mjg59@...gle.com> wrote:
>
>> .. maybe you don't *want* secure boot, but it's been pushed in your
>> face by people with an agenda?
>
> Then turn it off, or build a self-signed kernel that doesn't do this?
Umm. So you asked a question, and then when you got an answer you said
"don't do that then".
The fact is, some hardware pushes secure boot pretty hard. That has
*nothing* to do with some "lockdown" mode.
Why do you conflate the two? That was the original question. You
replied with another question. People answered yours.
NOW ANSWER THE ORIGINAL QUESTION, DAMMIT.
Linus
Powered by blists - more mailing lists