On 06.05.19 13:23, Cornelia Huck wrote:
> On Mon, 6 May 2019 13:13:55 +0200
> Christian Borntraeger <borntrae...@de.ibm.com> wrote:
>
>> On 06.05.19 13:05, Cornelia Huck wrote:
>>> On Mon, 6 May 2019 12:46:50 +0200
>>> Christian Borntraeger <borntrae...@de.ibm.com> wrote:
>>>
>>>> On 06.05.19 12:34, Cornelia Huck wrote:
>>>>> On Mon, 6 May 2019 12:18:42 +0200
>>>>> Christian Borntraeger <borntrae...@de.ibm.com> wrote:
>>>
>>>>>> I think we should not. Those entries might have sematic elements that
>>>>>> the guest
>>>>>> wants to enforce. I do not think that this will come, but imagine a boot
>>>>>> entry
>>>>>> that mandates some security wishes (e.g. do only run on non-shared
>>>>>> cores).
>>>>>
>>>>> Can we split the namespace for BOOT_SCRIPT into 'ignore if you don't
>>>>> know what that is' and 'fail if you don't know what that is'? I'm
>>>>> completely confused how 'optional' those entries are supposed to be...
>>>>
>>>> Since we do not know if and what future entries will come the current
>>>> default
>>>> of failing seems the best approach. We can then add things to pc-bios when
>>>> necessary.
>>>
>>> That's where I'm coming from: Have some values where unknown entries
>>> lead to (desired) failure, and others where unknown entries are simply
>>> ignored. That would give us automatic toleration for optional entries.
>>
>> Well, this is the first new entry after 14 years of list-directed-ipl so
>> there
>> is a slight chance to over-engineer here ;-)
>>
>> In the end this is a field that does not belong to Linux-only, it is also
>> defined
>> by the machine architecture.
>
> Yeah, I understand that having to get this into the main architecture
> makes this harder to change.
>
> If there is nothing coming in the foreseeable future that would need
> toleration (and not failure), it's probably not worth spending more
> time on that and we should just go with this patch.
>
> I'd recommend putting this (+ a rebuild) into stable as well, though,
> so that at least 4.0-stable will tolerate signatures. (Distros
> backporting this would be a good idea as well.)
Yes, that makes sense.
