Hi Michal,
On Wed, 24 Nov 2021 14:27:16 +0100
Michal Suchánek wrote:
> On Wed, Nov 24, 2021 at 08:10:10AM -0500, Mimi Zohar wrote:
> > On Wed, 2021-11-24 at 12:09 +0100, Philipp Rudo wrote:
> > > Now Michal wants to adapt KEXEC_SIG for ppc too so distros can rely on all
> > > architectures usi
On Wed, Nov 24, 2021 at 08:10:10AM -0500, Mimi Zohar wrote:
> On Wed, 2021-11-24 at 12:09 +0100, Philipp Rudo wrote:
> > Now Michal wants to adapt KEXEC_SIG for ppc too so distros can rely on all
> > architectures using the same mechanism and thus reduce maintenance cost.
> > On the way there he ev
On Wed, 2021-11-24 at 12:09 +0100, Philipp Rudo wrote:
> Now Michal wants to adapt KEXEC_SIG for ppc too so distros can rely on all
> architectures using the same mechanism and thus reduce maintenance cost.
> On the way there he even makes some absolutely reasonable improvements
> for everybody.
>
Hi Mimi,
On Fri, 19 Nov 2021 13:16:20 -0500
Mimi Zohar wrote:
> On Fri, 2021-11-19 at 12:18 +0100, Michal Suchánek wrote:
> > Maybe I was not clear enough. If you happen to focus on an architecture
> > that supports IMA fully it's great.
> >
> > My point of view is maintaining multiple architec
On Fri, 2021-11-19 at 12:18 +0100, Michal Suchánek wrote:
> Maybe I was not clear enough. If you happen to focus on an architecture
> that supports IMA fully it's great.
>
> My point of view is maintaining multiple architectures. Both end users
> and people conecerend with security are rarely fami
Hello,
On Thu, Nov 18, 2021 at 05:34:01PM -0500, Nayna wrote:
>
> On 11/16/21 04:53, Michal Suchánek wrote:
> > On Mon, Nov 15, 2021 at 06:53:53PM -0500, Nayna wrote:
> > > On 11/12/21 03:30, Michal Suchánek wrote:
> > > > Hello,
> > > >
> > > > On Thu, Nov 11, 2021 at 05:26:41PM -0500, Nayna wr
On 11/16/21 04:53, Michal Suchánek wrote:
On Mon, Nov 15, 2021 at 06:53:53PM -0500, Nayna wrote:
On 11/12/21 03:30, Michal Suchánek wrote:
Hello,
On Thu, Nov 11, 2021 at 05:26:41PM -0500, Nayna wrote:
On 11/8/21 07:05, Michal Suchánek wrote:
Hello,
The other part is that distributions app
On Mon, Nov 15, 2021 at 06:53:53PM -0500, Nayna wrote:
>
> On 11/12/21 03:30, Michal Suchánek wrote:
> > Hello,
> >
> > On Thu, Nov 11, 2021 at 05:26:41PM -0500, Nayna wrote:
> > > On 11/8/21 07:05, Michal Suchánek wrote:
> > > > Hello,
> > > >
> > > > The other part is that distributions apply
On 11/12/21 03:30, Michal Suchánek wrote:
Hello,
On Thu, Nov 11, 2021 at 05:26:41PM -0500, Nayna wrote:
On 11/8/21 07:05, Michal Suchánek wrote:
Hello,
On Mon, Nov 08, 2021 at 09:18:56AM +1100, Daniel Axtens wrote:
Michal Suchánek writes:
On Fri, Nov 05, 2021 at 09:55:52PM +1100, Daniel
Hello,
On Thu, Nov 11, 2021 at 05:26:41PM -0500, Nayna wrote:
>
> On 11/8/21 07:05, Michal Suchánek wrote:
> > Hello,
> >
> > On Mon, Nov 08, 2021 at 09:18:56AM +1100, Daniel Axtens wrote:
> > > Michal Suchánek writes:
> > >
> > > > On Fri, Nov 05, 2021 at 09:55:52PM +1100, Daniel Axtens wrote
On 11/8/21 07:05, Michal Suchánek wrote:
Hello,
On Mon, Nov 08, 2021 at 09:18:56AM +1100, Daniel Axtens wrote:
Michal Suchánek writes:
On Fri, Nov 05, 2021 at 09:55:52PM +1100, Daniel Axtens wrote:
Michal Suchanek writes:
S390 uses appended signature for kernel but implements the check
On 11/5/21 09:14, Michal Suchánek wrote:
On Fri, Nov 05, 2021 at 09:55:52PM +1100, Daniel Axtens wrote:
Michal Suchanek writes:
S390 uses appended signature for kernel but implements the check
separately from module loader.
Support for secure boot on powerpc with appended signature is plan
Hello,
On Mon, Nov 08, 2021 at 09:18:56AM +1100, Daniel Axtens wrote:
> Michal Suchánek writes:
>
> > On Fri, Nov 05, 2021 at 09:55:52PM +1100, Daniel Axtens wrote:
> >> Michal Suchanek writes:
> >>
> >> > S390 uses appended signature for kernel but implements the check
> >> > separately from
Michal Suchánek writes:
> On Fri, Nov 05, 2021 at 09:55:52PM +1100, Daniel Axtens wrote:
>> Michal Suchanek writes:
>>
>> > S390 uses appended signature for kernel but implements the check
>> > separately from module loader.
>> >
>> > Support for secure boot on powerpc with appended signature i
On Fri, Nov 05, 2021 at 09:55:52PM +1100, Daniel Axtens wrote:
> Michal Suchanek writes:
>
> > S390 uses appended signature for kernel but implements the check
> > separately from module loader.
> >
> > Support for secure boot on powerpc with appended signature is planned -
> > grub patches submi
Michal Suchanek writes:
> S390 uses appended signature for kernel but implements the check
> separately from module loader.
>
> Support for secure boot on powerpc with appended signature is planned -
> grub patches submitted upstream but not yet merged.
Power Non-Virtualised / OpenPower already
S390 uses appended signature for kernel but implements the check
separately from module loader.
Support for secure boot on powerpc with appended signature is planned -
grub patches submitted upstream but not yet merged.
This is an attempt at unified appended signature verification.
Thanks
Micha
17 matches
Mail list logo
