On Di, 05.07.22 01:44, Fedora Development ML (devel(a)lists.fedoraproject.org) wrote:
Also, if users have "special" hardware, shouldn't they
also have
security.
if you need a special kernel cmdline to get your system to boot, then
that's a bug in the kernel, and should be fixed there. Adding a kernel
cmdline option is a local hack at best, executable only by the most
technically savvy of users, and I think for those it's totally OK if
you have to disable SecureBoot if you hack around.
Kernels should work universally, and if the don't do that
out-of-the-box on some very new or very exotic hardware, then the
right fix is not to expect users to be technical enough to set a
kernel cmdline, but to fix the kernel to apply the fix automatically
where needed. The kernel has plenty infrastructure for that.
Lennart
--
Lennart Poettering, Berlin