On Thu, 2010-04-01 at 08:51 +1100, James Morris wrote:
On Wed, 31 Mar 2010, Eric Paris wrote:
> This config option allows a user to download new (open source) software
> (tboot) along with other third party software to verify the correctness
> of the BOOTED system.
My feeling is that this needs to be dealt with upstream, and that the open
source tboot needs to be delivered first.
Done and done. We are turning on an upstream config option.....
> Are there any objections to enabling CONFIG_INTEL_TXT on x86_64?
Yes.
- We should be doing kernel development upstream unless there's an
extraordinary reason not to (typically, following a request from Linus).
Done...
- We should not be adding kernel infrastructure to support
proprietary,
closed source
We aren't...
- Especially so, given that this is a security feature
I'd love to see support for TXT -- I think we can do some very important
things with it, but I don't think it's workable as open source if it
depends on closed proprietary code.
What is this code you speak of?
-Eric