enable CONFIG_INTEL_TXT

Eric Paris eparis at redhat.com
Thu Apr 1 17:41:45 UTC 2010 

On Thu, 2010-04-01 at 09:25 -0400, Tom "spot" Callaway wrote:
> On 03/31/2010 05:06 PM, Eric Paris wrote:
> > what are these binary blobs of which you speak?  I thought this was well
> > covered.  No binary blobs.
> 
> As long as you buy certain brand new IBM X-series servers.
> 
> For the rest of the x86/x86_64 computing universe, this means binary
> blobs, and I think you're fooling yourself if you think that all the
> other hardware vendors will be so willing to shove prebuilt code from a
> third party into their BIOS (or even have room to do so).

[citation needed]

> In the non-IBM Xseries case (which is by far, the more common one for
> Fedora), we would be enabling this option solely to enable proprietary
> binary blobs during the boot process. In my opinion, given that it is
> not possible at all for us to troubleshoot or bug fix systems in such a
> scenario, we should not imply to our userbase that it is supportable by
> enabling this kernel option.

Can you troubleshoot issues when the DMAR ACPI tables are wrong?  Can
you troubleshoot anything in BIOS?  In much the same way when problems
present themselves users have to talk to their hardware vendors to get
the fixes for hardware problems.  If those users contact us with
problems we (ok, I who already supports numerous other subsystems in the
Fedora and upstream kernel) may be able to help get them connected with
the right groups committed to fixing the problems.  It's no different
than how we have members of the Fedora community who support DMAR and
when BIOS/hardware problems come up he is able to help get the right
people connected to fix the problems.  This is how we support hardware
features and this is a hardware feature.  The logical conclusion of your
supportability argument is clearly silly where we must disable
everything that relies on any kind of firmware.

Intel made a mistake (in my mind) by releasing this technology with the
SINIT AC module only in a userspace package loaded by the boot loader.
They thought a userspace design would make the distribution of updates
easier for their customers (and it probably will).  They should have
done what they are suggesting now: put enough in the BIOS to make the
system work, but let users make later changes if they so choose.

-Eric

More information about the kernel mailing list