enable CONFIG_INTEL_TXT

[Eric Paris]

On Wed, 2010-03-31 at 16:46 -0400, Adam Jackson wrote:
> On Wed, 2010-03-31 at 16:40 -0400, Eric Paris wrote:
> > Long ago we were ask to enable CONFIG_INTEL_TXT in the fedora kernels by
> > a large user, the US National Security Agency:
> > 
> > http://lists.fedoraproject.org/pipermail/kernel/2009-October/002228.html
> > 
> > At the time the objection to this configuration option was that the
> > technology was all predicated on a closed source binary blob signed by
> > Intel.  In private discussions it was learned that there was no chance
> > that the module would ever be open sourced and we learned that hardware
> > is not capable of recognizing signatures of a module from other vendors
> > (aka Fedora can't sign our own version.)  However, in light of a recent
> > public statement from IBM:
> > 
> > http://lists.fedoraproject.org/pipermail/devel/2010-March/133089.html
> > 
> > We see that at least one hardware vendor has been listening to our
> > objections to closed source software and has agreed to re-architect how
> > they implement their systems so that our users will not need to download
> > and install any closed source proprietary software.  They agreed to make
> > any changes necessary to their BIOS (UEFI) to support this technology
> > without the need for the separate closed source proprietary Intel signed
> > blob.  Red Hat has ask other hardware vendors to follow the admirable
> > lead set by IBM if they have any interest in being supported by the open
> > source community.
> 
> I'm not reading that from the IBM message you linked.  Do you have some
> other source for this statement?

George and I actually say the same thing, I'm just not using lots of
TLA's nor am I being quite as precise about my language   :).  The TXT
technology exists to create a TCG compliant DRTM which is how you get my
translation.  Hopefully George will confirm that if not the precision of
the language the the gist and meaning of my interpretation is correct.

-Eric