enable CONFIG_INTEL_TXT
James Morris
jmorris at namei.org
Wed Mar 31 21:51:22 UTC 2010
On Wed, 31 Mar 2010, Eric Paris wrote:
> This config option allows a user to download new (open source) software
> (tboot) along with other third party software to verify the correctness
> of the BOOTED system.
My feeling is that this needs to be dealt with upstream, and that the open
source tboot needs to be delivered first.
> Are there any objections to enabling CONFIG_INTEL_TXT on x86_64?
Yes.
- We should be doing kernel development upstream unless there's an
extraordinary reason not to (typically, following a request from Linus).
- We should not be adding kernel infrastructure to support proprietary,
closed source
- Especially so, given that this is a security feature
I'd love to see support for TXT -- I think we can do some very important
things with it, but I don't think it's workable as open source if it
depends on closed proprietary code.
- James
--
James Morris
<jmorris at namei.org>
More information about the kernel
mailing list