[Acked] Xenial SRU - Read MOKSBState from the MOK
Andy Whitcroft
apw at canonical.com
Mon Apr 18 17:54:11 UTC 2016
On Mon, Apr 18, 2016 at 11:41:53AM -0600, tim.gardner at canonical.com wrote:
> This patch set reads MOKSBState from the MOK which is used to override
> secure boot when a user wishes to deploy third party modules such as DKMS.
>
> Patch 3 is not strictly required, but does provide a little extra information
> as to _why_ secure boot mode is disabled in the kernel.
>
> A more verbose explanation is provided in http://bugs.launchpad.net/bugs/1571691
The first patch we are only using the two defines from, but as we need
the remaining code "shortly" and currently it is impossible to even turn
on it seems sensible to take the whole patch and not cut it up.
The second patch is the meat of the change, allowing the kernel to relax
its grip even when real secure boot is enabled.
The third makes it easier for us to diagnose the world.
Based on that and the testing reported to me.
Acked-by: Andy Whitcroft <apw at canonical.com>
-apw
More information about the kernel-team
mailing list