[PATCH 0/3] [V5] Add support for GPG signature enforcement on booted
Samuel Mendoza-Jonas
sam at mendozajonas.com
Tue Aug 16 14:22:51 AEST 2016
On Mon, 2016-08-15 at 16:13 -0500, Timothy Pearson wrote:
> On 08/12/2016 09:35 PM, Timothy Pearson wrote:
> >
> > V4 -> V5
> > * Rebase against openpower development branch
> > * Fix kernels not booting due to faulty code modification in V4
> >
> > V3 -> V4
> > * Move remaining gpg-specific code from boot.c into gpg.c
> > * Split disabling of command line when lockdown is active
> > into a separate patch
> >
> > V2 -> V3
> > * Move gpgme-specific functions into separate source file
> >
> > V1 -> V2
> > * Add kernel argument signature verification
> > * Hardcode reboot instead of exit if lockdown engaged
> > * Respect 80-character limit
> > * Minor fixes for style / code flow issues noted
>
> Does this look like something we could merge soon?
Yeah I think this is just about at a point that we could include it. It
looks like the instructions at https://www.raptorengineering.com/content/
kb/1.html# (especially the parts under "OPTIONAL: Set up GPG keyring for
signed or encrypted boot") should be enough for me to test this locally?
Cheers,
Sam
>
> Thanks!
>
> _______________________________________________
> Petitboot mailing list
> Petitboot at lists.ozlabs.org
> https://lists.ozlabs.org/listinfo/petitboot
More information about the Petitboot
mailing list