Linus Torvalds writes:
> On Wed, Oct 10, 2012 at 2:57 AM, Rusty Russell wrote:
>>
>>
>> module signing is the highlight, but it's an all-over David Howells frenzy...
>>
>> ---
On 15.10.2012 09:50:54, +0200, David Howells wrote:
Hi David,
> Linus Torvalds wrote:
>
>> Hmm. So this thing makes me wonder:
>>
>> /* Not having a signature is only an error if we're strict. */
>> if (err < 0 && fips_enabled)
>> panic("Module verification fail
Linus Torvalds wrote:
> Hmm. So this thing makes me wonder:
>
> /* Not having a signature is only an error if we're strict. */
> if (err < 0 && fips_enabled)
> panic("Module verification failed with error %d in FIPS
> mode\n",
> err);
>
> d
> I realize that fips_enabled is only for crazy people, but it's exactly
> code like this that limits it to only crazy people. Is there some
> *reason* for this?
Presumably its so a typical server with reboot on panic will reboot so
the attacker can hide the attempt better ;-)
Alan
--
To unsubsc
On Sun, Oct 14, 2012 at 1:11 PM, Linus Torvalds
wrote:
>
> I've pulled and resolved the branch, and I'm going through it now, but
> I'd like this verified before I push out if it all looks fine..
Hmm. So this thing makes me wonder:
/* Not having a signature is only an error if we're stri
On Wed, Oct 10, 2012 at 2:57 AM, Rusty Russell wrote:
>
>
> module signing is the highlight, but it's an all-over David Howells frenzy...
>
>
Hmm. What happened here?
The following changes since commit 925a6f0bf8bd122d5d2429af7f0ca0fecf4ae71f:
Merge tag 'hwspinlock-3.6-fix' of
git://git.kernel.org/pub/scm/linux/kernel/git/ohad/hwspinlock (2012-09-18
11:58:54 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/ru
