On Wed, Feb 6, 2013 at 3:25 PM, Zeeshan Ali (Khattak) <zeeshanak@xxxxxxxxx> wrote: > On Wed, Feb 6, 2013 at 2:57 PM, Christophe Fergeau <cfergeau@xxxxxxxxxx> wrote: >> On Mon, Jan 28, 2013 at 05:05:28PM +0200, Zeeshan Ali (Khattak) wrote: >>> The problem is that having it configurable would mean that we can't >>> have a static info on the script about the signature requirement (see >>> "installer: API to query signed device driver requirement" patch). >> >> Why is it not possible? The query API would return >> REQ_STRICT/REQ_WARN/REQ_NONE as it currently does. >> If you get REQ_STRICT/REQ_WARN, > > Actually I got mixed up in these discussions so I wrongly remembered > that we agreed on that API for drivers, not the scripts. Sorry for > that. While implementing DeviceDriverSigningReq etc, I realized one issue here: The post installation drivers are being used/setup by windows-cmd.xml while the setting to ignore unsigned drivers is in windows-sif.xml. So app sees that drivers can be utilized by a script and get info on whats the requirement of that script about driver signature, whereas it needs to disable the driver checking in another script. That seems like a very confusing API to me. So I don't think DeviceDriverSigningReq API helps here. However, you could still argue that apps can decide to simply enable/disable the signing requirement globally (on every script) but then whats the relationship of this signing configuration API to DeviceDriverSigningReq? Again, I see confusing API. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 _______________________________________________ Libosinfo mailing list Libosinfo@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libosinfo
