On 06/22/2011 03:01 PM, Jon Ciesla wrote: > >> Outside that, is there any other impact? Does tboot perform any >> verification of the kernels, and if so how is that configured? Is the >> expectation that an install configured with TXT will only boot trusted >> kernels, and if so what mechanism is used to verify the kernel? Is there >> any further integration work that has to be performed for this to be >> useful? > > If so, is there a mechanism to disable that functionality, or mark a > kernel as trusted, so that I could, for example, run a kernel I built > myself or one from another RPM? By default this would not be enabled. And even if so, out of the box the only thing it will ever do it measure the kernel you built and store that info. You would be able to create your own lcp which only allowed whatever kernels you wished, but that's a whole different issue than what is being asked for here. -Eric -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
