On Tue, Apr 3, 2018 at 3:51 PM, Matthew Garrett <mjg59@xxxxxxxxxx> wrote: > > Lockdown is clearly useful without Secure Boot (and I intend to deploy it > that way for various things), but I still don't understand why you feel > that the common case of booting a kernel from a boot chain that's widely > trusted derives no benefit from it being harder to subvert that kernel into > subverting that boot chain. It has NOTHING TO DO WITH "HARDER TO SUBVERT". THE TWO FEATURES HAVE NOTHING TO DO WITH EACH OTHER WHAT-SO-EVER. I do not want my kernel to act differently depending on some really esoteric detail in how it was booted. That is fundamentally wrong. Is that really so hard to understand? Look at it this way: maybe lockdown breaks some application because that app does something odd. I get a report of that happening, and it so happens that the reporter is running the same distro I am, so I try it with his exact kernel configuration, and it works for me. It is *entirely* non-obvious that the reporter happened to run a distro kernel that had secure boot enabled, and I obviously do not. See what the problem is? Tying these things magically together IS A BAD IDEA. And when people ask you why you did it, YOU HAVE YET TO COME UP WITH A SINGLE ACTUAL RESPONSE. Instead, you just ask people why they care, or tell people to not enable it. Seriously, Matthew, it's WRONG to tie things together in magic ways when they have nothing what-so-ever to do with each other. So no. The answer is simply "don't tie the two things together". And dammit, if you tie them together, you had damn well have a good reason. So far, your reasons have _literally_ been "Why not?" and tried to make the onus be on others to explain to you why not. That's not the right approach to begin with, Matthew. The onus is on *you* to explain why you tied them together, not on others to explain to you - over and over - that they have nothing to do with each other. This discussion is over until you give an actual honest-to-goodness reason for why you tied the two features together. No more "Why not?" crap. Linus -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html