On Wed, Sep 05, 2012 at 05:13:49PM -0400, Mimi Zohar wrote: > Normally capabilities provide additional permissions. So if you don't > have the capability, an errno is returned. CAP_SYS_BOOT is a good > example. With CAP_SECURE_FIRMWARE, it reads backwards - if not > CAP_SECURE_FIRMWARE, return error. I think you want to invert the name > to CAP_NOT_SECURE_FIRMWARE, CAP_NOT_SECURE_BOOT or perhaps > CAP_UNSECURED_BOOT. Yeah, I think renaming the cap is a given. -- Matthew Garrett | mjg59@xxxxxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
