On Mon, 2013-09-09 at 13:18 -0400, Valdis.Kletnieks@xxxxxx wrote:
> You may as well bite the bullet on this one, and tie it together. Without
> Secure Boot, by the time your code runs it's already too late. That's the
> whole point of Secure Boot, after all.
It's already been made clear that nobody's interested in merging a
solution that's specific to Secure Boot. I can add a command line option
to set a default, and then anyone using an attesting bootloader
(TPM/TXT) can verify the state.
--
Matthew Garrett <matthew.garrett@xxxxxxxxxx>
��.n��������+%�������w��{.n�����{����*�jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
