https://bugzilla.kernel.org/show_bug.cgi?id=213577 --- Comment #1 from Alejandro Colomar (man-pages) (alx.manpages@xxxxxxxxx) --- Added a few CCs. On 6/25/21 8:58 AM, bugzilla-daemon@xxxxxxxxxxxxxxxxxxx wrote: > https://bugzilla.kernel.org/show_bug.cgi?id=213577 > > Bug ID: 213577 > Summary: kernel_lockdown.7 seems to be incorrect about > automatically enabling lockdown mode in secure boot > mode > Product: Documentation > Version: unspecified > Hardware: All > OS: Linux > Status: NEW > Severity: normal > Priority: P1 > Component: man-pages > Assignee: documentation_man-pages@xxxxxxxxxxxxxxxxxxxx > Reporter: peter@xxxxxxxxxxxx > Regression: No > > As of the time of posting, the kernel_lockdown.7 manpage [1] contains a > description about how lockdown mode is enabled by default when using EFI > secure > boot: > >> On an EFI-enabled x86 or arm64 machine, lockdown will be automatically >> enabled > if the system boots in EFI Secure Boot mode. > > I have not followed lockdown development upstream recently, but it seems that > as of today the feature described above is still a downstream patch shipped > by > some distributions like Fedora [2][3]. If this is the case, then including > this > statement in the man page would be inappropriate, since it would not apply to > other distributions such as Arch Linux which do not include said patches. > > [1]: > > https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/tree/man7/kernel_lockdown.7#n31 > [2]: > > https://src.fedoraproject.org/rpms/kernel/blob/rawhide/f/Patchlist.changelog#_205 > [3]: > > https://gitlab.com/cki-project/kernel-ark/-/commit/5850c93175b9d2e1081873f4bbe08dead202cb08 > -- You may reply to this email to add a comment. You are receiving this mail because: You are watching the assignee of the bug.
