On Wed, 17 Dec 2014, Balbir Singh wrote: > >> Could you describe what this does to signing? I presume the patched > >> module should cause a taint on module signing? > > > > Hmm, why should it? > > I wanted to clarify it from a different perspective > > If the base image is signed by X and the patched module is signed by > Y, is that supported. What does it imply in the case of live-patching? Why should that matter? Both are signed by keys that kernel is configured to trust, which makes them equal (even though they are technically different). -- Jiri Kosina SUSE Labs -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
