On Wed, Dec 17, 2014 at 12:16 PM, Jiri Kosina <jkosina@xxxxxxx> wrote: > On Wed, 17 Dec 2014, Balbir Singh wrote: > >> >> Could you describe what this does to signing? I presume the patched >> >> module should cause a taint on module signing? >> > >> > Hmm, why should it? >> >> I wanted to clarify it from a different perspective >> >> If the base image is signed by X and the patched module is signed by >> Y, is that supported. What does it imply in the case of live-patching? > > Why should that matter? Both are signed by keys that kernel is configured > to trust, which makes them equal (even though they are technically > different). > I am not sure they are equal, others can comment Balbir Singh -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
