From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alan Cox Subject: Re: [GIT PULL] Kernel lockdown for secure boot Date: Thu, 5 Apr 2018 18:53:47 +0100 Message-ID: <20180405185347.2785eb8a@alans-desktop> References: <4136.1522452584@warthog.procyon.org.uk> <17792.1522491600@warthog.procyon.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org To: Ard Biesheuvel Cc: David Howells , Andy Lutomirski , Kees Cook , James Morris , linux-efi@vger.kernel.org, Matthew Garrett , Greg Kroah-Hartman , Linux Kernel Mailing List , jforbes@redhat.com, linux-man@vger.kernel.org, joeyli , linux-security-module List-Id: linux-efi@vger.kernel.org > Furthermore, there is a fundamental deviation from common security > sense here, where things like command line parameters and other > lockdown specific tunables are blacklisted rather than whitelisted, I've been complaining about this from the start but it appears to be a write only authorship process going on. Alan From mboxrd@z Thu Jan 1 00:00:00 1970 From: gnomes@lxorguk.ukuu.org.uk (Alan Cox) Date: Thu, 5 Apr 2018 18:53:47 +0100 Subject: [GIT PULL] Kernel lockdown for secure boot In-Reply-To: References: <4136.1522452584@warthog.procyon.org.uk> <17792.1522491600@warthog.procyon.org.uk> Message-ID: <20180405185347.2785eb8a@alans-desktop> To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org > Furthermore, there is a fundamental deviation from common security > sense here, where things like command line parameters and other > lockdown specific tunables are blacklisted rather than whitelisted, I've been complaining about this from the start but it appears to be a write only authorship process going on. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html