Re: [RFC PATCH 0/9] kexec: Verify signature of PE signed bzImage

[Borislav Petkov <bp@alien8.de>]

On Thu, Jul 03, 2014 at 05:07:12PM -0400, Vivek Goyal wrote:
> Hi,
> 
> This patch series enables signature verification of signed PE bzimage. This
> patches series needs two more patch series before it.
> 
> First one is kexec_file_load() syscall support posted here.
> 
> https://lkml.org/lkml/2014/6/26/497
> 
> This patch seris is also available in -mm tree now.
> 
> Second one is PKCS7 signature parsing and verification support. These
> patches are available in David Howells's modsign tree in pkcs7 branch.
> 
> https://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-modsign.git/log/?h=pkcs7
> 
> This patch series is based on David Howells's work of PE file parsing
> and PKCS7 signature verificaiton. Now PKCS7 signature part is available
> in his tree. So I have taken PE file parsing patches, changed them a
> bit and posting these here.

Ok, now this looks strange. You're referring to those patches without
posting them together with yours. And they're in some repo. Normally in
such cases people post the *whole* patchset and do not refer to some
other tree.

>From looking at them, they're part of the pull request which Linus did
shot down already last year:

https://lkml.org/lkml/2013/2/21/228

And he explicitly stated then that we don't want PE file parsing in the
kernel, AFAICR. What changed since then?

-- 
Regards/Gruss,
    Boris.

Sent from a fat crate under my desk. Formatting is fine.
--