ACK/cmnt: [PATCH Yakkety SRU] UBUNTU: [Config] CONFIG_IMA=y, CONFIG_TPM=y for ppc64el
Tim Gardner
tim.gardner at canonical.com
Wed Dec 14 13:45:50 UTC 2016
On 12/14/2016 04:13 AM, Luis Henriques wrote:
> On Tue, Nov 29, 2016 at 10:17:48AM -0700, Tim Gardner wrote:
>> On 11/29/2016 10:07 AM, Seth Forshee wrote:
>>> On Mon, Nov 28, 2016 at 01:35:57PM -0700, Tim Gardner wrote:
>>>> +CONFIG_IMA_APPRAISE_SIGNED_INIT=y
>>>
>>> This one is a bit concerning, "This option requires user-space init to
>>> be signed." I _think_ appraisal only happens if enabled on the kernel
>>> command line, and in that case this should be fine.
>>>
>>
>> You might be right. I guess we should wait on this one until I receive a
>> response to my question in
>> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1643652/comments/1
>
> Still no news on this?
>
No news. Maybe this is one of those wishlist things. I did turn it on in
Zesty.
rtg
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list