Re: [PATCH v6 0/5] efi/firmware/platform-x86: Add EFI embedded fw support
From: Luis R. Rodriguez
Date: Wed Jun 06 2018 - 14:35:24 EST
On Wed, Jun 06, 2018 at 08:17:26PM +0200, Hans de Goede wrote:
> But yes this means that these probably won't go in for another
> cycle or 2, that is fine.
>
> > > -Add new READING_FIRMWARE_EFI_EMBEDDED read_file_id and use it
> > > -Call security_kernel_read_file(NULL, READING_FIRMWARE_EFI_EMBEDDED)
> > > to check if this is allowed before looking at EFI embedded fw
> >
> > There's a discussion over having security_kernel_read_file(NULL,
> > READING_WHATEVER) become another LSM hook. So your series would conflict with
> > that at the moment.
> >
> > So yet another piece of code which this series depends on.
>
> Ah well, I'm in no big hurry to get this merged. OTOH if this is
> ready and that discussion is not yet finished it might be better
> to merge this as is and then have the security_kernel_read_file / LSM
> hook series fix this up as necessary when it is merged.
True, there is also value in getting this series reviewed so that all
that is needed is to consider merging it, so if you address the new
call as I requested in a next series I'll review the series then.
Luis