Re: [PATCH 14/16] X.509: Add an ASN.1 decoder

From: Alan Cox
Date: Tue Sep 18 2012 - 14:46:44 EST

Next message: Joe Perches: "[PATCH] pci: Convert pci_resource_<foo> macros to static inlines"
Previous message: Rafael J. Wysocki: "Re: [PATCH] cpufreq: OMAP: Check IS_ERR() instead of NULL for omap_device_get_by_hwmod_name"
In reply to: David Howells: "Re: [PATCH 14/16] X.509: Add an ASN.1 decoder"
Next in thread: Peter Jones: "Re: [PATCH 14/16] X.509: Add an ASN.1 decoder"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 18 Sep 2012 18:34:12 +0100
David Howells <dhowells@xxxxxxxxxx> wrote:

> Alan Cox <alan@xxxxxxxxxxxxxxxxxxx> wrote:
>
> > Why do this in the kernel.That appears to be completely insane.
>
> A number of reasons:
>
> (1) The UEFI signature/key database may contain ASN.1 X.509 certificates and
> we may need to use those very early in the boot process, during initrd.

Ok that makes some sense. Presumably they've also got to fall within what
you trust and sign ?

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Joe Perches: "[PATCH] pci: Convert pci_resource_<foo> macros to static inlines"
Previous message: Rafael J. Wysocki: "Re: [PATCH] cpufreq: OMAP: Check IS_ERR() instead of NULL for omap_device_get_by_hwmod_name"
In reply to: David Howells: "Re: [PATCH 14/16] X.509: Add an ASN.1 decoder"
Next in thread: Peter Jones: "Re: [PATCH 14/16] X.509: Add an ASN.1 decoder"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]