Re: [RFC v4][PATCH 2/2] intel_txt: Intel(R) TXT and tboot kernel support

From: Valdis . Kletnieks
Date: Fri Jun 19 2009 - 13:55:39 EST


On Fri, 19 Jun 2009 17:05:14 +0200, Pavel Machek said:
> On Fri 2009-06-12 15:12:59, James Morris wrote:
> > On Fri, 5 Jun 2009, Joseph Cihula wrote:
> >
> > > Linux support for Intel(R) Trusted Execution Technology.
> >
> > > Signed-off-by: Joseph Cihula <joseph.cihula@xxxxxxxxx>
> > > Signed-off-by: Shane Wang <shane.wang@xxxxxxxxx>
> > > Signed-off-by: Gang Wei <gang.wei@xxxxxxxxx>
> >
> > Reviewed-by: James Morris <jmorris@xxxxxxxxx>
> >
> > There have been no comments on this since you posted it, so we might
> > assume there are no further technical issues.
>
> I believe the code at best useless and at worst dangerous. We don't
> merge useless code to the kernel.
>
> What are non-evil uses of this code?

Yes, most of the uses contemplated for this are for evil DRM schemes. On the
other hand, the code is equally useful to help make sure that mo miscreant has
snuck evil DRM (or other evil code) in behind my back.

"Somebody has screwed with this kernel image, and you're not booting what you
thought you were booting."

Seems worth it to me.

Attachment: pgp00000.pgp
Description: PGP signature