Re: [PATCH V2 2/3] integrity: Move import of MokListRT certs to a separate routine
From: Lenny Szubowicz
Date: Fri Sep 11 2020 - 13:19:00 EST
On 9/11/20 11:59 AM, Mimi Zohar wrote:
On Fri, 2020-09-11 at 11:54 -0400, Lenny Szubowicz wrote:
On 9/11/20 11:02 AM, Ard Biesheuvel wrote:
On Sat, 5 Sep 2020 at 04:31, Lenny Szubowicz <lszubowi@xxxxxxxxxx> wrote:
Move the loading of certs from the UEFI MokListRT into a separate
routine to facilitate additional MokList functionality.
There is no visible functional change as a result of this patch.
Although the UEFI dbx certs are now loaded before the MokList certs,
they are loaded onto different key rings. So the order of the keys
on their respective key rings is the same.
Signed-off-by: Lenny Szubowicz <lszubowi@xxxxxxxxxx>
Why did you drop Mimi's reviewed-by from this patch?
It was not intentional. I was just not aware that I needed to propagate
Mimi Zohar's reviewed-by from V1 of the patch to V2.
Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
V2 includes changes in that patch to incorporate suggestions from
Andy Shevchenko. My assumption was that the maintainer would
gather up the reviewed-by and add any signed-off-by as appropriate,
but it sounds like my assumption was incorrect. In retrospect, I
could see that having the maintainer dig through prior versions
of a patch set for prior reviewed-by tags could be burdensome.
As much as possible moving code should be done without making changes,
simpler for code review. Then as a separate patch you make changes.
That way you could also have retained my Reviewed-by.
Mimi
If you or Ard think I should, I can do a V3 with:
Patch V3 01: Unchanged from V2
Patch V3 02: Goes back to V1 of patch 02 that Mimi reviewed
Patch V3 03: New. Has Andy's cleanup suggestions separated from patch 02
Patch V3 04: This would most probably just be the V2 of patch 03 with no changes
-Lenny.
Advice on the expected handling of this would be appreciated.