CONFIG_INTEL_TXT
Jon Masters
jcm at redhat.com
Thu Oct 22 17:39:53 UTC 2009
On Thu, 2009-10-22 at 13:24 -0400, Eric Paris wrote:
> On Thu, 2009-10-22 at 11:33 -0400, Stephen Smalley wrote:
> > Would it be possible to get CONFIG_INTEL_TXT enabled in the Fedora
> > kernel x86 and x86_64 configs going forward?
>
> After some discussion with a couple of people on the Fedora kernel team
> on IRC they decided that we should not enable CONFIG_INTEL_TXT until it
> is useful for something other than a closed source binary blob which
> Fedora is unable to distribute. We have messaged that Fedora was unable
> to include the binary blob from Intel and it has been suggested that
> they create an open module rather than forcing Linux users to trust some
> part of their system security to an unknown binary blob. Hopefully you
> can add your weight to that discussion and help intel see the need for
> an open source blob.
Don't forget to mention the more paranoid hand-waving about removing RAM
chips at runtime with liquid nitrogen after going into suspend and
hax0ring. I think there will be more upstream discussion anyway.
Jon.
More information about the Fedora-kernel-list
mailing list