[PATCH V2 2/3] integrity: Move import of MokListRT certs to a separate routine
Mimi Zohar
zohar at linux.ibm.com
Fri Sep 11 15:59:07 UTC 2020
On Fri, 2020-09-11 at 11:54 -0400, Lenny Szubowicz wrote:
> On 9/11/20 11:02 AM, Ard Biesheuvel wrote:
> > On Sat, 5 Sep 2020 at 04:31, Lenny Szubowicz <lszubowi at redhat.com> wrote:
> >>
> >> Move the loading of certs from the UEFI MokListRT into a separate
> >> routine to facilitate additional MokList functionality.
> >>
> >> There is no visible functional change as a result of this patch.
> >> Although the UEFI dbx certs are now loaded before the MokList certs,
> >> they are loaded onto different key rings. So the order of the keys
> >> on their respective key rings is the same.
> >>
> >> Signed-off-by: Lenny Szubowicz <lszubowi at redhat.com>
> >
> > Why did you drop Mimi's reviewed-by from this patch?
>
> It was not intentional. I was just not aware that I needed to propagate
> Mimi Zohar's reviewed-by from V1 of the patch to V2.
>
> Reviewed-by: Mimi Zohar <zohar at linux.ibm.com>
>
> V2 includes changes in that patch to incorporate suggestions from
> Andy Shevchenko. My assumption was that the maintainer would
> gather up the reviewed-by and add any signed-off-by as appropriate,
> but it sounds like my assumption was incorrect. In retrospect, I
> could see that having the maintainer dig through prior versions
> of a patch set for prior reviewed-by tags could be burdensome.
As much as possible moving code should be done without making changes,
simpler for code review. Then as a separate patch you make changes.
That way you could also have retained my Reviewed-by.
Mimi
>
> Advice on the expected handling of this would be appreciated.
More information about the Linux-security-module-archive
mailing list