So... since it was I who precipitated this whole debacle by leaving TXT disabled when I merged that kernel a while ago, I guess I should weigh in a bit. If I had just enabled it then I doubt anyone who doesn't care about this feature would have noticed.
After reviewing the hooks it adds to the kernel, I'm going to recommend we enable it. I'll detail the logic in this below.
1. It actually has people who want to use it. 2. It doesn't actually hook into much of the kernel at all, just s3 hooks to turn it off/on when sleeping and a hook in to the iommu initialization to force it on so that page level protection can be done. 3. The blob I don't think meets our firmware guidelines, but that's ok, we ship other features useless without firmware that must be fetched externally. (Broadcom wifi being the big one I can think of.) 4. The fact that the blob runs isn't much worse than SMM running or whatever, those are all pretty opaque things that can screw with the system on the way up. 5. It doesn't look like it will be a maintenance burden, aside from the fact that intel_iommu will be forced on, which is its own can of worms.
That said, I think that Intel have been a little silly in the way this upstream with, as far as I can tell, fairly little review of whether it's a desireable feature.
Anyway, I recommend we turn it on, but let users sort it out for themselves. If it's a burden, we can add a TAINT flag for it and just email all the bugs to Eric since he's so gung ho on it. :)
--Kyle
On Thu, 2010-04-08 at 10:23 -0400, Kyle McMartin wrote:
After reviewing the hooks it adds to the kernel, I'm going to recommend we enable it. I'll detail the logic in this below.
Thanks!
- The blob I don't think meets our firmware guidelines, but that's ok, we ship other features useless without firmware that must be fetched externally. (Broadcom wifi being the big one I can think of.)
I agree it is does not meet the firmware guidelines. And much like the broadcom wifi our users have 2 choices. Get it themselves or buy hardware that doesn't need it. In either case, thanks for taking a look!
-Eric
On Thu, Apr 08, 2010 at 10:42:04AM -0400, Eric Paris wrote:
- The blob I don't think meets our firmware guidelines, but that's ok, we ship other features useless without firmware that must be fetched externally. (Broadcom wifi being the big one I can think of.)
I agree it is does not meet the firmware guidelines. And much like the broadcom wifi our users have 2 choices. Get it themselves or buy hardware that doesn't need it. In either case, thanks for taking a look!
Or just don't bother using it at all. ;-)
On Thu, Apr 08, 2010 at 10:42:04 -0400, Eric Paris eparis@redhat.com wrote:
I agree it is does not meet the firmware guidelines. And much like the broadcom wifi our users have 2 choices. Get it themselves or buy hardware that doesn't need it. In either case, thanks for taking a look!
FYI, Broadcom wifi support has had a third choice for over a year. You can use the reveresed engineered firmware (which is packaged in Fedora) that allows use of the devices with some limitations (notably no hardware encryption).
kernel@lists.fedoraproject.org