Add note about canonical order of UKI components#181
Add note about canonical order of UKI components#181arianvp wants to merge 3 commits intouapi-group:mainfrom
Conversation
specs/unified_kernel_image.md
Outdated
| ## UKI Components | ||
| UKIs consist of the following resources: | ||
|
|
||
| <!-- NOTE: these components are in canonical for predictable PCR measurements. Please add any new components at the bottom of the list and NEVER reorder anything in this list. --> |
There was a problem hiding this comment.
Linebreak between the sentences please.
Why draft?
Co-authored-by: Jörg Behrmann <behrmann@physik.fu-berlin.de>
|
|
||
| <!-- | ||
| NOTE: these components are in canonical order for predictable PCR measurements. | ||
| Please add any new components at the bottom of the list and NEVER reorder anything in this list. |
There was a problem hiding this comment.
Actually I think pcrsig and pcrpkey are the exception to this? IE, new things should be added before .pcrsig, but these two are never used for measurements
There was a problem hiding this comment.
This is not true. .pcrpkey is measured.
There was a problem hiding this comment.
Before the pub key one then? I haven't checked
|
I don't think should be a comment. If we define a canonical order, then we should say so in the spec, and not in a comment in the spec. Hence please reword this, and make this regular text |
|
That was my original plan but @bluca said I should do a comment instead. Can y'all come to consensus before I move forward? I don't want to ping-pong back and forth |
|
It's fine to say it in the spec too (I'd also keep the comment immediately above so that it's harder to accidentally miss) |
|
Any chance you can add a brief comment to the visible part of the spec as suggested? seems good to go otherwise |
5 participants
No description provided.