kexec_load(2) bypasses signature verification

Vivek Goyal vgoyal at redhat.com
Fri Jun 19 06:09:33 PDT 2015


On Fri, Jun 19, 2015 at 04:18:16PM +0800, Dave Young wrote:
> > > If we want to disable unsigned kernel loading at compile time, then we
> > > really need to work on decoupling CONFIG_KEXEC and CONFIG_FILE_KEXEC.
> > > Introducing another config option is not the way forward, IMHO.
> > 
> > Yes, let's do it in this way since everyone is fine with it.
> 
> I will work on a patch if nobody else have interest or no time on it.

Thanks Dave. Will be good if you can get this done.

Thanks
Vivek



More information about the kexec mailing list