kexec_load(2) bypasses signature verification
vgoyal at redhat.com
Fri Jun 19 06:09:33 PDT 2015
On Fri, Jun 19, 2015 at 04:18:16PM +0800, Dave Young wrote:
> > > If we want to disable unsigned kernel loading at compile time, then we
> > > really need to work on decoupling CONFIG_KEXEC and CONFIG_FILE_KEXEC.
> > > Introducing another config option is not the way forward, IMHO.
> > Yes, let's do it in this way since everyone is fine with it.
> I will work on a patch if nobody else have interest or no time on it.
Thanks Dave. Will be good if you can get this done.
More information about the kexec