[PATCH 0/6] kexec: A new system call to allow in kernel loading
Jiri Kosina
jkosina at suse.cz
Fri Nov 22 08:50:43 EST 2013
On Fri, 22 Nov 2013, Vivek Goyal wrote:
> > OTOH, does this feature make any sense whatsover on architectures that
> > don't support secure boot anyway?
>
> I guess if signed modules makes sense, then being able to kexec signed
> kernel images should make sense too, in general.
Well, that's really a grey zone, I'd say.
In a non-secureboot environment, if you are root, you are able to issue
reboot into a completely different, self-made kernel anyway, independent
on whether signed modules are used or not.
--
Jiri Kosina
SUSE Labs
More information about the kexec
mailing list