Re: [PATCH 0/6] kexec: A new system call to allow in kernelloading

From: Jiri Kosina
Date: Fri Nov 22 2013 - 08:50:51 EST

Next message: Paul E. McKenney: "Re: [tip:core/locking] Documentation/memory-barriers.txt: Fix atypo in the data dependency description"
Previous message: Borislav Petkov: "Re: [PATCH] perf: Move fs.* to generic lib/lk/"
In reply to: Vivek Goyal: "Re: [PATCH 0/6] kexec: A new system call to allow in kernel loading"
Next in thread: Vivek Goyal: "Re: [PATCH 0/6] kexec: A new system call to allow in kernel loading"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 22 Nov 2013, Vivek Goyal wrote:

> > OTOH, does this feature make any sense whatsover on architectures that
> > don't support secure boot anyway?
>
> I guess if signed modules makes sense, then being able to kexec signed
> kernel images should make sense too, in general.

Well, that's really a grey zone, I'd say.

In a non-secureboot environment, if you are root, you are able to issue
reboot into a completely different, self-made kernel anyway, independent
on whether signed modules are used or not.

--
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Paul E. McKenney: "Re: [tip:core/locking] Documentation/memory-barriers.txt: Fix atypo in the data dependency description"
Previous message: Borislav Petkov: "Re: [PATCH] perf: Move fs.* to generic lib/lk/"
In reply to: Vivek Goyal: "Re: [PATCH 0/6] kexec: A new system call to allow in kernel loading"
Next in thread: Vivek Goyal: "Re: [PATCH 0/6] kexec: A new system call to allow in kernel loading"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]