I've written two patches for (a) the logical change of allowing kernels
signed with keys in the secondary keyring to be kexec'd (b) the refactoring
of the magic 1UL Linus requested.

Yannik Sembritzki (2):
  Fix kexec forbidding kernels signed with keys in the secondary keyring
    to boot
  Replace magic for trusting the secondary keyring with #define

 arch/x86/kernel/kexec-bzimage64.c       | 2 +-
 certs/system_keyring.c                  | 3 ++-
 crypto/asymmetric_keys/pkcs7_key_type.c | 2 +-
 include/linux/verification.h            | 4 ++++
 4 files changed, 8 insertions(+), 3 deletions(-)

-- 
2.17.1

Reply via email to