Re: [PATCH 08/10] kexec: Disable at runtime if the kernel enforces module loading restrictions

On Mon, Aug 19, 2013 at 6:10 PM, Matthew Garrett matthew.garr...@nebula.com wrote: kexec permits the loading and execution of arbitrary code in ring 0, which is something that module signing enforcement is meant to prevent. It makes sense to disable kexec in this situation. Any plans for

[PATCH 08/10] kexec: Disable at runtime if the kernel enforces module loading restrictions

kexec permits the loading and execution of arbitrary code in ring 0, which is something that module signing enforcement is meant to prevent. It makes sense to disable kexec in this situation. Signed-off-by: Matthew Garrett matthew.garr...@nebula.com --- kernel/kexec.c | 4 1 file changed, 4