On Mon, Aug 19, 2013 at 6:10 PM, Matthew Garrett
matthew.garr...@nebula.com wrote:
kexec permits the loading and execution of arbitrary code in ring 0, which
is something that module signing enforcement is meant to prevent. It makes
sense to disable kexec in this situation.
Any plans for
kexec permits the loading and execution of arbitrary code in ring 0, which
is something that module signing enforcement is meant to prevent. It makes
sense to disable kexec in this situation.
Signed-off-by: Matthew Garrett matthew.garr...@nebula.com
---
kernel/kexec.c | 4
1 file changed, 4