Public bug reported:
[Impact]
When using kexec -s with an unsigned image, it will fail requiring a
signed image, even if the system is not under lockdown. kexec without
the -s option will still work.
[Test case]
Tested with kexec -s with both a signed and unsigned image, both under lockdown
and not under lockdown.
[Potential Regressions]
We allow unsigned kernels to be loaded even under lockdown. However, the test
case has tested that and it still failed. Other regression would be that no
kernel could be loaded. Also tested under test case.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: In Progress
** Affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: In Progress
** Affects: linux (Ubuntu Cosmic)
Importance: Undecided
Status: In Progress
** Affects: linux (Ubuntu Disco)
Importance: Undecided
Status: In Progress
** Also affects: linux (Ubuntu Disco)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Bionic)
Status: New => In Progress
** Changed in: linux (Ubuntu Disco)
Status: New => In Progress
** Changed in: linux (Ubuntu Cosmic)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1800856
Title:
allow kexec_file of unsigned images under lockdown
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1800856/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
