On Wed, Sep 11, 2013 at 11:02:36AM +0800, Dave Young wrote: > On 09/04/13 at 09:56pm, Vivek Goyal wrote: > > With secureboot enabled, we don't even trust root. And when kexec is launched > > it might happen that root has already rigged /proc and /sys which kexec > > reads to get important data. > > > > So create a private mount namespace which is not visible to root, unmount > > old /proc and /sys and remount these to get to actual data kernel exported. > > Hello Vivek > > kexec will also use /sys/kernel/debug/boot_params, I want to copy efi_info from > there for efi runtime support. So could you remount debugfs as well? Ok, will do. Thanks. Vivek _______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
