Hi, On 06/12/2018 06:03 AM, Dave Young wrote: > Fedora bug > https://bugzilla.redhat.com/show_bug.cgi?id=1470995 > > With Fedora kernels on Secure Boot enabled machine kexec_file_load > fails because kernel can not use any keys other than kernel builtin > keyring. verify_pefile_signature() requires caller to pass 1UL as > the keyring pointer to use other keyring. > > Posted a fix in upstream, but no response for long time. Thus going > with a Fedora fix same as what the module code does. > > Latest upstream effort: > https://www.spinics.net/lists/kernel/msg2825184.html I've added it to Rawhide, F28, and F27. Thanks, Jeremy _______________________________________________ kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx/message/YMFSXDL2CDSKBIE2P5KQJGOAQV3FGKJF/
