On Tue, Oct 23, 2012 at 08:51:53AM -0700, Eric W. Biederman wrote: [..] > > purgatory code is modified dynamically upon every invocation of kexec. > > That means there needs to be a mechanism to sign it after we are done > > with purgatory modification. But there are no signing keys available > > on the system. All the signing happens externally during build time. So > > we don't have the option of signing purgatory at run time. > > Hogwash. > > The only significant modification we make to purgatory is relocation > processing. That relocation processing is a convinience, not a > necessity. Potentially we could move the relocation processing into > purgatory itself. Apart from relocations, we also set some variable values. - Like entry point of kernel. - Like address of backup region etc. And all this information is dynamic and varies based on where memory for second kernel was reserved. So until and unless we figure out a way to solve that problem, we can't sign purgatory at build time. Thanks Vivek
