Thiago Jung Bauermann <bauerman@xxxxxxxxxxxxxxxxxx> writes: > Michael Ellerman <mpe@xxxxxxxxxxxxxx> writes: > >> Thiago Jung Bauermann <bauerman@xxxxxxxxxxxxxxxxxx> writes: >> >>> On the OpenPOWER platform, secure boot and trusted boot are being >>> implemented using IMA for taking measurements and verifying signatures. >> >> I still want you to implement arch_kexec_kernel_verify_sig() as well :) > > Yes, I will implement it! We are still working on loading the public > keys for kernel signing from the firmware into a kernel keyring, so > there's not much point in implementing arch_kexec_kernel_verify_sig > without having that first. OK. What's the ETA on those patches? cheers
