On Mon, Aug 19, 2013 at 6:10 PM, Matthew Garrett <matthew.garrett@xxxxxxxxxx> wrote: > kexec permits the loading and execution of arbitrary code in ring 0, which > is something that module signing enforcement is meant to prevent. It makes > sense to disable kexec in this situation. Any plans for signed kexec code? Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html