On Wed, 2013-09-04 at 14:09 -0600, jerry.hoemann@xxxxxx wrote:
> On Tue, Sep 03, 2013 at 07:50:15PM -0400, Matthew Garrett wrote:
> > kexec permits the loading and execution of arbitrary code in ring 0, which
> > is something that module signing enforcement is meant to prevent. It makes
> > sense to disable kexec in this situation.
> >
> > Signed-off-by: Matthew Garrett <matthew.garrett@xxxxxxxxxx>
>
>
> Matthew,
>
> Disabling kexec will disable kdump, correct?
Yes.
> Are there plans to enable kdump on a system where secure
> boot is enabled?
Yes, Vivek Goyal (cc:ed) is working on that.
--
Matthew Garrett <matthew.garrett@xxxxxxxxxx>
��.n��������+%�������w��{.n�����{����*�jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
