Re: [PATCH 01/12] Add BSD-style securelevel support
From: Matthew Garrett
Date: Mon Sep 09 2013 - 12:30:19 EST
On Mon, 2013-09-09 at 09:27 -0700, H. Peter Anvin wrote:
> This will break or have to be redefined once you have signed kexec.
Yeah. I wasn't really sure how to define it based on an implementation
that isn't there yet - saying "kexec_load() of untrusted binaries"
implies that there's some way to do it for trusted binaries.
--
Matthew Garrett <matthew.garrett@xxxxxxxxxx>
èº{.nÇ+·®+%Ëlzwm
ébëæìr¸zX§»®w¥{ayºÊÚë,j¢f£¢·hàz¹®w¥¢¸¢·¦j:+v¨wèjØm¶ÿ¾«êçzZ+ùÝj"ú!¶iOæ¬z·vØ^¶m§ÿðÃnÆàþY&