http://bugzilla.opensuse.org/show_bug.cgi?id=1160722 http://bugzilla.opensuse.org/show_bug.cgi?id=1160722#c1 Petr Tesařík <ptesarik@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jbohac@suse.com, | |ptesarik@suse.com Assignee|kernel-maintainers@forge.pr |ptesarik@suse.com |ovo.novell.com | --- Comment #1 from Petr Tesařík <ptesarik@suse.com> --- On a deeply technical level, there are two syscalls for loading a panic kernel: 1. kexec_load() - the older API, where most work is done in user space 2. kexec_file_load() - the newer API, where most work is done by the kernel Only the latter syscall allows signature verification (required e.g. when Secure Boot is active). It seems that the panic kernel now requires signature verification, but for some reason it is not attempted. I'll have to look into this in more detail. -- You are receiving this mail because: You are on the CC list for the bug.