Petr Tesa����k changed bug 1160722
What Removed Added
CC   jbohac@suse.com, ptesarik@suse.com
Assignee kernel-maintainers@forge.provo.novell.com ptesarik@suse.com

Comment # 1 on bug 1160722 from
On a deeply technical level, there are two syscalls for loading a panic kernel:

1. kexec_load() - the older API, where most work is done in user space
2. kexec_file_load() - the newer API, where most work is done by the kernel

Only the latter syscall allows signature verification (required e.g. when
Secure Boot is active). It seems that the panic kernel now requires signature
verification, but for some reason it is not attempted. I'll have to look into
this in more detail.


You are receiving this mail because: