On 15.08.2018 23:40, James Bottomley wrote: > What about the key linking patches: > > https://lkml.org/lkml/2018/5/2/989 > > ? They allow you to insert your own binary key into bzimage and then > resign the resulting blob for secure boot. It's a fairly painless > process. The patches have been languishing for an unstated reason but > it's suspected to have something to do with Red Hat not wanting to > support Enterprise users signing their own kernels.
Thanks, that's exactly what I was thinking about. Yannik
