> -----Original Message----- > From: Thomas Renninger [mailto:tr...@suse.de] > Sent: Wednesday, April 10, 2013 12:41 AM > Hello, > > On Wednesday, April 10, 2013 01:34:33 PM Tang Chen wrote: > > On 04/05/2013 07:46 AM, Yinghai Lu wrote: > > > Use common get_ramdisk_image() to get ramdisk start phys address. > > > > > > We need this to get correct ramdisk adress for 64bit bzImage that > > > initrd can be loaded above 4G by kexec-tools.disk_size; > > don't know whether this question came up when this feature got > submitted (if yes a pointer would be appreciated). > > Is there a concept how signed microcode can get verified when applied > early, > like it is done via firmware loader? > > If not, early microcode loading is not really usable in secure boot > environment, right?
The microcode is cryptographically authenticated by the CPU itself, so there is no security issue related to early microcode loading. Thanks. -Fenghua -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
