Huh. TIL. That's awesome. On 2/24/23 14:33, Steve Langasek wrote:
On Fri, Feb 24, 2023 at 02:20:25PM -0600, Aaron Rainbolt wrote:This makes good sense to me. The concern I'm noticing here is that Secure Boot activates a kernel lockdown mode that prohibits kexec.Incorrect. It disables the old kexec syscall which doesn't have an interface for doing signature verification of the payload. It does not disable the use of kexec as a feature.
-- Aaron Rainbolt Lubuntu Developer https://github.com/ArrayBolt3 https://launchpad.net/~arraybolt3 @arraybolt3:lubuntu.me on Matrix, arraybolt3 on irc.libera.chat
OpenPGP_0x6169B9B4248C0464.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
