* use one cert for all; modules, kernel, kexec
@ 2023-10-27 9:33 Markus Reichelt
0 siblings, 0 replies; only message in thread
From: Markus Reichelt @ 2023-10-27 9:33 UTC (permalink / raw)
To: kexec
Hi,
I already use signed modules and do wonder if the same cert can be used
to sign the kernel, and verified by kexec when loading such a kernel.
Failing to verify a signed kernel, kexec shall not load it.
Is that doable with current kexec-tools?
If not, is there a real chance this could be added?
My trust scenario is simple, use one cert for all.
Thanks,
Markus
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2023-10-27 9:33 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-10-27 9:33 use one cert for all; modules, kernel, kexec Markus Reichelt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox