Re: [PATCH] Fix kexec forbidding kernels signed with custom platform keys to boot

From: Yannik Sembritzki
Date: Wed Aug 15 2018 - 17:50:49 EST


On 15.08.2018 23:40, James Bottomley wrote:
> What about the key linking patches:
>
> https://lkml.org/lkml/2018/5/2/989
>
> ? They allow you to insert your own binary key into bzimage and then
> resign the resulting blob for secure boot. It's a fairly painless
> process. The patches have been languishing for an unstated reason but
> it's suspected to have something to do with Red Hat not wanting to
> support Enterprise users signing their own kernels.

Thanks, that's exactly what I was thinking about.

Yannik