Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v5.1.16 2018-12-11T12:19:47+00:00 2018-12-11T12:19:47+00:00 Mimi Zohar zohar@linux.ibm.com 2018-11-14T17:30:19+00:00 urn:sha1:a802ed0dd9c2607cc219574e881062d43ea3b7e0 The kernel CONFIG_KEXEC_VERIFY_SIG option is limited to verifying a kernel image's signature, when loaded via the kexec_file_load syscall. There is no method for verifying a kernel image's signature loaded via the kexec_load syscall. This test verifies loading the kernel image via the kexec_load syscall fails when the kernel CONFIG_KEXEC_VERIFY_SIG option is enabled on systems with secureboot enabled[1]. [1] Detecting secureboot enabled is architecture specific. Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>