Matt Fleming <m...@codeblueprint.co.uk> wrote: > > (4) extract_kernel() calls sanitize_boot_params() which would otherwise > > clear > > the secure-boot flag. > > The ->sentinel flag should be clear (because you zero'd boot_params on > alloc), so the code inside of sanitize_boot_params() should never > trigger for the secure boot case.
But it *does* trigger, otherwise I wouldn't've noticed this. David