In order to pass fresh entropy to kexec'd kernels, use BI_RNG_SEED
for passing a seed, with the same semantics that kexec-tools currently
uses for i386's setup_data.
Link: https://git.kernel.org/torvalds/c/dc63a086daee92c63e3
Signed-off-by: Jason A. Donenfeld
---
kexec/arch/m68k/bootinfo.c
Hi Simon,
Sorry about that. Not sure why my toolchain missed it. v3 coming up.
Jason
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
On Fri, Nov 11, 2022 at 02:35:33AM +0100, Jason A. Donenfeld wrote:
> In order to pass fresh entropy to kexec'd kernels, use BI_RNG_SEED
> for passing a seed, with the same semantics that kexec-tools currently
> uses for i386's setup_data.
>
> Link: https://git.kernel.org/torvalds/c/dc63a086daee92
kexec_load_disabled affects both ``kexec_load`` and ``kexec_file_load``
syscalls. Make it explicit.
Signed-off-by: Ricardo Ribalda
diff --git a/Documentation/admin-guide/sysctl/kernel.rst
b/Documentation/admin-guide/sysctl/kernel.rst
index 98d1b198b2b4..97394bd9d065 100644
--- a/Documentation/a
Create a new toogle that disables LINUX_REBOOT_CMD_KEXEC, reducing the
attack surface to a system.
Without this toogle, an attacker can only reboot into a different kernel
if they can create a panic().
Signed-off-by: Ricardo Ribalda
diff --git a/Documentation/admin-guide/sysctl/kernel.rst
b/Do
-commit: 094226ad94f471a9f19e8f8e7140a09c2625abaa
change-id: 20221114-disable-kexec-reset-19b7e117338f
Best regards,
--
Ricardo Ribalda
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec