Harlan Lieberman-Berg <hlieberman@???> writes: > It also requires us to reenable kexec functionality, which exposes a
> risk of code injection unless we get signed kexec support.
I just checked the kernel, and it seems that signed kexec functionality
was mainlined in 3.17. So, strike that from the list of problems with
all the kexec dependent solutions.
