[RFC 0/3] Add support for kexec_file_load

[Eric Richter]

> Eric Richter <erichte at linux.vnet.ibm.com> writes:
>>> One thought - do we want normal kexec / kexec_file_load to be an option, or
>>> enforce using it if we're in trusted boot mode?
>>
>> Ideally, if we are booting in secure/trusted mode, then only
>> kexec_file_load should be allowed. I am currently working on
>> implementing this now, will post as an update to this set.
>
> kexec_file_load and the fall back to normal kexec, which should be
> denied by the kernel if we've booted securely?
>
> That would make the petitboot logic simple, and up to the running kernel
> to enforce things, which seems about the right place to do that.
>

After trying to implement that logic, I've come to the same conclusion.

Did a bit of research though, it appears the patch that disables 
kexec_load never hit upstream. Slightly out of scope, but could this 
patch (or something similar) that can be carried in op-build?

Alternatively, it could be recommended/required to disable kexec_load in 
Kconfig for building a skiroot image intended to support trusted boot 
(maybe a buildroot option?).