kern: document rationale for PRIV_REBOOT usage in kexec_load
Needs ReviewPublic
Actions

Authored by go4av05.pvtx_gmail.com on Dec 20 2025, 3:57 AM.

Tags

None

Referenced Files

	F153507953: D54324.diff
	Tue, Apr 21, 12:51 PM

	F153386097: D54324.diff
	Mon, Apr 20, 8:49 PM

	Unknown Object (File)
	Wed, Apr 15, 6:29 AM

	Unknown Object (File)
	Sun, Apr 12, 12:48 AM

	Unknown Object (File)
	Sat, Apr 11, 1:10 PM

	Unknown Object (File)
	Fri, Apr 10, 2:21 PM

	Unknown Object (File)
	Tue, Mar 24, 2:13 AM

	Unknown Object (File)
	Mar 21 2026, 8:09 PM

Subscribers

Details

Reviewers

imp

Summary

Document why kexec_load() currently relies on PRIV_REBOOT for access
control, noting that loading a new kernel image is more powerful than
a traditional reboot and may warrant finer-grained privileges in the
future.

No functional change intended.

Test Plan

Not applicable (comment-only change).

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

go4av05.pvtx_gmail.com created this revision.Dec 20 2025, 3:57 AM

Herald added subscribers: olce, imp. · View Herald TranscriptDec 20 2025, 3:57 AM

go4av05.pvtx_gmail.com requested review of this revision.Dec 20 2025, 3:57 AM

imp accepted this revision.Dec 20 2025, 6:00 AM

This revision is now accepted and ready to land.Dec 20 2025, 6:00 AM

ngie added a subscriber: ngie.Dec 28 2025, 10:23 PM

ngie added inline comments.

sys/kern/kern_kexec.c
344–356	My feedback in https://reviews.freebsd.org/D54326 applies here as well.

Enji Cooper asked to fix * alignment.
No Functional change intended.

This revision now requires review to proceed.Dec 29 2025, 6:51 AM

go4av05.pvtx_gmail.com mentioned this in D54391: Clarify TAI offset validation in kern_ntptime.Jan 1 2026, 11:20 AM

Revision Contents
Changeset List

Path

Size

sys/

kern/

kern_kexec.c

15 lines

Diff 168467

View Options

kern: document rationale for PRIV_REBOOT usage in kexec_loadNeeds ReviewPublicActions