config: Enable kexec bzImage signature verification
New kexec syscall (kexec_file_load()) can perform bzimage signature
verification.
This will re-enable kexec/kdump on secureboot systems using new syscall.
Currently kexec/kdump is disabled on secureboot systems.
User space (kexec-tools) will be modifed to automatically detect that
running system has secureboot enabled and use new syscall instead of
old one.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>