[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bad shim signature on kernel loading with patchset from 25.05.2023 a
|
From: |
Ard Biesheuvel |
|
Subject: |
Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up |
|
Date: |
Fri, 23 Jun 2023 15:40:55 +0200 |
On Thu, 22 Jun 2023 at 11:41, Tobias Powalowski
<tobias.powalowski@googlemail.com> wrote:
>
> Hi tackled it down to this commit:
> https://git.savannah.gnu.org/cgit/grub.git/commit/?id=6a080b9cde0be5d08b71daf17a806067e32fc13f
> starting with this commit shim verification fails for kernel hash with bad
> shim verification and makes Secure Boot impossible.
Could you elaborate on your setup? How are you signing and
authenticating the kernel image?
GRUB calls LoadImage/StartImage, and these calls will be intercepted
by shim to implement its own authentication. The expectation here is
that the kernel's PE image is signed with a MOK key.
- Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Tobias Powalowski, 2023/06/22
- Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Tobias Powalowski, 2023/06/22
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Tobias Powalowski, 2023/06/22
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Tobias Powalowski, 2023/06/22
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up,
Ard Biesheuvel <=
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Tobias Powalowski, 2023/06/23
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Dimitri John Ledkov, 2023/06/23
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Ard Biesheuvel, 2023/06/23
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Dimitri John Ledkov, 2023/06/23
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Daniel Kiper, 2023/06/23
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Tobias Powalowski, 2023/06/23
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Ard Biesheuvel, 2023/06/23
- Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Tobias Powalowski, 2023/06/23
Re: Bad shim signature on kernel loading with patchset from 25.05.2023 and up, Thomas Frauendorfer, 2023/06/26