Em qui., 10 de jul. de 2025, 12:42, Gerd Hoffmann <kra...@redhat.com> escreveu:
> On Wed, Jul 09, 2025 at 05:42:23PM +0200, Florian Weimer wrote: > > * Gerd Hoffmann: > > > > >> At least for me it seems to be a extremely generic update that > doesn't rely > > >> on hardware specific characteristics as is with a full BIOS update. > > > > > > Correct. It's literally just the new ms kek key with a pkcs7 signature > > > from the hardware vendor's PK key. No code update. > > > > Still it needs to go through QA because it has a significant risk of > > corrupting the boot path. > > Sure. It's a first in the secure boot world and has the potential to > break a bunch of stuff. Specifically I think with the boot signature > chain changing some TPM PCR measurements will change too, so TPM being > is used for LUKS disk encryption most likely is affected and will need > some extra attention. > Would it be the same root cause from when every so often Microsoft releases a update related to Secure Boot and Windows users get thrown into the BitLocker recovery asking for a key that many of them have no idea how to get? (And they also can't use the Microsoft account backup because they have no access) > But it shouldn't be the "broken bios update might brick the machine" > level of risk. > > take care, > Gerd > > -- > _______________________________________________ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
