On Thu, 22 Jun 2023 at 11:41, Tobias Powalowski <tobias.powalow...@googlemail.com> wrote: > > Hi tackled it down to this commit: > https://git.savannah.gnu.org/cgit/grub.git/commit/?id=6a080b9cde0be5d08b71daf17a806067e32fc13f > starting with this commit shim verification fails for kernel hash with bad > shim verification and makes Secure Boot impossible.
Could you elaborate on your setup? How are you signing and authenticating the kernel image? GRUB calls LoadImage/StartImage, and these calls will be intercepted by shim to implement its own authentication. The expectation here is that the kernel's PE image is signed with a MOK key. _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
