On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
If secure boot is enabled with PKS, it will read secure boot variables
such as db and dbx from PKS and extract certificates from ESL.
It would be saved in the platform keystore buffer, and
What is 'it'. The certificates would be saved ... ?
the
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
If secure boot is enabled with PKS, it will read secure boot variables
such as db and dbx from PKS and extract certificates from ESL.
It would be saved in the platform keystore buffer, and
the appendedsig (module) would read it later to extract
the
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
enhancing the infrastructure to enable the Platform Keystore (PKS) feature,
which provides access to the SB VERSION, DB, and DBX secure boot variables
from PKS.
Signed-off-by: Sudhakar Kuppusamy
---
grub-core/kern/ieee1275/ieee1275.c | 117
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
From: Daniel Axtens
If the 'ibm,secure-boot' property of the root node is 2 or greater,
enter lockdown.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
docs/grub.texi | 4 +
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
From: Daniel Axtens
This explains how appended signatures can be used to form part of
a secure boot chain, and documents the commands and variables
introduced.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
---
docs/grub.texi
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
From: Daniel Axtens
These tests are run through all_functional_test and test a range
of commands and behaviours.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
grub-core/Makefile.core.def
From: James Le Cuirot
grub_script_execute_sourcecode() parses and executes code one line at a
time, updating the return code each time because only the last line
determines the final status. However, trailing new lines were also
executed, masking any failure on the previous line. Fix this by only
