On Mon, Mar 10, 2025 at 09:12:22AM +, Mate Kukri wrote:
> - Use shim loader protocol to verify images in the shim_lock verifier.
This change makes the shim loader protocol mandatory for GRUB under UEFI
Secure Boot. However, I don't think this is a good idea, since the new
protocol is only avai
On 3/24/25 10:29 AM, Vladimir 'phcoder' Serbinenko wrote:
Is there a risk here of missing the failures? It's common that no one
looks at the output unless it causes a failed build on some CI/CD Le
Good point. Maybe the test script should return '1' when a single error
occurred but run all t
Is there a risk here of missing the failures? It's common that no one looks
at the output unless it causes a failed build on some CI/CD
Le ven. 21 mars 2025, 11:01, Gary Lin via Grub-devel a
écrit :
> Reset 'ret' to 0 when a test case fails so that the other test cases
> could continue.
>
> Sign
On 3/21/25 3:59 AM, Gary Lin wrote:
Since 'grub-protect' already supports NV index mode, tpm2_seal_nv() is
replaced with one 'grub-protect' command to simplify the test script.
'tpm2_evictcontrol' is also replaced with 'grub-protect --tpm2-evict'.
Signed-off-by: Gary Lin
---
tests/tpm2_key
On 3/21/25 3:59 AM, Gary Lin via Grub-devel wrote:
Two more NV index test cases are added to test key sealing and
unsealing with the NV index handle 0x100.
Signed-off-by: Gary Lin
---
tests/tpm2_key_protector_test.in | 55 ++--
1 file changed, 39 insertions(
On 3/21/25 3:59 AM, Gary Lin via Grub-devel wrote:
Reset 'ret' to 0 when a test case fails so that the other test cases
could continue.
Signed-off-by: Gary Lin
---
tests/tpm2_key_protector_test.in | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tests/tpm2_key_protector_test.in b/test
