Check if secure boot is enabled with development keys
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-bluefield (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Shravan Kumar Ramani |
Bug Description
SRU Justification:
[Impact]
Currently, there is no indication from mlx-bootctl when the user reads the lifecycle_state sysfs as to whether secure boot is enabled with development keys or production keys. In order to make this clear to the user, add a check in the driver.
[Fix]
Check the secure boot development mode status bit. If secure boot is enabled with the development key, then print it to the output buffer when lifecycle_
[Test Case]
On a system in secure state, if it has been programmed with development keys, then reading the lifecycle_state sysfs entry in the mlx-bootctl driver should print a message that indicates the same.
Similarly, a secure system which has been programmed with production keys must print the appropriate message when the lifecycle_state sysfs is read.
[Regression Potential]
Can be considered minimum.
Changed in linux-bluefield (Ubuntu Focal): | |
assignee: | nobody → Shravan Kumar Ramani (sramani) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux-bluefield (Ubuntu): | |
status: | New → Invalid |
tags: |
added: verification-done-focal removed: verification-needed-focal |
This bug is awaiting verification that the linux-bluefield /5.4.0- 1022.25 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- focal' to 'verification- done-focal' . If the problem still exists, change the tag 'verification- needed- focal' to 'verification- failed- focal'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!