Allows booting unsigned kernel when not using shim
Bug #1810842 reported by
dann frazier
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
grub2-signed (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Our current SB policy is to allow fallback to unsigned kernels, but we are in the process of changing this policy to require valid signatures. GRUB in disco should already be enforcing this new policy, but Ard Biesheuvel of Linaro discovered a corner case.
A system that has Canonical's key in the db can boot our signed GRUB directly (i.e., w/o chaining through shim). In this configuration, GRUB fails to detect that it is unable to validate signatures, and will permit booting unsigned kernels.