Comment 15 for bug 1748983

Verification-done on xenial:

shim-signed/1.33.1~16.04.4
dkms/2.2.0.3-2ubuntu11.6

I've installed bbswitch on a test UEFI system, rebooted to disable validation in shim; then upgraded to the new packages and could verify that shim validation was re-enabled and a MOK was enrolled in the firmware, as expected.

ubuntu@ubuntu:~$ dpkg -l dkms shim-signed | cat
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-=============================================-============-==============================================================
ii dkms 2.2.0.3-2ubuntu11.6 all Dynamic Kernel Module Support Framework
ii shim-signed 1.33.1~16.04.4+15+1533136590.3beb971-0ubuntu1 amd64 Secure Boot chain-loading bootloader (Microsoft-signed binary)
ubuntu@ubuntu:~$ sudo mokutil --sb-state
[sudo] password for ubuntu:
SecureBoot enabled
ubuntu@ubuntu:~$ sudo modprobe bbswitch
modprobe: ERROR: could not insert 'bbswitch': No such device
ubuntu@ubuntu:~$ dmesg | tail
[ 7.397726] wlp3s0: authenticated
[ 7.398704] wlp3s0: associate with fc:ec:da:3c:dd:85 (try 1/3)
[ 7.402921] wlp3s0: RX AssocResp from fc:ec:da:3c:dd:85 (capab=0x411 status=0 aid=3)
[ 7.422831] wlp3s0: associated
[ 7.422886] IPv6: ADDRCONF(NETDEV_CHANGE): wlp3s0: link becomes ready
[ 23.013018] random: nonblocking pool is initialized
[ 100.470084] bbswitch: loading out-of-tree module taints kernel.
[ 100.470804] bbswitch: version 0.8
[ 100.470822] bbswitch: Found integrated VGA device 0000:00:02.0: \_SB_.PCI0.VID_
[ 100.470837] bbswitch: No discrete VGA device found