Comment 0 for bug 1637290
Revision history for this message
| Mathieu Trudel-Lapierre (cyphermox) wrote Update to the signed 0.9+1474479173.6c180c6-0ubuntu1 shim binary from Microsoft | #0 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
[Impact]
We might want to boot securely one of these days.
[Test case]
A) Upgrading
- Update to new shim, shim-signed, grub2, grub2-signed on an UEFI system.
- Verify that the new shimx64.efi file is under /boot/efi/
- Verify that /boot/efi/
B) Booting normally
- Update to new shim, shim-signed, grub2, grub2-signed on an UEFI system, with Secure Boot enabled.
- Verify it boots successfully to the login prompt.
- There should be no messages about "Verification failure" or other errors before the kernel is loaded.
B) Network boot.
- Update to shim signed and grub2 signed EFI binaries on the TFTP server used.
- Verify that a network booting system still boots normally through shim and grub, reaching a login prompt.
C) BootEntry options
- Update to new shim, shim-signed, grub2, grub2-signed on an UEFI system.
- Update or install fwupdate.
- Verify that new updates can be applied via fwupdate, that when an update is available, fwupdate will correctly start, apply the update, and reboot to shim normally, leading to a working system.
[Regression Potential]
Any failure to load the kernel from grub, or for shim to load grub, or for the system firmware to load shim (such as "Verification failure" messages) or failure to retrieve or parse BootEntry extended options (such as necessary to load MokManager or fwupdate) should be considered regressions.