[Impact]
new upstream release; usual dependency updates per Go MIR policy; aligning with snapd 2.62; and support for shim 15.8 per the secboot dependency update.
[Test plan]
* Test suite passes
* Deploy Azure CVM and TPM FDE
* Upgrade to this new package and reboot
* Boot should be successful
* Double check bios_measurements_log to ensure that the newly update shim was used for boot (https://github.com/canonical/tcglog-parser/tree/master/tcglog-dump can be used to extract checksum of the shim binary used at boot and compared to the one shipped in nullboot)
* CPC - build new image with nullboot preinstalled, and attempt to register and boot such an images as first time.
We have set block-proposed to allow testing in noble-proposed to be carried out before migration to noble release pocket.
[Where problems could occur]
Resealing of Azure CVM machines could fail and they would need to be unlocked with a recovery key.
[Impact]
new upstream release; usual dependency updates per Go MIR policy; aligning with snapd 2.62; and support for shim 15.8 per the secboot dependency update.
[Test plan]
* Test suite passes
* Deploy Azure CVM and TPM FDE ts_log to ensure that the newly update shim was used for boot (https:/ /github. com/canonical/ tcglog- parser/ tree/master/ tcglog- dump can be used to extract checksum of the shim binary used at boot and compared to the one shipped in nullboot)
* Upgrade to this new package and reboot
* Boot should be successful
* Double check bios_measuremen
* CPC - build new image with nullboot preinstalled, and attempt to register and boot such an images as first time.
We have set block-proposed to allow testing in noble-proposed to be carried out before migration to noble release pocket.
[Where problems could occur]
Resealing of Azure CVM machines could fail and they would need to be unlocked with a recovery key.