Adventures with the UEFI shim
Paul Moore
paul at paul-moore.com
Wed Dec 2 17:49:18 GMT 2020
On Tue, Nov 24, 2020 at 1:58 PM Paul Moore <paul at paul-moore.com> wrote:
> On Tue, Nov 17, 2020 at 11:34 AM Paul Moore <paul at paul-moore.com> wrote:
> > Relying on the signed distro build highlights the idea that the
> > ExitBootServices check isn't critical to the UEFI SB security model;
> > the important authorization is the signature on the bootloader itself,
> > not whether or not the bootloader calls into the shim verification
> > protocol.
> >
> > Regardless, as you said, this isn't our code, it would be nice to hear
> > a verdict from the shim maintainers on the ExitBootServices check.
>
> Thoughts Peter?
Peter? Javier? Any of the UEFI shim folks?
--
paul moore
www.paul-moore.com
More information about the Efi
mailing list