Adventures with the UEFI shim
Paul Moore
paul at paul-moore.com
Tue Nov 24 18:58:05 GMT 2020
On Tue, Nov 17, 2020 at 11:34 AM Paul Moore <paul at paul-moore.com> wrote:
> Relying on the signed distro build highlights the idea that the
> ExitBootServices check isn't critical to the UEFI SB security model;
> the important authorization is the signature on the bootloader itself,
> not whether or not the bootloader calls into the shim verification
> protocol.
>
> Regardless, as you said, this isn't our code, it would be nice to hear
> a verdict from the shim maintainers on the ExitBootServices check.
Thoughts Peter?
--
paul moore
www.paul-moore.com
More information about the Efi
mailing list