Hello, A new version of the rhboot secure boot shim was released yesterday https://github.com/rhboot/shim/releases/tag/16.0. This version contains an implementation of the LoadImage/StartImage/Exit/etc API set, which is exposed both via SystemTable hooks, and a new protocol called the shim loader protocol. This allows second stage bootloaders to load and execute shim signed PE binaries the same way as ones signed by firmware keys. Unfortunately this also means that systemd-stub will no longer be able to load its embedded kernel due to relying on overriding the non-UEFI standard SECURITY2_ARCH_PROTOCOL to avoid verification which the shim LoadImage implementation of course does not consult. I really hope the solution to this won't be another copy pasted PE loader inside the stub (as one of the big goals of the loader protocol work was to avoid the multiplication of PE loaders...) One possible solution is to add a new API to shim to allow loading previously verified images such as the embedded kernel without further verification. I am looking to hear your thoughts on how to fix this issue. Mate Kukri
shim 16 breaking systemd stub and next steps
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: shim 16 breaking systemd stub and next steps
- From: Mate Kukri <mate.kukri@xxxxxxxxxxxxx>
- Date: Thu, 20 Mar 2025 09:38:04 +0000
- Follow-Ups:
- Re: shim 16 breaking systemd stub and next steps
- From: Luca Boccassi
- Re: shim 16 breaking systemd stub and next steps
- From: Lennart Poettering
- Re: shim 16 breaking systemd stub and next steps
- Prev by Date: nspawn COW and instance orchestration
- Next by Date: Re: shim 16 breaking systemd stub and next steps
- Previous by thread: nspawn COW and instance orchestration
- Next by thread: Re: shim 16 breaking systemd stub and next steps
- Index(es):
 |