Some questions regarding firmware handling in the qemu driver
Gerd Hoffmann
kraxel at redhat.com
Tue Jun 14 12:47:46 UTC 2022
Hi,
> Having said that I find Fedora does still buld shim 15.4 for
> aarch64. We only exclude 32-bit, and I think RHEL does the
> same. Whether anyone's tested SecureBoot on aarch64 in
> Fedora/RHEL though, I'm not so sure.
Well, at least the fedora shim builds are not signed with anything,
and grub doesn't look much better:
$ pesigcheck -v -i grubaa64.efi
[ ... ]
Signature has impossible time constraint: 1639158862 <= 1373397163
Peer's Certificate has expired.
[ ... ]
$ date --date @1373397163
Tue Jul 9 21:12:43 CEST 2013
^^^^
I think we can take that as clear indication that nobody ever tested
secure boot with fedora on aarch64 ;)
take care,
Gerd
More information about the libvir-list
mailing list