openstack/sushy-tools
Code Issues Proposed changes
sushy-tools/releasenotes/notes/secure-boot-de663109ced9b266.yaml
Steve Baker 41628d3546 Add SecureBoot support to the emulator, all drivers 
This change adds a basic SecureBoot endpoint to the emulator which
returns the actual secure boot enabled status.

The fake and libvirt drivers supports setting the secure boot.

OVMF paths have aligned on /usr/share/OVMF/ since this is supported by
Red Hat and Debian family distros. Default and example firmware loader
is now OVMF_CODE.secboot.fd since this exists on all distros and is
known to work with both secure boot enabled and disabled on some
distros.

Change-Id: Icb85710d81c656da6853d67f5e1c6a8609abc1cf
2022-12-13 11:24:31 -08:00

12 lines
528 B
YAML
Raw Blame History

---
features:
- |
It is now possible to enable and disable UEFI Secure Boot mode via Redfish
requests for the libvirt driver. This is possible by configuring domains to
use a secure boot capable firmware loader, and setting configuration values
`SUSHY_EMULATOR_SECURE_BOOT_ENABLED_NVRAM` and
`SUSHY_EMULATOR_SECURE_BOOT_DISABLED_NVRAM` to nvram template paths which
enable or disable secure boot.
The fake driver supports getting and setting secure boot, the nova driver
only supports getting.
View Git Blame Copy Permalink