ba70066c78
In the new lat-sdk.sh, the shim binary for secure boot has been updated which is signed by tis-boot key. In other words, in the trusted chains, we only replace DB with tis-boot, and other still use built-in certs DB --> MOK --> Grub GPG --> kernel/initramfs/grub.cfg In this way, the debian secure boot image could boot on the host in which the BIOS has been inserted with tis-boot key Test Plan: Pass: Rebuild container lat Pass: build-image --std Pass: Do secure boot install on qemu Story: 2008846 Task: 45591 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Change-Id: Ic35820beb7c911cb37dac8916bfce9e3d9a112b8 |
||
---|---|---|
.. | ||
bin | ||
dockerfiles | ||
lib/stx | ||
stx-build-tools-chart/stx-builder | ||
toCOPY |