ba70066c78
In the new lat-sdk.sh, the shim binary for secure boot has been updated which is signed by tis-boot key. In other words, in the trusted chains, we only replace DB with tis-boot, and other still use built-in certs DB --> MOK --> Grub GPG --> kernel/initramfs/grub.cfg In this way, the debian secure boot image could boot on the host in which the BIOS has been inserted with tis-boot key Test Plan: Pass: Rebuild container lat Pass: build-image --std Pass: Do secure boot install on qemu Story: 2008846 Task: 45591 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Change-Id: Ic35820beb7c911cb37dac8916bfce9e3d9a112b8 |
||
---|---|---|
.. | ||
stx-aptly.Dockerfile | ||
stx-builder.Dockerfile | ||
stx-lat-tool.Dockerfile | ||
stx-pkgbuilder.Dockerfile |