[Bug 1829749] Re: Please add support for zipl signing
Andy Whitcroft
apw at canonical.com
Mon Jun 10 10:58:49 UTC 2019
Worked with ~cjwatson to add Secure Initial Program Load signing to
launchpad. Changes deployed to dogfood and test packages uploaded.
This results in a vmlinuz.sipl gaining a vmlinuz.sipl.sig, and an
appropriate control/sipl.x509 file. The signed binary validates
correctly using the public key. Looks good.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to s390-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1829749
Title:
Please add support for zipl signing
Status in Launchpad itself:
Fix Committed
Status in linux-signed package in Ubuntu:
New
Status in s390-tools package in Ubuntu:
New
Bug description:
Please add support for zipl ("z/ecureBoot") signing.
It should be similar to opal signing, but using the new zipl signing
key.
I am expecting to sign s390-tools stage3.bin and kernel images using
this key.
s390-tools -> can be signed already
kernels -> should only sign v5.2+
To manage notifications about this bug go to:
https://bugs.launchpad.net/launchpad/+bug/1829749/+subscriptions
More information about the foundations-bugs
mailing list