[Bug 1931136] Re: Don't unhook ExitBootServices() when EBS protection is disabled
dann frazier
1931136 at bugs.launchpad.net
Fri Jun 25 15:31:27 UTC 2021
I'm not sure we've seen this problem with a xenial guest. However, I did
regression test and verify that xenial guests still boot in secureboot
mode w/ the shim-signed package in -proposed:
ubuntu at ubuntu:~$ dpkg -l | grep shim-signed
ii shim-signed 1.33.1~16.04.9+15.4-0ubuntu5
amd64 Secure Boot chain-loading bootloader (Microsoft-signed binary)
ubuntu at ubuntu:~$ sudo mokutil --sb-state
SecureBoot enabled
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shim in Ubuntu.
https://bugs.launchpad.net/bugs/1931136
Title:
Don't unhook ExitBootServices() when EBS protection is disabled
Status in shim package in Ubuntu:
Fix Released
Status in shim-signed package in Ubuntu:
Fix Committed
Status in shim source package in Xenial:
Fix Committed
Status in shim source package in Focal:
Fix Committed
Status in shim source package in Hirsute:
Fix Committed
Bug description:
[Impact]
This is a regression in shim 15.4 that causes a crash in shim when chainbooting.
Also, the machine resets when you exit grub, rather than going back to
the EFI shell when launched from it.
[Test plan]
Boot an Ubuntu hirsute image in Secure Boot mode. While this issue was
originally seen while chainbooting in
https://github.com/lxc/lxd/issues/8770 - it was shown to be also
reproducible just by booting a hirsute instance.
[Where problems could occur]
In exiting shim, failure to boot, etc.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim/+bug/1931136/+subscriptions
More information about the foundations-bugs
mailing list