Make sure you have provided the following information:
- link to your code branch cloned from rhboot/shim-review in the form user/repo@tag
- completed README.md file with the necessary information
- shim.efi to be signed
- public portion of your certificate(s) embedded in shim (the file passed to VENDOR_CERT_FILE)
- binaries, for which hashes are added do vendor_db ( if you use vendor_db and have hashes whitelisted )
- any extra patches to shim via your own git tree or as files
- any extra patches to grub via your own git tree or as files
- build logs
[your text here]
[your text here]
[your text here]
What's the justification that this really does need to be signed for the whole world to be able to boot it:
[your text here]
[your text here]
[your text here]
[your text here]
Is kernel upstream commit 75b0cea7bf307f362057cc778efe89af4c615354 present in your kernel, if you boot chain includes a linux kernel ?
[your text here]
[your text here]
Did you change your certificate strategy, so that affected by CVE CVE-2020-10713 grub2 bootloaders can not be verified ?
[your text here]
[your text here]
[your text here]
[your text here]
[your text here]
[your text here]
[your text here]
[your text here]