Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NewStartOS V4 shim-15.6 x64 and ia32 #289

Closed
8 tasks done
LiangJianNSDL opened this issue Oct 28, 2022 · 8 comments
Closed
8 tasks done

NewStartOS V4 shim-15.6 x64 and ia32 #289

LiangJianNSDL opened this issue Oct 28, 2022 · 8 comments
Labels
bug Problem with the review that must be fixed before it will be accepted contact verification needed Contact verification is needed for this review new vendor This is a new vendor

Comments

@LiangJianNSDL
Copy link

LiangJianNSDL commented Oct 28, 2022
edited
Loading

Confirm the following are included in your repo, checking each box:

  • completed README.md file with the necessary information
  • shim.efi to be signed
  • public portion of your certificate(s) embedded in shim (the file passed to VENDOR_CERT_FILE)
  • binaries, for which hashes are added to vendor_db ( if you use vendor_db and have hashes allow-listed )
  • any extra patches to shim via your own git tree or as files
  • any extra patches to grub via your own git tree or as files
  • build logs
  • a Dockerfile to reproduce the build of the provided shim EFI binaries

What is the link to your tag in a repo cloned from rhboot/shim-review?

https://github.com/LiangJianNSDL/shim-review/tree/nsdl-v4-shim-amd64-i386-20221028

What is the SHA256 hash of your final SHIM binary?

sha256sum shimia32.efi
fa07390322fd0c3b913a2ea58f98e6e584b8d871025664327a9b7cfbd4cb7643 shimia32.efi
sha256sum shimx64.efi
841a5a2d59a91b2e4fc6e2a9309cd2240833f08b9aad417cbba62f1aaf909fd2 shimx64.efi

What is the link to your previous shim review request (if any, otherwise N/A)?

N/A
@LiangJianNSDL LiangJianNSDL changed the title NSDL V4 shim-15.6 x64 and ia32 NewStart OS V4 shim-15.6 x64 and ia32 Nov 1, 2022
@LiangJianNSDL LiangJianNSDL changed the title NewStart OS V4 shim-15.6 x64 and ia32 NewStartOS V4 shim-15.6 x64 and ia32 Nov 1, 2022
@frozencemetery
Copy link
Member

SBAT is either incorrect or you're missing multiple security updates to your grub2.

@frozencemetery frozencemetery added the bug Problem with the review that must be fixed before it will be accepted label Nov 18, 2022
@LiangJianNSDL
Copy link
Author

SBAT is either incorrect or you're missing multiple security updates to your grub2.

Thanks, I have fixed SBAT for my shim and grub2 and updated these files, you can check it again.
If there something need to fix , please contact us. Thanks your effort.

@LiangJianNSDL LiangJianNSDL mentioned this issue Dec 3, 2022
Closed
8 tasks
@dennis-tseng99
Copy link
Collaborator

dennis-tseng99 commented Dec 26, 2022
edited
Loading

The hash value seems to not match with the above values:
What is the SHA256 hash of your final SHIM binary?

sha256sum shimia32.efi

89ea4fe5c9bd0ad07bdec54c355290b28b2fcb69745d8d10dc0b39e8aaf72dc3 shimia32.efi

sha256sum shimx64.efi

1e578f73ab4b253e030d66e9545b7faceb7b3f76319803f7e1330bebb1e6f08a shimx64.efi

@LiangJianNSDL
Copy link
Author

LiangJianNSDL commented Dec 29, 2022 via email

@dennis-tseng99
Copy link
Collaborator

Thank LiangJianNSDL. Yes, I saw your hash is correct after you re-run Dockerfile. Therefore, I just guess the hash values you mentioned in this page must be a typo.

What is the SHA256 hash of your final SHIM binary?

sha256sum shimia32.efi fa07390322fd0c3b913a2ea58f98e6e584b8d871025664327a9b7cfbd4cb7643 shimia32.efi sha256sum shimx64.efi 841a5a2d59a91b2e4fc6e2a9309cd2240833f08b9aad417cbba62f1aaf909fd2 shimx64.efi

@LiangJianNSDL
Copy link
Author

Thank LiangJianNSDL. Yes, I saw your hash is correct after you re-run Dockerfile. Therefore, I just guess the hash values you mentioned in this page must be a typo.

What is the SHA256 hash of your final SHIM binary?

sha256sum shimia32.efi fa07390322fd0c3b913a2ea58f98e6e584b8d871025664327a9b7cfbd4cb7643 shimia32.efi sha256sum shimx64.efi 841a5a2d59a91b2e4fc6e2a9309cd2240833f08b9aad417cbba62f1aaf909fd2 shimx64.efi

Thanks, the SHA256 hash of my final SHIM binary is as follows:
sha256sum shimia32.efi
89ea4fe5c9bd0ad07bdec54c355290b28b2fcb69745d8d10dc0b39e8aaf72dc3 shimia32.efi
sha256sum shimx64.efi
1e578f73ab4b253e030d66e9545b7faceb7b3f76319803f7e1330bebb1e6f08a shimx64.efi

You can find it in the #303
If there something need to fix , please contact us. Thanks your effort.

@frozencemetery frozencemetery removed the bug Problem with the review that must be fixed before it will be accepted label Feb 16, 2023
@frozencemetery
Copy link
Member

Please note #307 .

@frozencemetery frozencemetery added bug Problem with the review that must be fixed before it will be accepted new vendor This is a new vendor contact verification needed Contact verification is needed for this review labels Feb 16, 2023
@steve-mcintyre
Copy link
Collaborator

Superseded by #303

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Problem with the review that must be fixed before it will be accepted contact verification needed Contact verification is needed for this review new vendor This is a new vendor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@frozencemetery @dennis-tseng99 @steve-mcintyre @LiangJianNSDL