[Bug 1926011] Re: groovy / focal fwupd sbat support

Yuan-Chen Cheng 1926011 at bugs.launchpad.net
Wed May 19 06:25:15 UTC 2021 

I install groovy the same machine as in lp:1921539, #12

Machine: Dell Latitude 5300
BIOS: 1.10.4

and install fwupd 1.4.7-0~20.10.2 / fwupd-signed 1.30.2+1.4.7-0~20.10.2
from the proposed channel.

sbat section exists in both fwupdx64.efi.signed and fwupdx64.efi by
using command: objdump -h fwupdx64.efi.signed.

install shim 15.4-0ubuntu2 / shim-signed 1.47+15.4-0ubuntu2 from hirsute
on the same machine, and turned on secure boot, then I use below command

fwupdmgr install
9da74134678173a97e2d3eb4a79f0beba0e43e85155777e040396bad6b70d0b4-firmware.cab
--allow-reinstall

to re-install bios fw. I reply "Y" to reboot, and the machine reboots
properly into fwupdx64.efi, then it flsh the bios and then reboots to
ubuntu as expected!

Given the above verification result, the verification is passed.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to fwupd-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1926011

Title:
  groovy / focal fwupd sbat support

Status in OEM Priority Project:
  In Progress
Status in fwupd package in Ubuntu:
  Fix Released
Status in fwupd-signed package in Ubuntu:
  Fix Released
Status in fwupd source package in Focal:
  New
Status in fwupd-signed source package in Focal:
  New
Status in fwupd source package in Groovy:
  Fix Committed
Status in fwupd-signed source package in Groovy:
  Fix Committed

Bug description:
  this is a follow-up bug for

  https://bugs.launchpad.net/oem-priority/+bug/1921539/comments/23

  [Impact]
  Future releases of shim will require that EFI binaries that are chainloaded include an SBAT region. fwupd in bionic does not currently contain this region.

  [Test Case]
  Verify that a shim that checks for sbat region can boot the fwupd with sbat region.

  [Regression Potential]
  This is moving to a new stable release in each of the series which is in bug fix only mode. The sbat region is the only "feature" that has been backported to this series in over a year.

To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1926011/+subscriptions

More information about the foundations-bugs mailing list