[SRU][Bionic/linux-aws][PATCH 0/2] Enabled signed kernels
Stefan Bader
stefan.bader at canonical.com
Thu Jan 20 08:51:13 UTC 2022
On 18.01.22 16:57, Ian May wrote:
> BugLink: https://bugs.launchpad.net/bugs/1951011
>
> [Impact]
>
> Ubuntu AWS kernels on secure boot instances will not load.
>
> [Fix]
>
> Generate signed kernels and packages
> These 2 addtional patches are needed to successfully build
> an arm64 signed package on Bionic
>
> [Test Plan]
>
> Boot in a secure boot (UEFI) environment.
>
> [Where problems could occur]
>
> Build failure on main or signed package, or inability to boot
> with secure boot due to improper signing
>
> Seth Forshee (2):
> UBUNTU: [Packaging] aws: remove handoff check for uefi signing
> UBUNTU: [Packaging] aws: decompress gzipped efi images in signing
> tarball
>
> debian/rules.d/2-binary-arch.mk | 12 ++++++++----
> 1 file changed, 8 insertions(+), 4 deletions(-)
>
These are additional patches but you "re-use" the initial bug report (and it
feels like the subject also does not differ much from the initial submission).
For bionic this looks to be applied already (that would be for current cycle).
The intention is likely to spin again in current cycle. But with all the re-use
it will be darn hard to figure out what is or has been going on. I would
strongly suggest to open a new bug report for this additional set. Which then
also can be limited to those series/kernels which are affected by this.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220120/d74347b5/attachment.sig>
More information about the kernel-team
mailing list