Skip to content

Commit

Permalink
Review request of shim 15.8-1~deb12u1endless1 for Endless OS
Browse files Browse the repository at this point in the history
  • Loading branch information
dbnicholson committed Aug 23, 2024
1 parent fb8d172 commit 2c0d178
Show file tree
Hide file tree
Showing 2 changed files with 289 additions and 60 deletions.
40 changes: 28 additions & 12 deletions ISSUE_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -1,30 +1,46 @@
Confirm the following are included in your repo, checking each box:

- [ ] completed README.md file with the necessary information
- [ ] shim.efi to be signed
- [ ] public portion of your certificate(s) embedded in shim (the file passed to VENDOR_CERT_FILE)
- [ ] binaries, for which hashes are added to vendor_db ( if you use vendor_db and have hashes allow-listed )
- [ ] any extra patches to shim via your own git tree or as files
- [ ] any extra patches to grub via your own git tree or as files
- [ ] build logs
- [ ] a Dockerfile to reproduce the build of the provided shim EFI binaries
- [x] completed README.md file with the necessary information
https://github.com/endlessm/shim-review/blob/endless-shim-x64-20240822/README.md
- [x] shim.efi to be signed
https://github.com/endlessm/shim-review/blob/endless-shim-x64-20240822/shimx64.efi
- [x] public portion of your certificate(s) embedded in shim (the file passed to VENDOR_CERT_FILE)
https://github.com/endlessm/shim-review/blob/endless-shim-x64-20240822/endless-uefi-ca.der
- [x] binaries, for which hashes are added to vendor_db ( if you use vendor_db and have hashes allow-listed )
We do not use the vendor_db functionality.
- [x] any extra patches to shim via your own git tree or as files
https://github.com/endlessm/shim/tree/endless/15.8-1_deb12u1endless1/debian/patches
- [x] any extra patches to grub via your own git tree or as files
The full set of patches relative to 2.06 can be viewed at
https://github.com/endlessm/grub/compare/grub-2.06...Release_6.0.2 The
commits with `[DEB]` prefix come from Debian's `2.06-13+deb12u1` release.
All other commits are Endless specific.
- [x] build logs
https://github.com/endlessm/shim-review/blob/endless-shim-x64-20240822/buildlog.txt
- [x] a Dockerfile to reproduce the build of the provided shim EFI binaries
https://github.com/endlessm/shim-review/blob/endless-shim-x64-20240822/Dockerfile

*******************************************************************************
### What is the link to your tag in a repo cloned from rhboot/shim-review?
*******************************************************************************
`https://github.com/user/shim-review/tree/myorg-shim-arch-YYYYMMDD`
https://github.com/endlessm/shim-review/releases/tag/endless-shim-x64-20240822

*******************************************************************************
### What is the SHA256 hash of your final SHIM binary?
*******************************************************************************
[your text here]
`7859e02e1fc6dff8e2b221dfcbfaffcb6d1e95e2acb65403e5db7c849f9221cd`

*******************************************************************************
### What is the link to your previous shim review request (if any, otherwise N/A)?
*******************************************************************************
[your text here]
https://github.com/rhboot/shim-review/issues/176

*******************************************************************************
### If no security contacts have changed since verification, what is the link to your request, where they've been verified (if any, otherwise N/A)?
*******************************************************************************
[your text here]
The security contacts have not changed, however I can't find any indication of
verification in any previous reviews. Those are:

https://github.com/rhboot/shim-review/issues/176
https://github.com/rhboot/shim-review/issues/105
https://github.com/rhboot/shim-review/issues/61
Loading

0 comments on commit 2c0d178

Please sign in to comment.