------- Comment From [email protected] 2025-05-18 23:27 EDT------- Hi Mate, Firmware couldn't load the signed grub and Sudhakar identified the issue that it is still using the older format for SBAT. It has been updated in the final version of the upstream patch.
Currently, it is using: 002287d0 00 14 2f 62 6f 6f 74 2f 67 72 75 62 00 00 00 00 |../boot/grub....| 002287e0 00 00 00 1f 00 00 00 e4 73 62 61 74 53 65 63 75 |........sbatSecu| 002287f0 72 65 2d 42 6f 6f 74 2d 41 64 76 61 6e 63 65 64 |re-Boot-Advanced| 00228800 2d 54 61 72 67 65 74 69 6e 67 00 00 73 62 61 74 |-Targeting..sbat| This was changed in the final upstreamed version as mentioned below: In order to store the SBAT data we create a new ELF note. The string ".sbat", zero-padded to 4 byte alignment, shall be entered in the name field. The string "SBAT"'s ASCII values, 0x53424154, should be entered in the type field. Please pick SBAT patches from upstream. The commits are as below: 9a9082b50 grub-mkimage: Add SBAT metadata into ELF note for PowerPC targets f97d4618a grub-mkimage: Create new ELF note for SBAT Another thing that Sudhakar noticed is that the space allocation in ELF note is larger than actual signature size. We wanted to understand if there is any specific reason for large space allocation? Thanks & Regards, - Nayna -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064319 Title: Power guest secure boot with key management: GRUB2 portion To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2064319/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
