[uefi-secure-boot-guide] master: Add notes about the shim. (ddc5e2b)
sparks at fedoraproject.org
sparks at fedoraproject.org
Fri Feb 1 21:46:06 UTC 2013
Repository : http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git
On branch : master
>---------------------------------------------------------------
commit ddc5e2bbd1fba9df7a20f78be974c0a1f643208d
Author: Josh Bressers <josh at bress.net>
Date: Thu Jan 31 14:48:23 2013 -0600
Add notes about the shim.
>---------------------------------------------------------------
en-US/Implementation_of_Secure_Boot.xml | 8 ++++++++
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/en-US/Implementation_of_Secure_Boot.xml b/en-US/Implementation_of_Secure_Boot.xml
index 418ab28..1740fe5 100644
--- a/en-US/Implementation_of_Secure_Boot.xml
+++ b/en-US/Implementation_of_Secure_Boot.xml
@@ -90,6 +90,14 @@ URI:https://fedoraproject.org/wiki/Features/SecureBoot
<section id="sect-UEFI_Secure_Boot_Guide-Implementation_of_UEFI_Secure_Boot-Shim">
<title>The Shim</title>
<para>
+ In &PRODUCT; there are two packages that make up the shim. The
+package named "shim" is the result of compiling the source code that makes
+up the shim. This package will not boot the system as it is not signed. The
+results of building the shim package are signed, then incorporated into the
+shim-signed package. The shim-signed package contians the signed binary
+that is capable of booting the system.
+ </para>
+ <para>
The shim package also contains a blacklist of known bad keys or
binaries that should not be allowed to boot. Microsoft will provide this
list to &PROJECT; for inclusion. This may create periodic update to the
More information about the docs-commits
mailing list