[uefi-secure-boot-guide] master: Add notes about the shim. (dc0bc7e)
sparks at fedoraproject.org
sparks at fedoraproject.org
Fri Feb 1 00:54:36 UTC 2013
Repository : http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git
On branch : master
>---------------------------------------------------------------
commit dc0bc7e65ba2a6d485e382833353763172721faa
Author: Josh Bressers <josh at bress.net>
Date: Thu Jan 31 14:48:23 2013 -0600
Add notes about the shim.
Signed-off-by: Eric Christensen <sparks at redhat.com>
>---------------------------------------------------------------
en-US/Implementation_of_Secure_Boot.xml | 8 ++++++++
1 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/en-US/Implementation_of_Secure_Boot.xml b/en-US/Implementation_of_Secure_Boot.xml
index 6f43ff6..47bfd12 100644
--- a/en-US/Implementation_of_Secure_Boot.xml
+++ b/en-US/Implementation_of_Secure_Boot.xml
@@ -90,6 +90,14 @@ URI:https://fedoraproject.org/wiki/Features/SecureBoot
<section id="sect-UEFI_Secure_Boot_Guide-Implementation_of_UEFI_Secure_Boot-Shim">
<title>The Shim</title>
<para>
+ In &PRODUCT; there are two packages that make up the shim. The
+package named "shim" is the result of compiling the source code that makes
+up the shim. This package will not boot the system as it is not signed. The
+results of building the shim package are signed, then incorporated into the
+shim-signed package. The shim-signed package contians the signed binary
+that is capable of booting the system.
+ </para>
+ <para>
The shim package also contains a blacklist of known bad keys or
binaries that should not be allowed to boot. Microsoft will provide this
list to &PROJECT; for inclusion. This may create periodic update to the
More information about the docs-commits
mailing list