On Mon, Apr 15, 2024 at 03:30:32PM +0200, Gerd Hoffmann wrote:
> Hi,
>
> > > Options I see:
> > >
> > > (a) Stop using direct kernel boot, let virt-install & other tools
> > > create vfat boot media with shim+kernel+initrd instead.
> > >
> > > (b) Enroll the distro signing keys in
Hi,
> > Options I see:
> >
> > (a) Stop using direct kernel boot, let virt-install & other tools
> > create vfat boot media with shim+kernel+initrd instead.
> >
> > (b) Enroll the distro signing keys in the efi variable store, so
> > booting the kernel without shim.efi works.
On Wed, Apr 10, 2024 at 12:35:13PM +0200, Gerd Hoffmann wrote:
> On Wed, Apr 10, 2024 at 03:26:29AM -0400, Michael S. Tsirkin wrote:
> > On Wed, Apr 10, 2024 at 09:21:26AM +0200, Gerd Hoffmann wrote:
> > > If the binary loaded via -kernel is *not* a linux kernel (in which
> > > case protocol ==
> > > Options I see:
> > >
> > > (a) Stop using direct kernel boot, let virt-install & other tools
> > > create vfat boot media with shim+kernel+initrd instead.
> > >
> > > (b) Enroll the distro signing keys in the efi variable store, so
> > > booting the kernel without shim.efi
On Wed, Apr 10, 2024 at 07:10:22AM -0400, Michael S. Tsirkin wrote:
> On Wed, Apr 10, 2024 at 12:35:13PM +0200, Gerd Hoffmann wrote:
> > On Wed, Apr 10, 2024 at 03:26:29AM -0400, Michael S. Tsirkin wrote:
> > > On Wed, Apr 10, 2024 at 09:21:26AM +0200, Gerd Hoffmann wrote:
> > > > If the binary
On Wed, Apr 10, 2024 at 12:35:13PM +0200, Gerd Hoffmann wrote:
> On Wed, Apr 10, 2024 at 03:26:29AM -0400, Michael S. Tsirkin wrote:
> > On Wed, Apr 10, 2024 at 09:21:26AM +0200, Gerd Hoffmann wrote:
> > > If the binary loaded via -kernel is *not* a linux kernel (in which
> > > case protocol ==
On Wed, Apr 10, 2024 at 03:26:29AM -0400, Michael S. Tsirkin wrote:
> On Wed, Apr 10, 2024 at 09:21:26AM +0200, Gerd Hoffmann wrote:
> > If the binary loaded via -kernel is *not* a linux kernel (in which
> > case protocol == 0), do not patch the linux kernel header fields.
> >
> > It's (a)
