On Fri, Jul 11, 2025 at 05:11:02PM -0400, Zhuoying Cai wrote: > The current approach to enabling secure boot relies on providing > -secure-boot and -boot-certificates options, which apply to all boot > devices.
This reference of -secure-boot and -boot-certificates presumably is a left over from an older version of this series which didn't use machine properties ? > > With the possibility of multiple boot devices, secure boot expects all > provided devices to be supported and eligible (e.g., > virtio-blk/virtio-scsi using the SCSI scheme). > > If multiple boot devices are provided and include an unsupported (e.g., > ECKD, VFIO) or a non-eligible (e.g., Net) device, the boot process will > terminate with an error logged to the console. > > Signed-off-by: Zhuoying Cai <zy...@linux.ibm.com> With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
