While normal booting is properly supported on both x86 and Arm64, secure
boot reportedly requires quite a bit more work to be actually usable
(and providing the intended guarantees). The mere use of the shim
protocol for verifying the Dom0 kernel image isn't enough.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -63,6 +63,16 @@ For the Cortex A57 r0p0 - r1p1, see Erra
Status, x86 PV: Supported
Status, ARM: Experimental
+### Host EFI Boot
+
+ Status, x86: Supported
+ Status, Arm64: Supported
+
+### Host EFI Secure Boot
+
+ Status, x86: Experimental
+ Status, Arm64: Experimental
+
### x86/Intel Platform QoS Technologies
Status: Tech PreviewHi Jan, On 11/05/2023 15:34, Jan Beulich wrote: > While normal booting is properly supported on both x86 and Arm64, secure > boot reportedly requires quite a bit more work to be actually usable > (and providing the intended guarantees). The mere use of the shim > protocol for verifying the Dom0 kernel image isn't enough. > > Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Julien Grall <jgrall@amazon.com> Cheers, > > --- a/SUPPORT.md > +++ b/SUPPORT.md > @@ -63,6 +63,16 @@ For the Cortex A57 r0p0 - r1p1, see Erra > Status, x86 PV: Supported > Status, ARM: Experimental > > +### Host EFI Boot > + > + Status, x86: Supported > + Status, Arm64: Supported > + > +### Host EFI Secure Boot > + > + Status, x86: Experimental > + Status, Arm64: Experimental > + > ### x86/Intel Platform QoS Technologies > > Status: Tech Preview -- Julien Grall
On 11/05/2023 3:34 pm, Jan Beulich wrote: > While normal booting is properly supported on both x86 and Arm64, secure > boot reportedly requires quite a bit more work to be actually usable > (and providing the intended guarantees). The mere use of the shim > protocol for verifying the Dom0 kernel image isn't enough. > > Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
© 2016 - 2024 Red Hat, Inc.