From: joeyli <jlee@suse.com>
To: James Bottomley <James.Bottomley@parallels.com>
Cc: linux-kernel@vger.kernel.org
Subject: Re: UEFI Secure boot using qemu-kvm
Date: Thu, 28 Jun 2012 18:49:57 +0800 [thread overview]
Message-ID: <1340880597.6196.158.camel@linux-s257.site> (raw)
In-Reply-To: <d9f6fbce-f07a-4347-bce5-8fb20971944b@email.android.com>
於 四,2012-06-28 於 11:22 +0100,James Bottomley 提到:
>
> joeyli <jlee@suse.com> wrote:
>
> >Hi James,
> >
> >On Wed, Jun 27, 2012 at 06:34:05PM +0100, James Bottomley wrote:
> >
> >> The purpose of this email is to widen the pool of people who are
> >playing
> >> with UEFI Secure boot. The Linux Foundation Technical Advisory Board
> >> have been looking into this because it turns out to be rather
> >difficult
> >> to lay your hands on real UEFI Secure Boot enabled hardware.
> >
> >
> >I am following your approach to reproduce your UEFI environment with
> >qemu-kvm. After run qemu-system-x86_64 the kvm launched and go to UEFI
> >shell success. So far so good!
> >
> >But, I got a problem is the keyboard layout is not US keyboard, So I
> >need build a mapping table for reference when key-in any letter:
> >
> >[ e
> >/ x
> >s i
> >enter t
> >down enter
> >page up down
> >...
> >
> >
> >Did you meet this issue on your side?
>
> Well no. I've got a US keyboard. You probably need the keymap directory from qemu-kvm.
>
> The best thing is probably to copy all the qemu files to a new directory and then copy in the qemu-ovmf ones (assuming standard qemu-kvm works for you).
>
> James
Yes, I just found the problem happen on using SSH login to the machine
that have qemu-kvm and launch it with UEFI shell.
If I direct launch kvm on the machine, everything is OK!
I already import your PK.cer and KEK.cer and run
HelloWorld.efi/HelloWorld-signed.efi to verify the secure boot success.
When running non-signed file, shell show up:
Error reported: Access Denied
Thanks a lot for your document and RPMs on OBS, it's really useful to me
for verify secure boot.
Regards
Joey Lee
next prev parent reply other threads:[~2012-06-28 10:50 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-28 10:01 UEFI Secure boot using qemu-kvm joeyli
2012-06-28 10:22 ` James Bottomley
2012-06-28 10:49 ` joeyli [this message]
[not found] ` <CAGLnvc-hLpUZaaOkeWMRtYefwL5goxuWP_99FyAzem7s_mncPg@mail.gmail.com>
2012-06-28 10:24 ` Fwd: " joeyli
2012-06-30 16:21 ` joeyli
2012-07-12 22:17 ` Khalid Aziz
2012-07-19 9:41 ` James Bottomley
2012-07-19 15:55 ` Khalid Aziz
-- strict thread matches above, loose matches on Subject: below --
2012-06-27 17:34 James Bottomley
2012-06-27 18:15 ` Matthew Garrett
2012-06-27 19:35 ` James Bottomley
2012-06-27 19:38 ` Matthew Garrett
2012-06-27 19:53 ` James Bottomley
2012-06-27 20:01 ` Matthew Garrett
2012-06-28 18:36 ` Alex Elsayed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1340880597.6196.158.camel@linux-s257.site \
--to=jlee@suse.com \
--cc=James.Bottomley@parallels.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.