On Sun, Dec 09, 2012 at 06:37:56PM -0800, Greg KH wrote > Not necessarily, as I'm finding out with real hardware. My only options > on the box I have is to either zero out all keys, or specifically tell > the BIOS what binary to run (doesn't need to be signed, and can not be > changed after telling the BIOS to use it.)
Howsabout the binary being Matthew Garret's chainloader shim as per http://mjg59.dreamwidth.org/20303.html > I'm working with others to see if we can programatically add keys, > which we should, and if so we will offer the code up to do so (it's > published already, we are working on getting it signed by the needed > Microsoft keys right now.) He's already done the heavy lifting. Aren't you re-inventing the wheel? -- Walter Dnes <waltd...@waltdnes.org> I don't run "desktop environments"; I run useful applications