This series allows to boot linux kernels and other efi binaries via direct kernel load with secure boot enabled.
The series adds two new fw_cfg files: 'etc/boot/kernel' contains the kernel without modifications (no setup header patching), and 'etc/boot/shim' contains shim. The path to the shim binary can be passed to qemu using the new '-shim' command line switch. This needs a companion patch series for tianocore which will put the new fw_cfg files into use, a draft of that series can be found here: https://github.com/kraxel/edk2/commits/devel/direct-secure-boot/ With everything in place it is possible to use direct kernel load with secure boot enabled. take care, Gerd Gerd Hoffmann (5): vl: fix qemu_validate_options() indention x86/loader: only patch linux kernels x86/loader: read complete kernel x86/loader: expose unpatched kernel x86/loader: add -shim option include/hw/boards.h | 1 + hw/core/machine.c | 20 ++++++++++++++++++++ hw/i386/x86.c | 32 ++++++++++++++++++++++++++------ system/vl.c | 25 +++++++++++++++++-------- qemu-options.hx | 7 +++++++ 5 files changed, 71 insertions(+), 14 deletions(-) -- 2.44.0