mirror of
https://github.com/memtest86plus/memtest86plus.git
synced 2024-11-27 10:00:17 -06:00
04980dfda3
This patch adds a new section, ".sbat", which allows for the revocation of signed binaries given a numeric value representing the set of bugs which allow for arbitrary code execution, and therefore a Secure Boot breakout, in a given family of binaries. In this case, the class is defined as "memtest86+", and the current set of bugs is 1. This doesn't imply that we're aware of bugs currently, merely that when we change it to 2, any bugs that /have/ been discovered have been fixed. Documentation for how SBAT works can be found at the following URLs: https://github.com/rhboot/shim/blob/main/SBAT.md https://github.com/rhboot/shim/blob/main/SBAT.example.md Signed-off-by: Peter Jones <pjones@redhat.com>
137 B
137 B
1 | sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md |
---|---|
2 | memtest86+,1,Memtest86+,6.0,https://github.com/memtest86plus |