| |
@@ -429,13 +429,21 @@
|
| |
|===
|
| |
|Source of X.509 Keys|User Ability to Add Keys|UEFI Secure Boot State|Keys Loaded During Boot
|
| |
|Embedded in kernel|No|-|`.system_keyring`
|
| |
- |UEFI Secure Boot "db"|Limited|Not enabled|No
|
| |
+ .2+|UEFI Secure Boot "db"
|
| |
+ .2+|Limited
|
| |
+ |Not enabled|No
|
| |
|Enabled|`.system_keyring`
|
| |
- |UEFI Secure Boot "dbx"|Limited|Not enabled|No
|
| |
+ .2+|UEFI Secure Boot "dbx"
|
| |
+ .2+|Limited
|
| |
+ |Not enabled|No
|
| |
|Enabled|`.system_keyring`
|
| |
- |Embedded in `shim.efi` boot loader|No|Not enabled|No
|
| |
+ .2+|Embedded in `shim.efi` boot loader
|
| |
+ .2+|No
|
| |
+ |Not enabled|No
|
| |
|Enabled|`.system_keyring`
|
| |
- |Machine Owner Key (MOK) list|Yes|Not enabled|No
|
| |
+ .2+|Machine Owner Key (MOK) list
|
| |
+ .2+|Yes
|
| |
+ |Not enabled|No
|
| |
|Enabled|`.system_keyring`
|
| |
|===
|
| |
|
| |
@@ -486,13 +494,19 @@
|
| |
[options="header"]
|
| |
|===
|
| |
|Module Signed|Public Key Found and Signature Valid|UEFI Secure Boot State|module.sig_enforce|Module Load|Kernel Tainted
|
| |
- |Unsigned|-|Not enabled|Not enabled|Succeeds|Yes
|
| |
+ .3+|Unsigned
|
| |
+ .3+|-
|
| |
+ |Not enabled|Not enabled|Succeeds|Yes
|
| |
|Not enabled|Enabled|Fails|
|
| |
|Enabled|-|Fails|-
|
| |
- |Signed|No|Not enabled|Not enabled|Succeeds|Yes
|
| |
+ .3+|Signed
|
| |
+ .3+|No
|
| |
+ |Not enabled|Not enabled|Succeeds|Yes
|
| |
|Not enabled|Enabled|Fails|-
|
| |
|Enabled|-|Fails|-
|
| |
- |Signed|Yes|Not enabled|Not enabled|Succeeds|No
|
| |
+ .3+|Signed
|
| |
+ .3+|Yes
|
| |
+ |Not enabled|Not enabled|Succeeds|No
|
| |
|Not enabled|Enabled|Succeeds|No
|
| |
|Enabled|-|Succeeds|No
|
| |
|===
|
| |
Infomation was displayed in incorrect columns because the source tables used row spans