Skip to content

Release: 0.11

Compare
Choose a tag to compare
@Foxboron Foxboron released this 25 Mar 14:15
· 216 commits to master since this release
0.11
d1817b9

sbctl is a Secure Boot key manager that helps users create and enroll Platform Keys and managing signing files.

Firmware Quirks

sbctl now supports a system to detect firmware quirks that might affect the security or functionality of Secure Boot.

The initial revision supports detecting the widely reported MSI Secure Boot quirk.

Please see "MSI has very insecure Secure Boot defaults" for details, and #189 for the feature.

Big thanks to @dawidpotocki for solving the initial issue, the implementation of this new feature in sbctl and the
efforts he has put into this :)

Wiki pages

One wiki page for the new firmware quirk system has been added.

Other changes

  • UKIs generated by sbctl now has correct section alignment.

  • enroll-keys with --microsoft will now also enroll the KEK.

  • sbctl now has a filesystem abstraction layer which allows writing proper end-to-end tests of all efivarfs interactions and filesystem interaction.

Full Changelog: 0.10...0.11

Generated list of changes:

What's Changed

New Contributors

Full Changelog: 0.10...0.11