From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:400c:c09::236; helo=mail-wm0-x236.google.com; envelope-from=zaolin.daisuki@gmail.com; receiver=edk2-devel@lists.01.org Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 108712121494F for ; Tue, 12 Jun 2018 06:12:05 -0700 (PDT) Received: by mail-wm0-x236.google.com with SMTP id 69-v6so23207477wmf.3 for ; Tue, 12 Jun 2018 06:12:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:from:subject:message-id:date:user-agent:mime-version :content-language; bh=f3TC2QeS8AK2YwQzkDmoezsKJiBZBw8+FEhy3uWmc54=; b=N05T7x9cuXqqXx4s8Lgjo2DDPIo1T65/LLLMKb8k5llfTv2hQFE2PPpDOfqZWzlytt RlYaj8jUqlrxV1DVhHa7W/ZQ/U9ob2kLI6dy2DVyP8zF0s70SsD3ykgkE+SCwmeOrN8H XUXBIwkPPoYGE7fMKZD2X1uE5PON4g8qpqvFObicp9CV2fWC/hBYR6LLC0etxq1ujJ4E wNXkj1DJFfHYsrnS+c68oUNKyHvCQ/dkvl6jWVxgEM9wGH8wwth/rYimHedSCAcw7AIE R2RsNLShjrGBrDh7DbP15e19ej5uEs1OXzgMZDADlg8JcVqzLx9TS7qZv+iYUz7cEwPu IleA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-language; bh=f3TC2QeS8AK2YwQzkDmoezsKJiBZBw8+FEhy3uWmc54=; b=qHoZC/sdC4UkK+e/csEdQbGgsC9FkjgeiGGe/PgLy1Q8r8bbUIl6wNIZp2tWMnQ5o/ RZXaLStuc4w+CogMSBiJr/aAe7jk/yk5ZWIOByq+5PZ3jmoHfdMaDwHDAoJ+wZU5ScHt XksamZNvhfy3XWF+onfpCGK/CAnTxPjjz8m6T/wQteH1FJdFBYrQsXuhhQ6n6zRsEWMe Rfu4ftnA8lYDrgsXmE1eO0nEsOS2IW7TJA1SM+iHanhpCKFtnXy9KTxDLFLKHAf05tCM 7A5/PW5SZAsIiQZ/Uq90fbUjcSxG1Fa97fKqXfrZWqTZPH616HbS5XIUU9ijOkNP2HfB 7vEQ== X-Gm-Message-State: APt69E0yJfwt3l6wcTENR1cuXRUJprAgDbE6OLkssGq5w9n8OBeNvLcr FZ0KO9pl+jLl2/GDROaP4tQXIAkG X-Google-Smtp-Source: ADUXVKJdAOCR9VKbxxpa/ulPebzopyCdVUJ4qokV3buqIy4RJgsxuX+XpWUm5d8ETc+uJIQCpXsIHA== X-Received: by 2002:a1c:7a19:: with SMTP id v25-v6mr197563wmc.81.1528809123570; Tue, 12 Jun 2018 06:12:03 -0700 (PDT) Received: from [172.25.20.218] (b2b-78-94-0-50.unitymedia.biz. [78.94.0.50]) by smtp.gmail.com with ESMTPSA id s191-v6sm759149wmd.27.2018.06.12.06.12.02 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 12 Jun 2018 06:12:03 -0700 (PDT) To: edk2-devel@lists.01.org From: Philipp Deppenwiese Message-ID: Date: Tue, 12 Jun 2018 15:12:01 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 X-Content-Filtered-By: Mailman/MimeDel 2.1.26 Subject: [OvmfPkg] Secure Boot issues X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2018 13:12:06 -0000 Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Hey people, We are experiencing issues with UEFI secure boot enabled on UDK 2018 for the OvmfPkg. Reproducible issue: 1) Add following code + files as dxe driver. https://gist.github.com/zaolin/976d0d2ad68bcd05c10ffdb2530341fc 2) Build OvmfPkg with -DSECURE_BOOT_ENABLE=TRUE 3) Windows 10 boots and crashes in Qemu with a /KMODE_EXCEPTION_NOT_HANDLED./ If we don't populate the keys or use Linux in with secure boot turned on everything is totally fine. Any suggestions ? Best Regards, Philipp