There is a regression in shim-15.4 aarch64 builds where, if built with
binutils pre-2.35, the binary will fail to boot with "Synchronous Exception"
error.
See upstream shim issues page for more details.
Force using shim-15 release for aarch64 only.
Older cert is expired. Use new cert instead.
Signed-off-by: Chris Co <chrco@microsoft.com>
In preparation for supporting UEFI Secure Boot, update shim to shim-15.4 release. This release incorporates all the latest fixes and implements the generation-based revocation scheme, also known as Secure Boot Advanced Targeting (SBAT).
- Update to shim-15.4 release. Remove all previous patches. They are incorporated in latest shim-15.4 release
- Update embedded cert
- Add Mariner SBAT version data
Signed-off-by: Chris Co <chrco@microsoft.com>
Christopher Co