Hide Forgot
Description of problem: To use RHEL 6 in an UEFI Secure Boot environment I need to sign the grub binary. Version-Release number of selected component (if applicable): grub-0.97-81.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Install the sbsigntools from source 2. Generate keys for signing 3. Sign the grub binary using sbsign --key signing.key --cert signing.pem.crt grub.efi Actual results: warning: gap in section table: .text : 0x00000400 - 0x0001e200, .reloc : 0x0001e209 - 0x0001e609, warning: gap in section table: .reloc : 0x0001e209 - 0x0001e609, .data : 0x0001e600 - 0x00032c00, gaps in the section table may result in different checksums warning: data remaining[228864 vs 251274]: gaps between PE/COFF sections? Expected results: No warnings. Additional info: Hashing the grub via the mokmanager of shim does not work. Maybe because of the gaps in the section tables.
This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux.
We don't support Secure Boot in any way in RHEL 6. On releases where we do support Secure Boot, we don't provide sbsign or support using it for anything. In any event, the problem you're seeing is with sbsign, not in grub.