From 7bf7a6d0852382bb645119b18df3ff461aaba247 Mon Sep 17 00:00:00 2001
From: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>
Date: Tue, 21 Aug 2018 14:22:44 -0400
Subject: New upstream version 15+1533136590.3beb971

---
 TODO | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'TODO')

diff --git a/TODO b/TODO
index a2cad71d..bdfab075 100644
--- a/TODO
+++ b/TODO
@@ -27,5 +27,18 @@
   the string table :/
 - Make build.log an artifact of building.
 - KEK for Mok.  (koike expressed an interest in working on this.)
+- Detection of fallback.efi boot loops
+  - Some tablet devices seem to always boot the fallback path, ignoring
+    boot variables, so we need to detect that.
+  - fallback creates 2 variables, one volatile, one nonvolatile
+  - if shim sees the nonvolatile variable but not the volatile one, it has
+    been booted correctly after fallback has run, so it should remove the
+    nonvolatile variable.
+  - if fallback sees the nonvolatile variable, it is in a fallback boot
+    loop, and should launch the next stage instead of rebooting.
+  - This means the TPM extend chain on machines with broken BDS always
+    looks like: shim -> fallback -> shim -> grub2 -> kernel, *except* on
+    boots from removable media (i.e. install media without fallback),
+    where it looks like shim -> grub2 -> kernel /once/.
 
 # vim:filetype=mail:tw=74
-- 
cgit v1.2.3