Bug 1217399

Summary: [doc] Issue in "Secure boot"
Product: [openSUSE] PUBLIC SUSE Linux Enterprise Server 15 SP6 Reporter: Marcela Maslanova <marcela.maslanova>
Component: DocumentationAssignee: Christoph Wickert <cwickert>
Status: RESOLVED WONTFIX QA Contact: Frank Sundermeyer <fs>
Severity: Normal    
Priority: P3 - Medium CC: dmitri.popov, ihno, rtsvetkov, taroth, viktors.trubovics
Version: unspecified   
Target Milestone: ---   
Hardware: S/390-64   
OS: Other   
Whiteboard: https://jira.suse.com/browse/DOCTEAM-1158
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcela Maslanova 2023-11-22 12:38:51 UTC 
Secure boot:

https://susedoc.github.io/doc-sle/main/single-html/SLES-deployment/#sec-zseries-prep-secure-boot

Secure boot is possible since z/VM 7.3 on z/VM virtualization level. Requirements is to have these updated too: The MCLs for the Support Elements (Bundle S82s) and HMCs (Bundle H54).

Note: we didn't test it yet, but according IBM, it should work under these conditions.
Comment 1 Marcela Maslanova 2023-11-22 14:09:12 UTC 
The official documentation https://www.ibm.com/docs/en/SSB27U_7.3.0/pdf/hcpk4_v7r3.pdf page xiii.
Comment 2 Tomáš Bažant 2023-11-30 11:27:03 UTC 
Thank you for reporting this bug!
It is being tracked and processed as part of our queue.
Comment 3 Christoph Wickert 2023-12-01 12:17:32 UTC 
We usually only document what has undergone QA or at least some smoke testing. Additionally, I don't have access to Z hardware, so I very much rely on your input here.

I think the first step would be to have some test and briefly document it before I can document it according to our standards. Can you provide me with some input and/or a contact person?
Comment 5 Viktors Trubovics 2023-12-01 15:50:03 UTC 
I did not try secure boot on zVM 7.3. I had only statement from IBM that it supports it, but they did not provide yet zVM 7.3, only 7.2.
So I did not have my hands on secure boot on zVM.
Comment 6 Marcela Maslanova 2023-12-13 08:56:30 UTC 
We weren't able to verify secure boot as we found out the secure boot on z/VM runs only on the latest machine, which we don't have. Linux ONE IV (z16).

I'm not sure if we need to update docs after these findings :-/
Comment 8 Marcela Maslanova 2023-12-14 10:04:00 UTC 
Let's close it until z16 are more common.