From 58b7eac6210d3c7b1efad2d09863d3de52679205 Mon Sep 17 00:00:00 2001
From: Sayan Chowdhury <schowdhury@microsoft.com>
Date: Wed, 13 Nov 2024 23:54:41 +0530
Subject: [PATCH] sys-boot/shim: Add the README for the shim repo

Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
---
 .../coreos-overlay/sys-boot/shim/README.md           | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-boot/shim/README.md

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-boot/shim/README.md b/sdk_container/src/third_party/coreos-overlay/sys-boot/shim/README.md
new file mode 100644
index 0000000000..c0aeae1081
--- /dev/null
+++ b/sdk_container/src/third_party/coreos-overlay/sys-boot/shim/README.md
@@ -0,0 +1,12 @@
+shim
+====
+
+The repo is used to build the shim required for secure boot. The `flatcar/shim-review`
+repo hosts a `Dockerfile` that builds the shim ebuild and produces the binary
+required for shim-review. The generated `shim.efi` is then submitted for review.
+
+Once the signed shim is received, a release is cut in the `flatcar/shim-review`
+repo, which is then used during the build process. It's important to note that
+the version of the shim and the shim-signed ebuild should be the same. For
+example, if the current version of the shim is `15.8`, the ebuild files should
+be `shim-15.8.ebuild` and `shim-signed-15.8.ebuild` respectively.