Comment 34 for bug 1711203

Yes, it's absolutely possible to recreate the environment for testing this without MAAS -- there's nothing all that special to it, chainloading *any* image should work and maintain a Secure Boot-verified chain provided all the links in the chain validate images.

This looks to be pretty clearly a bug in chainloader's validation of images, it used to work, but only because it wasn't actually verifying much of it in the first place.