From ec70c7692f99d883bf6b378e3dbda346b3069a6abbf45298bf0ccb4dce1625bb Mon Sep 17 00:00:00 2001
From: "Marc S. Weidner" <msw@coresecret.dev>
Date: Tue, 18 Nov 2025 17:28:05 +0000
Subject: [PATCH] V8.13.432.2025.11.18

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
---
 docs/MAN_CISS_ISO_BOOT_CHAIN.md | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/docs/MAN_CISS_ISO_BOOT_CHAIN.md b/docs/MAN_CISS_ISO_BOOT_CHAIN.md
index b4ceaf8..5d39442 100644
--- a/docs/MAN_CISS_ISO_BOOT_CHAIN.md
+++ b/docs/MAN_CISS_ISO_BOOT_CHAIN.md
@@ -51,9 +51,9 @@ flowchart TD
   end
 
   subgraph Trusted Secure Boot
-    0030 e03@--> |SUCCESSFUL| 0040["Loading \EFI\BOOT\BOOTX64.EFI"];
-    0040 e04@--> 0050["Loading \EFI\BOOT\GRUBX64.EFI"];
-    0050 e05@--> 0060["Loading initrd.img"];
+    0030 e03@--> |SUCCESSFUL| 0040["Secure Boot: load & verify \\EFI\\BOOT\\BOOTX64.EFI (shim)"];
+    0040 e04@--> |SUCCESSFUL| 0050["shim: load & verify \\EFI\\BOOT\\GRUBX64.EFI"];
+    0050 e05@--> 0060["GRUB: load vmlinuz + initrd.img, set cmdline"];
     e03@{ animation: fast }
     e04@{ animation: fast }
     e05@{ animation: fast }
@@ -74,9 +74,12 @@ flowchart TD
     ROOT e15@--> 0126["Executing 0026-ciss: Hardening early sysctls"];
     0126 e16@--> 0130["Executing 0030-ciss: Verification of authenticity and integrity via embedded and pinned GPG of ISO edge"];
     0130 e17@--> |SUCCESSFUL| 0142["Executing 0042-ciss: Attestation of RootFS"];
-    0142 e18@--> |SUCCESSFUL| 9000["Switching root"];
-    9000 e19@--> 9010["Starting /sbin/init -> systemd"];
-    9010 e20@--> 9020["Starting Target Units"];
+    0142 e18@--> |SUCCESSFUL| 9050["Switching root (run-init / pivot_root)"];
+    0142 e19@--> |SUCCESSFUL| 0145["init-bottom: stop CISS.hardened dropbear, tear down initramfs net"];
+    0145 e20@--> 9050;
+    9050 e21@--> 9010["Starting /sbin/init -> systemd"];
+    9000 e22@--> 9010["Starting /sbin/init -> systemd"];
+    9010 e23@--> 9020["Starting Target Units"];
     e06@{ animation: fast }
     e07@{ animation: fast }
     e08@{ animation: fast }
@@ -92,15 +95,19 @@ flowchart TD
     e18@{ animation: fast }
     e19@{ animation: fast }
     e20@{ animation: fast }
+    e21@{ animation: fast }
+    e22@{ animation: fast }
+    e23@{ animation: fast }
   end
 
   subgraph Finale State
-      9020 e21@--> 9030{{"CISS.debian.live.builder Waiting for Login"}};
+      9020 e24@--> 9030{{"CISS.debian.live.builder Waiting for Login"}};
       X{{"CISS.debian.live.builder Boot process halted"}};
-      e21@{ animation: fast }
+      e24@{ animation: fast }
   end
 
 0030 -- FAIL --> X;
+0040 -- FAIL --> X;
 0124 -- FAIL --> X;
 0130 -- FAIL --> X;
 0142 -- FAIL --> X;