Hi All, I am new to grub and UEFI secure boot and so a beginners question. UEFI secureboot on a Arm64 platform works fine with Grub 2.04 version. The linux kernel image is authenticated and loaded. But the same with Grub 2.06 version does not progress - following error messages are displayed.
error: shim_lock protocol not found. error: you need to load the kernel first. With reference of "https://www.mail-archive.com/help-grub@gnu.org/msg05375.html";, created Grub image with "--disable-shim-lock" option. This change solved the "shim_lock" error but then the following error message started appearing- error: verification requested but nobody cares: /Image. error: you need to load the kernel first. Press any key to continue... A large set of patches addressing bootHole vulnerability (https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html) have been merged in the Grub 2.06 version. Does this change the way images are signed or is there any other change introduced that required UEFI secure boot to be handled differently on the platform. Request any suggestion that would help validate UEFI secure boot with Grub 2.06 and later version. Thanks, Sayanta _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
