On Wed, Jun 28, 2023 at 04:26:58PM +, Neil Jones wrote:
Please can someone describe the format of the file needed for the default /
built-in EFI secure boot keys (ubootefi.var)
The only docs I have found suggest its best to enroll the keys from within
u-boot onto some removable media, then
e gone)
From: AKASHI Takahiro
Sent: 29 June 2023 02:01
To: Neil Jones
Cc: u-boot@lists.denx.de
Subject: Re: EFI Secure boot default keys
On Wed, Jun 28, 2023 at 04:26:58PM +, Neil Jones wrote:
Please can someone describe the format of the file needed for t
EK.aut
setenv -e -nv -bs -rt -at -i ${loadaddr}:$filesize KEK
fatload mmc 0:1 ${loadaddr} DB.aut
setenv -e -nv -bs -rt -at -i ${loadaddr}:$filesize db
efidebug boot order 1 2 ### This command overwrites the keys just loaded
Cheers,
Neil
>
>Thanks,
&g
1 ${loadaddr} DB.aut
> setenv -e -nv -bs -rt -at -i ${loadaddr}:$filesize db
> efidebug boot order 1 2 ### This command overwrites the keys just loaded
Are you sure that "env print -e" shows all the variables including
PK, KEK and db at this point?
Since I don&
Anyhow, please try to enable CONFIG_EFI_VARIABLES_PRESEED with
EFI_VAR_FILE_NAME set. Otherwise, those variables will never be
restored.
(This is another topic that are not described in doc/develop/uefi.)
Thanks,
-Takahiro Akashi
> => efidebug boot order 2 1
> => fatls mmc 0:1
>
ave to re-enrol them:
=> fatls mmc 0:1
3040 ubootefi.var
1 file(s), 0 dir(s)
=> efidebug boot order 2 1
=> fatls mmc 0:1
440 ubootefi.var
(Size drops from 3040 to 440 bytes and keys have gone)
From: AKASHI Takahiro
Sent: 29 June 2023 02:01
To: Neil Jones
Cc: u-boo
On Wed, Jun 28, 2023 at 04:26:58PM +, Neil Jones wrote:
> Please can someone describe the format of the file needed for the default /
> built-in EFI secure boot keys (ubootefi.var)
>
> The only docs I have found suggest its best to enroll the keys from within
> u-boot onto some removable med
7 matches
Mail list logo
