LifeCycle controller logs ----------------------------------- UEFI0074-The Secure Boot policy has been modified since the last time the system was started. Detailed Description: The system BIOS logs this message after detecting a change in Secure Boot policy settings. Such a change may result from user configuration or a system BIOS update. Changes to the following settings trigger this message: 1) Secure Boot (Enable/Disable) 2) Secure Boot Policy (Standard/Custom) 3) Platform Key 4) Key Exchange Keys 5) Authorized Signature Database (db) 6) Forbidden Signature Database (dbx). Recommended Action:Review the Secure Boot policy settings in System Setup > System BIOS > Security Settings page. If policy changes were expected, no action is necessary. Otherwise, modify the Secure Boot policy settings as needed.
Dmesg logs ---------------------- root@ubuntu:~# dmesg |grep -i secure [ 0.000000] secureboot: Secure boot disabled [ 0.012309] secureboot: Secure boot disabled [ 10.251237] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0' [ 10.258614] (2017): 242ade75ac4a15e50d50c84b0d45ff3eae707a03' [ 10.266502] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing (ESM 2018): 365188c1d374d6b07c3c8f240f8ef722433d6a8b' [ 10.273814] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing (2019): c0746fd6c5da3ae827864651ad66ae47fe24b3e8' [ 10.280706] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing (2021 v1): a8d54bbb3825cfb94fa13c9f8a594a195c107b8d' [ 10.288123] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing (2021 v2): 4cf046892d6fd3c9a5b03f98d845f90851dc6a8c' [ 10.295040] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing (2021 v3): 100437bb6de6e469b581e61cd66bce3ef4ed53af' [ 10.301685] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing (Ubuntu Core 2019): c1d57b8f6b743f23ee41f4f7ee292f06eecadfb9' [ 10.485916] integrity: Loaded X.509 cert 'VMware, Inc.: VMware Secure Boot Signing: 04597f3e1ffb240bba0ff0f05d5eb05f3e15f6d7' [ 10.522527] blacklist: Revoked X.509 cert 'Debian Secure Boot Signer: 00a7468def' -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2055121 Title: [DELL Ubuntu 22.04.3] observing "UEFI0074 The Secure Boot policy has been modified since the last time the system was started." logs in LC. Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing Status in linux package in Ubuntu: New Bug description: Description: [DELL Ubuntu 22.04.3] observing "UEFI0074 The Secure Boot policy has been modified since the last time the system was started." logs in LC. Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing in dmesg. Version-Release ubuntu 22.04.3, 24.04.4 Steps to Reproduce: 1. BIOS (Reset default and clear NVRAM) 2. install ubuntu 22.04.3 / 24.04.4 3. Post OS installation reboot the system and check LC logs warning messgae will be displayed. 4. Check dmesg for logs like : Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing. Note: This warning and dmesg logs will be showed only when you deafault bios and clear NVRAM. not seen warning message without clearing BIOS NVRAM. Is this the behavaviour is expected when install os after clearing BIOS NVRAM? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2055121/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
