Hi again,

On 12/04/2016 03:54 PM, Rusty Bird wrote:

Maybe your system still doesn't boot into AEM mode for some reason.

Does /proc/cmdline in dom0 contain "rd.antievilmaid" at the end? If not:
Yes, it does.
In the GRUB boot menu, do you choose the entry "AEM Qubes, with Xen
hypervisor"? If there is no such entry, you may have to rerun the
"anti-evil-maid-install" command.
It also does.

I also get correctly prompted for the TPM key, AND I can also see my secret image displayed while I am prompted for the HD password.

So I for sure boot in AEM mode, and it "looks like" it's working, but if I upgrade the kernel (there was a kernel upgrade today), AEM doesn't notice and still happily displays my secret image :-(

Thanks again for your help.

Kind regards.

