It seems @Maddes and I have the same conditions. Here's the reds in my case, running fwupdmgr security:
HSI-1 ✘ SPI lock: Disabled ✘ SPI BIOS region: Unlocked HSI-2 ✘ Intel BootGuard ACM protected: Invalid ✘ Intel BootGuard verified boot: Invalid HSI-3 ✘ Intel BootGuard error policy: Invalid ✘ Suspend-to-idle: Disabled ✘ Suspend-to-ram: Enabled HSI-4 ✘ Encrypted RAM: Not supported Runtime Suffix -! ✘ Linux kernel: Tainted here's /sys/class/mei/mei0/fw_ver gives me: 0:16.1.38.2676 0:16.1.38.2676 0:16.1.30.2264 and here's /sys/class/mei/mei0/fw_status 90000245 89210506 00000020 00004000 00000000 40200006 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2125409 Title: BootGuard ACM not forced → TPM FDE disabled in Ubuntu 25.10 installer To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/2125409/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
