Hello, We have an Intel Elkhart Lake device that we are trying to get Secure Boot (via meta-secure-core/meta-efi-secure-boot SELoader) working on using the Dunfell release. This device uses Mender for updates via USB. We have Secure Boot working successfully on a similar device, but that device does not employ Mender.
On the HDD image, /boot/bzImage and /boot/bzImage.p7b (the detached digital signature) are present, as are the set of GRUB artifacts in /boot/efi/BOOT/EFI. As a side note, we do not use an initramfs. Grub and grub.cfg validate on boot, but /boot/bzImage does not. I've read that SELoader can't access anything outside of the /efi partition. If that's correct, how do we work around this issue? Thanks for any help, and let me know if you need further information. Best, Casey
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#56701): https://lists.yoctoproject.org/g/yocto/message/56701 Mute This Topic: https://lists.yoctoproject.org/mt/90356869/21656 Mute #dunfell:https://lists.yoctoproject.org/g/yocto/mutehashtag/dunfell Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
