From mboxrd@z Thu Jan 1 00:00:00 1970 Subject: Enabling Secure boot To: devel@edk2.groups.io From: sent888@gmail.com X-Originating-Location: Chennai, Tamil Nadu, IN (49.207.181.94) X-Originating-Platform: Linux Firefox 87 User-Agent: GROUPS.IO Web Poster MIME-Version: 1.0 Date: Wed, 31 Mar 2021 07:02:37 -0700 Message-ID: Content-Type: multipart/alternative; boundary="zOx0anG7tlrToGlfG55g" --zOx0anG7tlrToGlfG55g Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, I want to enable secure boot in edk2. I am using edk2-2017 with coreboot f= or Intel architecture. I compiled edk with -D -D SECURE_BOOT_ENABLE and als= o applied some patches, with this I am getting secure boot configuration in= the Boot Menu configuration. But " *AttemptSecureBoot" is disabled.* I am = tried to change to standard mode to custom mode to enroll keys but NVRAM su= pport is not there. So after reset also same default settings coming. As NVRAM support is not there, I am planning to hard code the keys in the = code or to go with standard secure boot mode. By default the edk2 is in set= up mode so secure is not enabled. How to change the secure boot mode to default user mode? Regards, gsen. --zOx0anG7tlrToGlfG55g Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi,

I want to enable secure boot in edk2. I am using edk2-2017 w= ith coreboot for Intel architecture. I compiled edk with -D -D SECURE_BOOT_= ENABLE and also applied some patches, with this I am getting secure boot co= nfiguration in the Boot Menu configuration. But "AttemptSecureBoot"= is disabled. I am tried to change to standard mode to custom= mode to enroll keys but NVRAM support is not there. So after reset also sa= me default settings coming.
As NVRAM support is not there, I am planni= ng to hard code the keys in the code or to go with standard secure boot mod= e. By default the edk2 is in setup mode so secure is not enabled.  How to change the secure boot mode to default user mode?

Rega= rds,
gsen. --zOx0anG7tlrToGlfG55g--