https://bugs.kde.org/show_bug.cgi?id=426167
--- Comment #10 from Harald Sitter <sit...@kde.org> --- Git commit b0846c92dec97f4483ed16042ac67729e7e41ce1 by Harald Sitter. Committed on 11/11/2020 at 13:41. Pushed by sitter into branch 'Neon/release-lts'. attempt to inject the MM image file for secureboot this is missing from upstream live-build unfortunately but at least on ubuntu bases we need it included as the shim.efi will load the mm.efi when it finds certain Mok related nvars being set MM being the mok manager for doing key management. this notably can happen when the user installs ubuntu with proprietary hardware that requires unsigned kernel modules. to still carry out secureboot it needs to enroll a custom key. this is done through the MM. the installation will set a bunch of nvars that get checked by the shim on the next boot and the shim then starts the mm and the mm will enroll the key. if the actual target system shim is never run but instead one directly boots into another live iso that iso's shim would be the one in need of running the mok, hence the need for the mm.efi as otherwise our shim would attempt to load the MM on account of finding Mok related vars and then falling flat on the face because the mm*.efi file doesn't exist this is pretty far out as far as unfortunate chains of events go M +10 -0 scripts/build/lb_binary_grub-efi https://invent.kde.org/neon/forks/live-build/commit/b0846c92dec97f4483ed16042ac67729e7e41ce1 -- You are receiving this mail because: You are watching all bug changes.
