EFI Secure boot default keys
Neil Jones
neil.jones at blaize.com
Wed Jun 28 18:26:58 CEST 2023
Please can someone describe the format of the file needed for the default / built-in EFI secure boot keys (ubootefi.var)
The only docs I have found suggest its best to enroll the keys from within u-boot onto some removable media, then copy this off and use this as the default, this is not very helpful and doesn't work for me:
=> fatload mmc 0:1 ${loadaddr} PK.aut
2053 bytes read in 18 ms (111.3 KiB/s)
=> setenv -e -nv -bs -rt -at -i ${loadaddr}:$filesize PK
setenv - set environment variables
Usage:
setenv setenv [-f] name value ...
- [forcibly] set environment variable 'name' to 'value ...'
setenv [-f] name
- [forcibly] delete environment variable 'name'
my setenv doesn't support all the extra switches ? This is with 2022.04, all other EFI options seem to be in this release and I can boot unsigned EFI images ok.
Cheers,
Neil
More information about the U-Boot
mailing list