Comments (20)
Foxboron
commented on August 14, 2024
They are intentionally not created. I'm more curious to figure out why sbctl enroll-keys doesn't work? Have you enabled usermode properly?
from sbctl.
demostanis
commented on August 14, 2024
sbctl status:
Setup Mode: ✔ Disabled
Secure Boot: ✘ Disabled
sbctl enroll-keys:
‼ File is immutable: /sys/firmware/efi/efivars/PK-8be4df61-93ca-11d2-aa0d-00e098032b8c
‼ File is immutable: /sys/firmware/efi/efivars/KEK-8be4df61-93ca-11d2-aa0d-00e098032b8c
‼ File is immutable: /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f
You need to chattr -i files in efivarfs
sbctl enroll-keys again (as root of course):
Enrolling keys to EFI variables...✘
sbtl requires root to run: couldn't sync keys: couldn't write efi variable: write /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f: permission denied
from sbctl.
demostanis
commented on August 14, 2024
I tried both with Setup Mode enabled and disabled.
from sbctl.
Foxboron
commented on August 14, 2024
Did you chattr -i the files?
from sbctl.
demostanis
commented on August 14, 2024
Yes.
from sbctl.
Foxboron
commented on August 14, 2024
Output of lsattr /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f && hexdump -C /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f
from sbctl.
demostanis
commented on August 14, 2024
---------------------- /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f
00000000 27 00 00 00 a1 59 c0 a5 e4 94 a7 4a 87 b5 ab 15 |'....Y.....J....|
00000010 5c 2b f0 72 07 06 00 00 00 00 00 00 eb 05 00 00 |\+.r............|
00000020 bd 9a fa 77 59 03 32 4d bd 60 28 f4 e7 8f 78 4b |...wY.2M.`(...xK|
00000030 30 82 05 d7 30 82 03 bf a0 03 02 01 02 02 0a 61 |0...0..........a|
00000040 07 76 56 00 00 00 00 00 08 30 0d 06 09 2a 86 48 |.vV......0...*.H|
00000050 86 f7 0d 01 01 0b 05 00 30 81 88 31 0b 30 09 06 |........0..1.0..|
00000060 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 |.U....US1.0...U.|
00000070 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 |...Washington1.0|
00000080 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 |...U....Redmond1|
00000090 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 |.0...U....Micros|
000000a0 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 |oft Corporation1|
000000b0 32 30 30 06 03 55 04 03 13 29 4d 69 63 72 6f 73 |200..U...)Micros|
000000c0 6f 66 74 20 52 6f 6f 74 20 43 65 72 74 69 66 69 |oft Root Certifi|
000000d0 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 20 32 |cate Authority 2|
000000e0 30 31 30 30 1e 17 0d 31 31 31 30 31 39 31 38 34 |0100...111019184|
000000f0 31 34 32 5a 17 0d 32 36 31 30 31 39 31 38 35 31 |142Z..2610191851|
00000100 34 32 5a 30 81 84 31 0b 30 09 06 03 55 04 06 13 |42Z0..1.0...U...|
00000110 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 |.US1.0...U....Wa|
00000120 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 |shington1.0...U.|
00000130 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 |...Redmond1.0...|
00000140 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 |U....Microsoft C|
00000150 6f 72 70 6f 72 61 74 69 6f 6e 31 2e 30 2c 06 03 |orporation1.0,..|
00000160 55 04 03 13 25 4d 69 63 72 6f 73 6f 66 74 20 57 |U...%Microsoft W|
00000170 69 6e 64 6f 77 73 20 50 72 6f 64 75 63 74 69 6f |indows Productio|
00000180 6e 20 50 43 41 20 32 30 31 31 30 82 01 22 30 0d |n PCA 20110.."0.|
00000190 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 |..*.H...........|
000001a0 0f 00 30 82 01 0a 02 82 01 01 00 dd 0c bb a2 e4 |..0.............|
000001b0 2e 09 e3 e7 c5 f7 96 69 bc 00 21 bd 69 33 33 ef |.......i..!.i33.|
000001c0 ad 04 cb 54 80 ee 06 83 bb c5 20 84 d9 f7 d2 8b |...T...... .....|
000001d0 f3 38 b0 ab a4 ad 2d 7c 62 79 05 ff e3 4a 3f 04 |.8....-|by...J?.|
000001e0 35 20 70 e3 c4 e7 6b e0 9c c0 36 75 e9 8a 31 dd |5 p...k...6u..1.|
000001f0 8d 70 e5 dc 37 b5 74 46 96 28 5b 87 60 23 2c bf |.p..7.tF.([.`#,.|
00000200 dc 47 a5 67 f7 51 27 9e 72 eb 07 a6 c9 b9 1e 3b |.G.g.Q'.r......;|
00000210 53 35 7c e5 d3 ec 27 b9 87 1c fe b9 c9 23 09 6f |S5|...'......#.o|
00000220 a8 46 91 c1 6e 96 3c 41 d3 cb a3 3f 5d 02 6a 4d |.F..n.<A...?].jM|
00000230 ec 69 1f 25 28 5c 36 ff fd 43 15 0a 94 e0 19 b4 |.i.%(\6..C......|
00000240 cf df c2 12 e2 c2 5b 27 ee 27 78 30 8b 5b 2a 09 |......['.'x0.[*.|
00000250 6b 22 89 53 60 16 2c c0 68 1d 53 ba ec 49 f3 9d |k".S`.,.h.S..I..|
00000260 61 8c 85 68 09 73 44 5d 7d a2 54 2b dd 79 f7 15 |a..h.sD]}.T+.y..|
00000270 cf 35 5d 6c 1c 2b 5c ce bc 9c 23 8b 6f 6e b5 26 |.5]l.+\...#.on.&|
00000280 d9 36 13 c3 4f d6 27 ae b9 32 3b 41 92 2c e1 c7 |.6..O.'..2;A.,..|
00000290 cd 77 e8 aa 54 4e f7 5c 0b 04 87 65 b4 43 18 a8 |.w..TN.\...e.C..|
000002a0 b2 e0 6d 19 77 ec 5a 24 fa 48 03 02 03 01 00 01 |..m.w.Z$.H......|
000002b0 a3 82 01 43 30 82 01 3f 30 10 06 09 2b 06 01 04 |...C0..?0...+...|
000002c0 01 82 37 15 01 04 03 02 01 00 30 1d 06 03 55 1d |..7.......0...U.|
000002d0 0e 04 16 04 14 a9 29 02 39 8e 16 c4 97 78 cd 90 |......).9....x..|
000002e0 f9 9e 4f 9a e1 7c 55 af 53 30 19 06 09 2b 06 01 |..O..|U.S0...+..|
000002f0 04 01 82 37 14 02 04 0c 1e 0a 00 53 00 75 00 62 |...7.......S.u.b|
00000300 00 43 00 41 30 0b 06 03 55 1d 0f 04 04 03 02 01 |.C.A0...U.......|
00000310 86 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 |.0...U.......0..|
00000320 01 ff 30 1f 06 03 55 1d 23 04 18 30 16 80 14 d5 |..0...U.#..0....|
00000330 f6 56 cb 8f e8 a2 5c 62 68 d1 3d 94 90 5b d7 ce |.V....\bh.=..[..|
00000340 9a 18 c4 30 56 06 03 55 1d 1f 04 4f 30 4d 30 4b |...0V..U...O0M0K|
00000350 a0 49 a0 47 86 45 68 74 74 70 3a 2f 2f 63 72 6c |.I.G.Ehttp://crl|
00000360 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 70 |.microsoft.com/p|
00000370 6b 69 2f 63 72 6c 2f 70 72 6f 64 75 63 74 73 2f |ki/crl/products/|
00000380 4d 69 63 52 6f 6f 43 65 72 41 75 74 5f 32 30 31 |MicRooCerAut_201|
00000390 30 2d 30 36 2d 32 33 2e 63 72 6c 30 5a 06 08 2b |0-06-23.crl0Z..+|
000003a0 06 01 05 05 07 01 01 04 4e 30 4c 30 4a 06 08 2b |........N0L0J..+|
000003b0 06 01 05 05 07 30 02 86 3e 68 74 74 70 3a 2f 2f |.....0..>http://|
000003c0 77 77 77 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f |www.microsoft.co|
000003d0 6d 2f 70 6b 69 2f 63 65 72 74 73 2f 4d 69 63 52 |m/pki/certs/MicR|
000003e0 6f 6f 43 65 72 41 75 74 5f 32 30 31 30 2d 30 36 |ooCerAut_2010-06|
000003f0 2d 32 33 2e 63 72 74 30 0d 06 09 2a 86 48 86 f7 |-23.crt0...*.H..|
00000400 0d 01 01 0b 05 00 03 82 02 01 00 14 fc 7c 71 51 |.............|qQ|
00000410 a5 79 c2 6e b2 ef 39 3e bc 3c 52 0f 6e 2b 3f 10 |.y.n..9>.<R.n+?.|
00000420 13 73 fe a8 68 d0 48 a6 34 4d 8a 96 05 26 ee 31 |.s..h.H.4M...&.1|
00000430 46 90 61 79 d6 ff 38 2e 45 6b f4 c0 e5 28 b8 da |F.ay..8.Ek...(..|
00000440 1d 8f 8a db 09 d7 1a c7 4c 0a 36 66 6a 8c ec 1b |........L.6fj...|
00000450 d7 04 90 a8 18 17 a4 9b b9 e2 40 32 36 76 c4 c1 |..........@26v..|
00000460 5a c6 bf e4 04 c0 ea 16 d3 ac c3 68 ef 62 ac dd |Z..........h.b..|
00000470 54 6c 50 30 58 a6 eb 7c fe 94 a7 4e 8e f4 ec 7c |TlP0X..|...N...||
00000480 86 73 57 c2 52 21 73 34 5a f3 a3 8a 56 c8 04 da |.sW.R!s4Z...V...|
00000490 07 09 ed f8 8b e3 ce f4 7e 8e ae f0 f6 0b 8a 08 |........~.......|
000004a0 fb 3f c9 1d 72 7f 53 b8 eb be 63 e0 e3 3d 31 65 |.?..r.S...c..=1e|
000004b0 b0 81 e5 f2 ac cd 16 a4 9f 3d a8 b1 9b c2 42 d0 |.........=....B.|
000004c0 90 84 5f 54 1d ff 89 ea ba 1d 47 90 6f b0 73 4e |.._T......G.o.sN|
000004d0 41 9f 40 9f 5f e5 a1 2a b2 11 91 73 8a 21 28 f0 |A.@._..*...s.!(.|
000004e0 ce de 73 39 5f 3e ab 5c 60 ec df 03 10 a8 d3 09 |..s9_>.\`.......|
000004f0 e9 f4 f6 96 85 b6 7f 51 88 66 47 19 8d a2 b0 12 |.......Q.fG.....|
00000500 3d 81 2a 68 05 77 bb 91 4c 62 7b b6 c1 07 c7 ba |=.*h.w..Lb{.....|
00000510 7a 87 34 03 0e 4b 62 7a 99 e9 ca fc ce 4a 37 c9 |z.4..Kbz.....J7.|
00000520 2d a4 57 7c 1c fe 3d dc b8 0f 5a fa d6 c4 b3 02 |-.W|..=...Z.....|
00000530 85 02 3a ea b3 d9 6e e4 69 21 37 de 81 d1 f6 75 |..:...n.i!7....u|
00000540 19 05 67 d3 93 57 5e 29 1b 39 c8 ee 2d e1 cd e4 |..g..W^).9..-...|
00000550 45 73 5b d0 d2 ce 7a ab 16 19 82 46 58 d0 5e 9d |Es[...z....FX.^.|
00000560 81 b3 67 af 6c 35 f2 bc e5 3f 24 e2 35 a2 0a 75 |..g.l5...?$.5..u|
00000570 06 f6 18 56 99 d4 78 2c d1 05 1b eb d0 88 01 9d |...V..x,........|
00000580 aa 10 f1 05 df ba 7e 2c 63 b7 06 9b 23 21 c4 f9 |......~,c...#!..|
00000590 78 6c e2 58 17 06 36 2b 91 12 03 cc a4 d9 f2 2d |xl.X..6+.......-|
000005a0 ba f9 94 9d 40 ed 18 45 f1 ce 8a 5c 6b 3e ab 03 |[email protected]...\k>..|
000005b0 d3 70 18 2a 0a 6a e0 5f 47 d1 d5 63 0a 32 f2 af |.p.*.j._G..c.2..|
000005c0 d7 36 1f 2a 70 5a e5 42 59 08 71 4b 57 ba 7e 83 |.6.*pZ.BY.qKW.~.|
000005d0 81 f0 21 3c f4 1c c1 c5 b9 90 93 0e 88 45 93 86 |..!<.........E..|
000005e0 e9 b1 20 99 be 98 cb c5 95 a4 5d 62 d6 a0 63 08 |.. .......]b..c.|
000005f0 20 bd 75 10 77 7d 3d f3 45 b9 9f 97 9f cb 57 80 | .u.w}=.E.....W.|
00000600 6f 33 a9 04 cf 77 a4 62 1c 59 7e a1 59 c0 a5 e4 |o3...w.b.Y~.Y...|
00000610 94 a7 4a 87 b5 ab 15 5c 2b f0 72 40 06 00 00 00 |..J....\+.r@....|
00000620 00 00 00 24 06 00 00 bd 9a fa 77 59 03 32 4d bd |...$......wY.2M.|
00000630 60 28 f4 e7 8f 78 4b 30 82 06 10 30 82 03 f8 a0 |`(...xK0...0....|
00000640 03 02 01 02 02 0a 61 08 d3 c4 00 00 00 00 00 04 |......a.........|
00000650 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 |0...*.H........0|
00000660 81 91 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 |..1.0...U....US1|
00000670 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e |.0...U....Washin|
00000680 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 |gton1.0...U....R|
00000690 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 |edmond1.0...U...|
000006a0 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f |.Microsoft Corpo|
000006b0 72 61 74 69 6f 6e 31 3b 30 39 06 03 55 04 03 13 |ration1;09..U...|
000006c0 32 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f |2Microsoft Corpo|
000006d0 72 61 74 69 6f 6e 20 54 68 69 72 64 20 50 61 72 |ration Third Par|
000006e0 74 79 20 4d 61 72 6b 65 74 70 6c 61 63 65 20 52 |ty Marketplace R|
000006f0 6f 6f 74 30 1e 17 0d 31 31 30 36 32 37 32 31 32 |oot0...110627212|
00000700 32 34 35 5a 17 0d 32 36 30 36 32 37 32 31 33 32 |245Z..2606272132|
00000710 34 35 5a 30 81 81 31 0b 30 09 06 03 55 04 06 13 |45Z0..1.0...U...|
00000720 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 |.US1.0...U....Wa|
00000730 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 |shington1.0...U.|
00000740 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 |...Redmond1.0...|
00000750 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 |U....Microsoft C|
00000760 6f 72 70 6f 72 61 74 69 6f 6e 31 2b 30 29 06 03 |orporation1+0)..|
00000770 55 04 03 13 22 4d 69 63 72 6f 73 6f 66 74 20 43 |U..."Microsoft C|
00000780 6f 72 70 6f 72 61 74 69 6f 6e 20 55 45 46 49 20 |orporation UEFI |
00000790 43 41 20 32 30 31 31 30 82 01 22 30 0d 06 09 2a |CA 20110.."0...*|
000007a0 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 |.H.............0|
000007b0 82 01 0a 02 82 01 01 00 a5 08 6c 4c c7 45 09 6a |..........lL.E.j|
000007c0 4b 0c a4 c0 87 7f 06 75 0c 43 01 54 64 e0 16 7f |K......u.C.Td...|
000007d0 07 ed 92 7d 0b b2 73 bf 0c 0a c6 4a 45 61 a0 c5 |...}..s....JEa..|
000007e0 16 2d 96 d3 f5 2b a0 fb 4d 49 9b 41 80 90 3c b9 |.-...+..MI.A..<.|
000007f0 54 fd e6 bc d1 9d c4 a4 18 8a 7f 41 8a 5c 59 83 |T..........A.\Y.|
00000800 68 32 bb 8c 47 c9 ee 71 bc 21 4f 9a 8a 7c ff 44 |h2..G..q.!O..|.D|
00000810 3f 8d 8f 32 b2 26 48 ae 75 b5 ee c9 4c 1e 4a 19 |?..2.&H.u...L.J.|
00000820 7e e4 82 9a 1d 78 77 4d 0c b0 bd f6 0f d3 16 d3 |~....xwM........|
00000830 bc fa 2b a5 51 38 5d f5 fb ba db 78 02 db ff ec |..+.Q8]....x....|
00000840 0a 1b 96 d5 83 b8 19 13 e9 b6 c0 7b 40 7b e1 1f |...........{@{..|
00000850 28 27 c9 fa ef 56 5e 1c e6 7e 94 7e c0 f0 44 b2 |('...V^..~.~..D.|
00000860 79 39 e5 da b2 62 8b 4d bf 38 70 e2 68 24 14 c9 |y9...b.M.8p.h$..|
00000870 33 a4 08 37 d5 58 69 5e d3 7c ed c1 04 53 08 e7 |3..7.Xi^.|...S..|
00000880 4e b0 2a 87 63 08 61 6f 63 15 59 ea b2 2b 79 d7 |N.*.c.aoc.Y..+y.|
00000890 0c 61 67 8a 5b fd 5e ad 87 7f ba 86 67 4f 71 58 |.ag.[.^.....gOqX|
000008a0 12 22 04 22 22 ce 8b ef 54 71 00 ce 50 35 58 76 |.".""...Tq..P5Xv|
000008b0 95 08 ee 6a b1 a2 01 d5 02 03 01 00 01 a3 82 01 |...j............|
000008c0 76 30 82 01 72 30 12 06 09 2b 06 01 04 01 82 37 |v0..r0...+.....7|
000008d0 15 01 04 05 02 03 01 00 01 30 23 06 09 2b 06 01 |.........0#..+..|
000008e0 04 01 82 37 15 02 04 16 04 14 f8 c1 6b b7 7f 77 |...7........k..w|
000008f0 53 4a f3 25 37 1d 4e a1 26 7b 0f 20 70 80 30 1d |SJ.%7.N.&{. p.0.|
00000900 06 03 55 1d 0e 04 16 04 14 13 ad bf 43 09 bd 82 |..U.........C...|
00000910 70 9c 8c d5 4f 31 6e d5 22 98 8a 1b d4 30 19 06 |p...O1n."....0..|
00000920 09 2b 06 01 04 01 82 37 14 02 04 0c 1e 0a 00 53 |.+.....7.......S|
00000930 00 75 00 62 00 43 00 41 30 0b 06 03 55 1d 0f 04 |.u.b.C.A0...U...|
00000940 04 03 02 01 86 30 0f 06 03 55 1d 13 01 01 ff 04 |.....0...U......|
00000950 05 30 03 01 01 ff 30 1f 06 03 55 1d 23 04 18 30 |.0....0...U.#..0|
00000960 16 80 14 45 66 52 43 e1 7e 58 11 bf d6 4e 9e 23 |...EfRC.~X...N.#|
00000970 55 08 3b 3a 22 6a a8 30 5c 06 03 55 1d 1f 04 55 |U.;:"j.0\..U...U|
00000980 30 53 30 51 a0 4f a0 4d 86 4b 68 74 74 70 3a 2f |0S0Q.O.M.Khttp:/|
00000990 2f 63 72 6c 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 |/crl.microsoft.c|
000009a0 6f 6d 2f 70 6b 69 2f 63 72 6c 2f 70 72 6f 64 75 |om/pki/crl/produ|
000009b0 63 74 73 2f 4d 69 63 43 6f 72 54 68 69 50 61 72 |cts/MicCorThiPar|
000009c0 4d 61 72 52 6f 6f 5f 32 30 31 30 2d 31 30 2d 30 |MarRoo_2010-10-0|
000009d0 35 2e 63 72 6c 30 60 06 08 2b 06 01 05 05 07 01 |5.crl0`..+......|
000009e0 01 04 54 30 52 30 50 06 08 2b 06 01 05 05 07 30 |..T0R0P..+.....0|
000009f0 02 86 44 68 74 74 70 3a 2f 2f 77 77 77 2e 6d 69 |..Dhttp://www.mi|
00000a00 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 70 6b 69 2f |crosoft.com/pki/|
00000a10 63 65 72 74 73 2f 4d 69 63 43 6f 72 54 68 69 50 |certs/MicCorThiP|
00000a20 61 72 4d 61 72 52 6f 6f 5f 32 30 31 30 2d 31 30 |arMarRoo_2010-10|
00000a30 2d 30 35 2e 63 72 74 30 0d 06 09 2a 86 48 86 f7 |-05.crt0...*.H..|
00000a40 0d 01 01 0b 05 00 03 82 02 01 00 35 08 42 ff 30 |...........5.B.0|
00000a50 cc ce f7 76 0c ad 10 68 58 35 29 46 32 76 27 7c |...v...hX5)F2v'||
00000a60 ef 12 41 27 42 1b 4a aa 6d 81 38 48 59 13 55 f3 |..A'B.J.m.8HY.U.|
00000a70 e9 58 34 a6 16 0b 82 aa 5d ad 82 da 80 83 41 06 |.X4.....].....A.|
00000a80 8f b4 1d f2 03 b9 f3 1a 5d 1b f1 50 90 f9 b3 55 |........]..P...U|
00000a90 84 42 28 1c 20 bd b2 ae 51 14 c5 c0 ac 97 95 21 |.B(. ...Q......!|
00000aa0 1c 90 db 0f fc 77 9e 95 73 91 88 ca bd bd 52 b9 |.....w..s.....R.|
00000ab0 05 50 0d df 57 9e a0 61 ed 0d e5 6d 25 d9 40 0f |.P..W..a...m%.@.|
00000ac0 17 40 c8 ce a3 4a c2 4d af 9a 12 1d 08 54 8f bd |[email protected]..|
00000ad0 c7 bc b9 2b 3d 49 2b 1f 32 fc 6a 21 69 4f 9b c8 |...+=I+.2.j!iO..|
00000ae0 7e 42 34 fc 36 06 17 8b 8f 20 40 c0 b3 9a 25 75 |~B4.6.... @...%u|
00000af0 27 cd c9 03 a3 f6 5d d1 e7 36 54 7a b9 50 b5 d3 |'.....]..6Tz.P..|
00000b00 12 d1 07 bf bb 74 df dc 1e 8f 80 d5 ed 18 f4 2f |.....t........./|
00000b10 14 16 6b 2f de 66 8c b0 23 e5 c7 84 d8 ed ea c1 |..k/.f..#.......|
00000b20 33 82 ad 56 4b 18 2d f1 68 95 07 cd cf f0 72 f0 |3..VK.-.h.....r.|
00000b30 ae bb dd 86 85 98 2c 21 4c 33 2b f0 0f 4a f0 68 |......,!L3+..J.h|
00000b40 87 b5 92 55 32 75 a1 6a 82 6a 3c a3 25 11 a4 ed |...U2u.j.j<.%...|
00000b50 ad d7 04 ae cb d8 40 59 a0 84 d1 95 4c 62 91 22 |[email protected]."|
00000b60 1a 74 1d 8c 3d 47 0e 44 a6 e4 b0 9b 34 35 b1 fa |.t..=G.D....45..|
00000b70 b6 53 a8 2c 81 ec a4 05 71 c8 9d b8 ba e8 1b 44 |.S.,....q......D|
00000b80 66 e4 47 54 0e 8e 56 7f b3 9f 16 98 b2 86 d0 68 |f.GT..V........h|
00000b90 3e 90 23 b5 2f 5e 8f 50 85 8d c6 8d 82 5f 41 a1 |>.#./^.P....._A.|
00000ba0 f4 2e 0d e0 99 d2 6c 75 e4 b6 69 b5 21 86 fa 07 |......lu..i.!...|
00000bb0 d1 f6 e2 4d d1 da ad 2c 77 53 1e 25 32 37 c7 6c |...M...,wS.%27.l|
00000bc0 52 72 95 86 b0 f1 35 61 6a 19 f5 b2 3b 81 50 56 |Rr....5aj...;.PV|
00000bd0 a6 32 2d fe a2 89 f9 42 86 27 18 55 a1 82 ca 5a |.2-....B.'.U...Z|
00000be0 9b f8 30 98 54 14 a6 47 96 25 2f c8 26 e4 41 94 |..0.T..G.%/.&.A.|
00000bf0 1a 5c 02 3f e5 96 e3 85 5b 3c 3e 3f bb 47 16 72 |.\.?....[<>?.G.r|
00000c00 55 e2 25 22 b1 d9 7b e7 03 06 2a a3 f7 1e 90 46 |U.%"..{...*....F|
00000c10 c3 00 0d d6 19 89 e3 0e 35 27 62 03 71 15 a6 ef |........5'b.q...|
00000c20 d0 27 a0 a0 59 37 60 f8 38 94 b8 e0 78 70 f8 ba |.'..Y7`.8...xp..|
00000c30 4c 86 87 94 f6 e0 ae 02 45 ee 65 c2 b6 a3 7e 69 |L.......E.e...~i|
00000c40 16 75 07 92 9b f5 a6 bc 59 83 58 |.u......Y.X|
00000c4b
from sbctl.
Foxboron
commented on August 14, 2024
Did you reset the keys? These should be empty and without the Microsoft CA.
Some hardware vendors have terrible UI for reseting the keys and enabling user mode.
See #67 (comment)
from sbctl.
demostanis
commented on August 14, 2024
I had already pressed the delete all keys button, but it hadn't worked.
Doing it again after disabling and re-enabling the Custom Mode seemed to work (but kept the Save button grayed out as said in #67).
However, even if everything is signed (sbctl verify), I get the following error when booting up with secure boot enabled:
Operating System Loader signature not found in Secure Boot database ('db')
from sbctl.
Foxboron
commented on August 14, 2024
This is where I should start providing some debug tools for myself inside sbctl :)
Output of hexdump -C /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f again please. Also do very that the PK and KEK files all have your certificate.
from sbctl.
demostanis
commented on August 14, 2024
db:
archlinux% hexdump -C /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f
00000000 27 00 00 00 a1 59 c0 a5 e4 94 a7 4a 87 b5 ab 15 |'....Y.....J....|
00000010 5c 2b f0 72 29 05 00 00 00 00 00 00 0d 05 00 00 |\+.r)...........|
00000020 8e a9 9e fe aa d0 75 45 ac 84 a1 7e b4 63 3c 7b |......uE...~.c<{|
00000030 30 82 04 f9 30 82 02 e1 a0 03 02 01 02 02 11 00 |0...0...........|
00000040 c4 15 0a 2f 58 de 80 a5 ae 74 b8 34 b8 b2 23 21 |.../X....t.4..#!|
00000050 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 |0...*.H........0|
00000060 2e 31 15 30 13 06 03 55 04 06 13 0c 44 61 74 61 |.1.0...U....Data|
00000070 62 61 73 65 20 4b 65 79 31 15 30 13 06 03 55 04 |base Key1.0...U.|
00000080 03 13 0c 44 61 74 61 62 61 73 65 20 4b 65 79 30 |...Database Key0|
00000090 1e 17 0d 32 31 30 37 32 36 30 39 34 35 35 32 5a |...210726094552Z|
000000a0 17 0d 32 36 30 37 32 36 30 39 34 35 35 32 5a 30 |..260726094552Z0|
000000b0 2e 31 15 30 13 06 03 55 04 06 13 0c 44 61 74 61 |.1.0...U....Data|
000000c0 62 61 73 65 20 4b 65 79 31 15 30 13 06 03 55 04 |base Key1.0...U.|
000000d0 03 13 0c 44 61 74 61 62 61 73 65 20 4b 65 79 30 |...Database Key0|
000000e0 82 02 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 |.."0...*.H......|
000000f0 05 00 03 82 02 0f 00 30 82 02 0a 02 82 02 01 00 |.......0........|
00000100 ad d5 4b ff 01 eb 37 25 f1 b3 10 57 75 5b 7b 80 |..K...7%...Wu[{.|
00000110 0d d4 ce 3c 43 f2 85 eb 91 89 8e 76 f0 69 50 66 |...<C......v.iPf|
00000120 fa 1e 42 fe 24 d1 10 5e fc c6 02 ef c1 ad d6 a6 |..B.$..^........|
00000130 fe 32 aa 1a f4 55 73 22 eb 5b d7 b6 65 2f 56 01 |.2...Us".[..e/V.|
00000140 f9 f3 86 16 57 23 60 3f 3e 5e 3b 8f ba 06 e9 1b |....W#`?>^;.....|
00000150 6c 3d e1 13 1f ff e7 98 9d e7 39 a4 23 3d ac 4a |l=........9.#=.J|
00000160 d4 ee bb 4f 84 cf bd 6b 74 b9 f6 7d df d3 ef 2c |...O...kt..}...,|
00000170 6e 1c a2 b7 d0 30 4e 22 ab b1 4a a0 ce e3 9d 49 |n....0N"..J....I|
00000180 9f 0c d6 ce 38 04 42 dd a2 79 23 c1 e1 18 ae 86 |....8.B..y#.....|
00000190 a4 3f a9 07 f8 44 91 c5 2a 62 5c 06 63 81 13 46 |.?...D..*b\.c..F|
000001a0 77 2a ef b9 a9 d2 03 b5 55 3b d6 67 9b af af 84 |w*......U;.g....|
000001b0 0d e5 d5 ba 9f 13 da c6 e2 60 ec 90 6f 8e 9b 1b |.........`..o...|
000001c0 ce 4f ac 62 5b 0e 8d d6 80 33 1d e7 b8 55 ca 98 |.O.b[....3...U..|
000001d0 dd b8 5c 7d 55 71 6d 82 9f 1d 48 e6 aa 34 41 6e |..\}Uqm...H..4An|
000001e0 8d 33 75 bf 1c 4b da 27 b1 e0 2c a1 9e 47 04 b1 |.3u..K.'..,..G..|
000001f0 f2 e6 76 a9 17 65 95 67 c1 87 ed 61 3a d6 43 08 |..v..e.g...a:.C.|
00000200 c8 b6 29 4e a7 dd 1a 8d 88 e5 49 6a 4d c3 e1 a2 |..)N......IjM...|
00000210 9e b9 aa 4f 7c c5 5d b3 3d 66 88 0d a2 2d 1e 0a |...O|.].=f...-..|
00000220 a7 dc 5f 9c de 59 0f e2 23 15 3e c8 59 7c aa ad |.._..Y..#.>.Y|..|
00000230 27 8b 92 53 0f 4e 95 57 14 0e 5d 2b fd 39 fa 35 |'..S.N.W..]+.9.5|
00000240 b2 60 8e ca 33 bf fe ea 61 6b 84 16 fb e1 f3 17 |.`..3...ak......|
00000250 d3 25 90 c5 72 15 75 93 31 94 53 d8 66 bd f9 50 |.%..r.u.1.S.f..P|
00000260 dd 12 77 b8 7a ca 47 e6 4a 88 bb 21 eb 44 26 18 |..w.z.G.J..!.D&.|
00000270 f5 d7 f5 14 4f db 7c 7a 80 19 55 22 cb b8 c5 a9 |....O.|z..U"....|
00000280 65 11 fa c8 f8 99 b2 2e ff 5d a2 56 98 cc de a8 |e........].V....|
00000290 ea dd 4a 5c 6c 1e 93 37 2d 18 9e e8 56 83 fe 0e |..J\l..7-...V...|
000002a0 ee 76 dc 72 59 cb 20 9c 9d 5c 7f 93 69 40 cc 8a |.v.rY. ..\..i@..|
000002b0 4c 0b 36 5f 2a 93 89 aa 83 bc 5f 0d b2 9a 87 1b |L.6_*....._.....|
000002c0 4d 0e b1 09 88 39 77 67 81 2f 62 94 6c 9c ba 6d |M....9wg./b.l..m|
000002d0 32 b3 d9 4a 19 b0 98 fe 3f 14 55 77 00 fb dd 3f |2..J....?.Uw...?|
000002e0 3b f6 87 14 43 b4 e0 c5 45 e9 9f 96 51 f3 5f 89 |;...C...E...Q._.|
000002f0 39 ed b3 cc d2 db f5 10 e9 c8 d8 02 36 fd 2a 33 |9...........6.*3|
00000300 02 03 01 00 01 a3 12 30 10 30 0e 06 03 55 1d 0f |.......0.0...U..|
00000310 01 01 ff 04 04 03 02 07 80 30 0d 06 09 2a 86 48 |.........0...*.H|
00000320 86 f7 0d 01 01 0b 05 00 03 82 02 01 00 24 e8 ad |.............$..|
00000330 ab 2c 1d 5e 90 34 67 ea d0 65 bd 02 88 bc 9e 36 |.,.^.4g..e.....6|
00000340 82 9a 17 f2 db f5 be 34 5e e1 ae 10 d1 ce d4 1b |.......4^.......|
00000350 38 d8 b2 b2 be d7 88 36 f8 ba 55 9c a6 8c 67 e4 |8......6..U...g.|
00000360 73 c1 7b a1 10 45 d0 a9 68 07 ec 61 0b 95 20 84 |s.{..E..h..a.. .|
00000370 9d 90 45 91 70 49 67 09 ca 01 ce 92 2b 54 4f f6 |..E.pIg.....+TO.|
00000380 82 0a 95 bd 35 ec e5 b7 d2 8f 7e 6a 90 14 42 c4 |....5.....~j..B.|
00000390 81 05 ed ae f6 49 0a d0 fa a8 46 c7 1b 7b 83 ac |.....I....F..{..|
000003a0 09 b8 26 fe 64 46 a2 39 97 76 99 eb f9 ea cb 2a |..&.dF.9.v.....*|
000003b0 a9 b6 04 ea 90 43 58 de ec d9 de a0 82 b5 dd 7c |.....CX........||
000003c0 2d a3 88 3c d8 35 10 5e a7 1b e5 bb e8 24 70 e7 |-..<.5.^.....$p.|
000003d0 0c bf b5 e0 9e a1 16 28 dd da 0d 19 8e 9d 32 bd |.......(......2.|
000003e0 67 f4 ea ed 1c 95 2e 58 c2 48 86 2b 64 85 1a 5d |g......X.H.+d..]|
000003f0 e4 2c b6 b5 b8 ef b9 ce e6 e9 7f 48 ed d6 c9 86 |.,.........H....|
00000400 60 b2 f6 69 c0 91 4d da d1 64 81 00 ab 8f e4 22 |`..i..M..d....."|
00000410 b3 e9 4a 67 dc f2 83 08 08 a1 c0 4e 66 aa 4f 7d |..Jg.......Nf.O}|
00000420 46 90 0d 7a 3e 0c 24 43 79 ca 2f 8b 17 e3 d0 87 |F..z>.$Cy./.....|
00000430 9c cd 0c 98 bc 2e 35 e7 ca a6 83 b6 6b 2f 6a 4e |......5.....k/jN|
00000440 2c ba 40 7f f2 0e 67 b5 96 92 07 6d 92 eb b1 09 |,[email protected]....|
00000450 2d ed be 05 34 ad d0 1c 2a da a4 6b b2 e5 b8 b4 |-...4...*..k....|
00000460 d1 5b 05 96 2a 70 49 3e ef db 95 6b 36 e1 ff 85 |.[..*pI>...k6...|
00000470 e7 c2 b6 7d 6f b6 5d a3 c4 32 52 c3 52 5b 46 8c |...}o.]..2R.R[F.|
00000480 82 58 6b 36 d8 d9 e1 9b d3 e3 b6 c9 ee af 9c 55 |.Xk6...........U|
00000490 a0 e0 c1 d6 93 90 29 1d 8c 95 94 b2 fe 2b be 97 |......)......+..|
000004a0 a9 16 9a 25 b8 65 52 68 25 35 9f 37 0a 05 8c b8 |...%.eRh%5.7....|
000004b0 83 c5 a8 f0 ff 90 74 68 43 28 60 97 e8 94 35 55 |......thC(`...5U|
000004c0 f8 c0 16 b0 ef 6d 48 c9 9a 10 12 4e 23 cb c4 d8 |.....mH....N#...|
000004d0 23 ae 9d 31 3b e3 ee 97 98 ae 1c 72 ae 39 ee 0c |#..1;......r.9..|
000004e0 f7 a2 b3 c5 bc 71 72 a5 39 a5 56 1d 96 97 4d c2 |.....qr.9.V...M.|
000004f0 6a f2 06 d0 2b b1 ac e3 62 f2 6f da b3 93 e0 94 |j...+...b.o.....|
00000500 45 ea a0 31 08 0a 5e 2e e6 b4 b8 06 ce bd 21 83 |E..1..^.......!.|
00000510 05 a4 e5 f9 e1 52 7b 8e 1e b9 aa d3 7f bc 79 d4 |.....R{.......y.|
00000520 11 5d f1 0b 92 ba 0d 57 da 88 b4 ec c2 |.].....W.....|
0000052d
PK:
archlinux% hexdump -C /sys/firmware/efi/efivars/PK-8be4df61-93ca-11d2-aa0d-00e098032b8c
00000000 27 00 00 00 a1 59 c0 a5 e4 94 a7 4a 87 b5 ab 15 |'....Y.....J....|
00000010 5c 2b f0 72 29 05 00 00 00 00 00 00 0d 05 00 00 |\+.r)...........|
00000020 8e a9 9e fe aa d0 75 45 ac 84 a1 7e b4 63 3c 7b |......uE...~.c<{|
00000030 30 82 04 f9 30 82 02 e1 a0 03 02 01 02 02 11 00 |0...0...........|
00000040 e0 08 05 02 b5 fa b8 34 19 cc 46 8f a1 68 f6 cf |.......4..F..h..|
00000050 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 |0...*.H........0|
00000060 2e 31 15 30 13 06 03 55 04 06 13 0c 50 6c 61 74 |.1.0...U....Plat|
00000070 66 6f 72 6d 20 4b 65 79 31 15 30 13 06 03 55 04 |form Key1.0...U.|
00000080 03 13 0c 50 6c 61 74 66 6f 72 6d 20 4b 65 79 30 |...Platform Key0|
00000090 1e 17 0d 32 31 30 37 32 36 30 39 34 35 34 38 5a |...210726094548Z|
000000a0 17 0d 32 36 30 37 32 36 30 39 34 35 34 38 5a 30 |..260726094548Z0|
000000b0 2e 31 15 30 13 06 03 55 04 06 13 0c 50 6c 61 74 |.1.0...U....Plat|
000000c0 66 6f 72 6d 20 4b 65 79 31 15 30 13 06 03 55 04 |form Key1.0...U.|
000000d0 03 13 0c 50 6c 61 74 66 6f 72 6d 20 4b 65 79 30 |...Platform Key0|
000000e0 82 02 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 |.."0...*.H......|
000000f0 05 00 03 82 02 0f 00 30 82 02 0a 02 82 02 01 00 |.......0........|
00000100 d5 be bc 3e 14 66 c2 59 2b ad f4 b4 d3 95 06 00 |...>.f.Y+.......|
00000110 ba 95 34 29 69 60 c0 eb 10 92 5b 77 1e 27 b3 98 |..4)i`....[w.'..|
00000120 95 4c 45 9a ae 0f b9 93 6e 20 4a 1e a5 74 df e2 |.LE.....n J..t..|
00000130 49 27 8f 41 93 c4 57 7c 84 97 bd bd 8c c7 aa 96 |I'.A..W|........|
00000140 40 d4 29 c5 0b 25 76 f3 8d d1 6c 5c 90 1b d3 77 |@.)..%v...l\...w|
00000150 91 cf 4e 47 60 17 66 97 86 4d ad 72 22 3b cf 60 |..NG`.f..M.r";.`|
00000160 7e d1 d5 df 1f 7d 2d 59 41 70 dd 81 2c 7b a5 48 |~....}-YAp..,{.H|
00000170 5d 2a ba 28 42 32 f6 e3 9b a0 45 39 d9 88 a6 89 |]*.(B2....E9....|
00000180 9d 62 0b 04 31 00 a6 6e 27 4c 64 e2 e0 6d 49 57 |.b..1..n'Ld..mIW|
00000190 75 a1 fd 36 c5 30 89 8d 9e 4a 42 74 b8 8a ca c1 |u..6.0...JBt....|
000001a0 a2 3b 43 7a 7b 81 45 db bb 0c 04 b1 b4 fc d2 43 |.;Cz{.E........C|
000001b0 1c da f0 45 ef a8 33 bf 6b 38 c3 0a d2 3e 2d 3d |...E..3.k8...>-=|
000001c0 e8 6b dc 8c b5 93 2e 1f ec ad 18 56 18 56 a2 b3 |.k.........V.V..|
000001d0 d4 d1 25 67 37 ef 38 18 a3 72 b3 7f ba 66 9d 1c |..%g7.8..r...f..|
000001e0 83 05 e2 ee d9 4b bd d3 45 00 ef 0e ff a2 57 77 |.....K..E.....Ww|
000001f0 8b 9b 58 bd 4a 23 11 0a 40 fe a3 ba 68 6c 7a d1 |..X.J#[email protected].|
00000200 74 5a f9 5e 96 5c 17 2f 56 c4 22 b6 91 44 9e 96 |tZ.^.\./V."..D..|
00000210 4d 17 d6 8e a5 f0 68 a2 27 1d d5 60 21 e1 9d c3 |M.....h.'..`!...|
00000220 34 d3 c6 61 51 4a 91 a5 09 85 b8 8e 0b ce fc 05 |4..aQJ..........|
00000230 d4 03 e6 0e 41 35 25 17 ff da 63 5c 1d 86 4f 5b |....A5%...c\..O[|
00000240 fe 1a 26 c7 32 d7 31 b1 37 90 d7 b2 2b a9 4d 38 |..&.2.1.7...+.M8|
00000250 04 d6 0b f0 d1 a9 37 06 af af 26 01 a7 dc 72 5b |......7...&...r[|
00000260 ae 71 a3 5d ca 3c 32 42 76 7d 05 f4 60 0f 61 e0 |.q.].<2Bv}..`.a.|
00000270 f2 7b 51 22 bc af 0a 6c e4 9b b9 21 6f c9 ab af |.{Q"...l...!o...|
00000280 2e c4 39 aa 34 70 95 65 a4 ac cb 52 2c f0 56 f8 |..9.4p.e...R,.V.|
00000290 78 b8 d8 d9 e8 63 42 7e fd 33 fc 5d 42 eb 8a 69 |x....cB~.3.]B..i|
000002a0 81 fd 40 f8 bc b6 d4 21 79 6b 1a 0b 51 30 57 ea |..@....!yk..Q0W.|
000002b0 a5 e7 d8 96 c3 1f 18 ec 3b ec f3 32 b0 04 ab c5 |........;..2....|
000002c0 51 c0 af 0a e9 d5 06 9e d3 ca f4 d6 54 29 40 b9 |Q...........T)@.|
000002d0 bf 64 27 d2 c3 d2 cf 1f 0f 84 54 f5 27 65 f2 e9 |.d'.......T.'e..|
000002e0 d4 bd fd ce 68 35 bf 6e a0 55 28 68 c6 67 1d 24 |....h5.n.U(h.g.$|
000002f0 ac b9 73 e2 d3 fc ba 2f cd e4 d2 93 c3 1f cf 9f |..s..../........|
00000300 02 03 01 00 01 a3 12 30 10 30 0e 06 03 55 1d 0f |.......0.0...U..|
00000310 01 01 ff 04 04 03 02 07 80 30 0d 06 09 2a 86 48 |.........0...*.H|
00000320 86 f7 0d 01 01 0b 05 00 03 82 02 01 00 71 4c d5 |.............qL.|
00000330 8b 58 18 00 e7 c5 42 a1 3a fa 44 28 f3 9e a9 39 |.X....B.:.D(...9|
00000340 65 f9 e4 29 40 be 35 a1 3e a0 cd f4 c3 4a 36 22 |e..)@.5.>....J6"|
00000350 27 97 b1 a4 25 78 b4 e9 ae ee f0 2d ea b8 37 19 |'...%x.....-..7.|
00000360 c8 90 83 5c d7 41 23 9c c0 9f b9 42 9f 65 a9 cf |...\.A#....B.e..|
00000370 c3 1f 94 1e 85 ef 54 13 87 af 1c 35 0c 94 25 10 |......T....5..%.|
00000380 14 75 53 f6 6e 72 23 82 9f b2 d7 73 80 d7 74 46 |.uS.nr#....s..tF|
00000390 c4 b3 bd 1e 09 26 c0 08 e2 57 b4 6a c4 9f 18 8f |.....&...W.j....|
000003a0 3c 94 e9 e4 01 6c 21 37 20 16 e6 77 bb 8e 7d 00 |<....l!7 ..w..}.|
000003b0 3f 2c ac e5 f6 b1 bd 2b 1d 6a 76 38 cc 7f c1 07 |?,.....+.jv8....|
000003c0 3e 4b c8 38 6e eb 75 3d 34 43 f5 10 9c 4c fe 25 |>K.8n.u=4C...L.%|
000003d0 35 f3 04 08 f3 70 b9 79 d4 0a 09 34 f8 c2 e0 f0 |5....p.y...4....|
000003e0 da 66 f4 a6 f5 ad 9d e3 82 d9 0e 8b 1c 72 e3 79 |.f...........r.y|
000003f0 19 9e 8d dc 8d 8b 73 d3 20 b9 42 ee 62 3c 2c eb |......s. .B.b<,.|
00000400 52 32 5b 01 e8 30 b2 50 55 c2 2a eb 11 87 c7 01 |R2[..0.PU.*.....|
00000410 d1 f9 b1 6b a7 74 f4 89 1e c7 b3 f9 a1 b6 05 08 |...k.t..........|
00000420 80 42 a9 37 9e 28 e0 ff fa 22 18 8f b2 eb 8a d8 |.B.7.(..."......|
00000430 80 14 a9 6b 0c e8 6c 38 ec a1 f1 3b 69 04 25 69 |...k..l8...;i.%i|
00000440 25 46 ce bc b1 82 a3 9f 02 c0 97 5b b4 3e d8 da |%F.........[.>..|
00000450 2a 89 a6 32 0a 5a 33 ea c5 98 ba 55 85 d4 77 55 |*..2.Z3....U..wU|
00000460 2c 1d d7 85 9f fa c5 1e 4a 55 ea 1e 0a 68 74 ff |,.......JU...ht.|
00000470 f7 53 74 c9 12 3b 2c 4d 2d 90 f4 bc cb 99 d3 2a |.St..;,M-......*|
00000480 e0 ea ea 84 19 67 38 b9 01 b3 a8 c0 76 46 62 95 |.....g8.....vFb.|
00000490 a7 12 9a 56 a0 0b da d0 85 13 bf 29 d5 22 d1 5c |...V.......).".\|
000004a0 4a 73 5c 96 40 62 35 ab f6 aa c2 41 d4 75 76 81 |Js\[email protected].|
000004b0 37 c8 20 a6 af 47 63 47 d1 8b 8f 6c b9 75 e0 cd |7. ..GcG...l.u..|
000004c0 85 24 6a 44 44 eb c2 ac 24 43 3f 53 48 34 21 10 |.$jDD...$C?SH4!.|
000004d0 a8 12 a4 09 22 6d 4d 25 28 74 d1 33 69 2f bf 3b |...."mM%(t.3i/.;|
000004e0 c5 ec 28 9d 27 c7 ab 9e 45 71 86 4c 02 04 93 02 |..(.'...Eq.L....|
000004f0 16 8a 65 23 c2 20 26 f8 ab 96 5d d9 68 a5 33 70 |..e#. &...].h.3p|
00000500 d5 9a 61 35 da 88 e1 0c 80 58 4c c8 a2 7a 93 24 |..a5.....XL..z.$|
00000510 24 0e a4 a1 26 08 2e 72 a7 49 af f6 29 ba dd 9b |$...&..r.I..)...|
00000520 32 93 19 a2 f2 16 6b 6f 08 af f1 9f a5 |2.....ko.....|
0000052d
KEK:
archlinux% hexdump -C /sys/firmware/efi/efivars/KEK-8be4df61-93ca-11d2-aa0d-00e098032b8c
00000000 27 00 00 00 a1 59 c0 a5 e4 94 a7 4a 87 b5 ab 15 |'....Y.....J....|
00000010 5c 2b f0 72 38 05 00 00 00 00 00 00 1c 05 00 00 |\+.r8...........|
00000020 8e a9 9e fe aa d0 75 45 ac 84 a1 7e b4 63 3c 7b |......uE...~.c<{|
00000030 30 82 05 08 30 82 02 f0 a0 03 02 01 02 02 10 4d |0...0..........M|
00000040 30 60 5f 7f 29 5c 93 53 f7 d0 2c 2f cd 79 fc 30 |0`_.)\.S..,/.y.0|
00000050 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 36 |...*.H........06|
00000060 31 19 30 17 06 03 55 04 06 13 10 4b 65 79 20 45 |1.0...U....Key E|
00000070 78 63 68 61 6e 67 65 20 4b 65 79 31 19 30 17 06 |xchange Key1.0..|
00000080 03 55 04 03 13 10 4b 65 79 20 45 78 63 68 61 6e |.U....Key Exchan|
00000090 67 65 20 4b 65 79 30 1e 17 0d 32 31 30 37 32 36 |ge Key0...210726|
000000a0 30 39 34 35 34 39 5a 17 0d 32 36 30 37 32 36 30 |094549Z..2607260|
000000b0 39 34 35 34 39 5a 30 36 31 19 30 17 06 03 55 04 |94549Z061.0...U.|
000000c0 06 13 10 4b 65 79 20 45 78 63 68 61 6e 67 65 20 |...Key Exchange |
000000d0 4b 65 79 31 19 30 17 06 03 55 04 03 13 10 4b 65 |Key1.0...U....Ke|
000000e0 79 20 45 78 63 68 61 6e 67 65 20 4b 65 79 30 82 |y Exchange Key0.|
000000f0 02 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |."0...*.H.......|
00000100 00 03 82 02 0f 00 30 82 02 0a 02 82 02 01 00 a7 |......0.........|
00000110 09 f6 5f a2 6f 3a f8 d0 e5 f0 33 10 ed 25 2f 4c |.._.o:....3..%/L|
00000120 30 06 70 f5 38 6c 87 85 77 59 06 3b 68 0a 5d 86 |0.p.8l..wY.;h.].|
00000130 85 6c 7d 28 12 49 bf 94 69 7e b9 69 fe 3c bb a9 |.l}(.I..i~.i.<..|
00000140 e4 ab e2 b1 cc 78 d0 1c 3a 7a d2 99 78 0c a1 24 |.....x..:z..x..$|
00000150 23 01 7b fc b2 d5 39 d9 fb ed 1f 56 28 25 6f 5f |#.{...9....V(%o_|
00000160 51 ed ca 60 fd f8 85 ad 88 81 b7 19 02 cf f6 2f |Q..`.........../|
00000170 f8 e0 ad a3 d8 27 32 8c b9 04 8d b6 03 9b 14 76 |.....'2........v|
00000180 77 3f 74 81 b1 4c 85 3d bc 92 ca f4 65 83 f2 6c |w?t..L.=....e..l|
00000190 40 cd ae df 9d 72 78 9a 9c ed fa 45 63 d6 bb d7 |@....rx....Ec...|
000001a0 66 62 f7 1b 88 41 fd 40 60 cf 68 06 9e 77 ea e6 |fb...A.@`.h..w..|
000001b0 ab 60 dc 77 df b3 74 70 ad bc 14 37 e3 c2 29 29 |.`.w..tp...7..))|
000001c0 b5 c6 57 03 20 5b d5 bf 30 e0 d0 49 5d 8c be 11 |..W. [..0..I]...|
000001d0 99 95 c4 8e 68 1d 90 dc 2f 1e 06 94 76 17 fb 47 |....h.../...v..G|
000001e0 d4 cb f6 4c 6c 84 73 a4 fd 21 38 30 55 9b ec 18 |...Ll.s..!80U...|
000001f0 bb 50 91 95 0f 5b c6 55 2a a5 c3 9c 5c 62 5d f3 |.P...[.U*...\b].|
00000200 7d d5 f9 75 9f f5 2b c9 c3 0b 20 75 63 3e d4 7e |}..u..+... uc>.~|
00000210 16 db a6 2d f3 69 da 53 4d 76 c5 25 d5 69 64 b0 |...-.i.SMv.%.id.|
00000220 43 c6 c9 97 eb dd 67 12 b9 19 6d bd 9d f4 40 f9 |C.....g...m...@.|
00000230 03 97 13 6a 84 cb 69 2c f7 eb 30 6b f7 5a 3c cc |...j..i,..0k.Z<.|
00000240 4a 4d 0a b6 d9 68 00 af 9c ce 2b 8f 10 65 c7 30 |JM...h....+..e.0|
00000250 ac 8c 38 73 c2 0e 4f 02 13 f6 20 82 c2 d5 e6 96 |..8s..O... .....|
00000260 2a 85 9d 77 d9 b3 fb c3 59 2f 00 31 16 b9 34 ad |*..w....Y/.1..4.|
00000270 9e ba b6 f1 19 d3 a1 83 7f 5f cb 09 0d e1 33 a6 |........._....3.|
00000280 1a d5 fd 1d 96 38 90 c0 7b 08 bb 65 88 65 dd e8 |.....8..{..e.e..|
00000290 c4 e2 e4 d8 9d 74 ff f1 30 f2 cf 99 4c 21 03 bb |.....t..0...L!..|
000002a0 c5 14 21 ab c6 3b 83 3d d9 c2 8e 0e a8 47 35 91 |..!..;.=.....G5.|
000002b0 96 9c c8 34 a0 98 8a 63 0d 85 7c 29 55 13 0d 63 |...4...c..|)U..c|
000002c0 c3 67 f6 c9 0f 99 a2 a2 3b 5d 9a 4c ec 28 d2 25 |.g......;].L.(.%|
000002d0 73 52 8b cd 47 e4 3a 53 f4 55 db 55 02 a1 80 81 |sR..G.:S.U.U....|
000002e0 72 74 1e 2b 27 ec 46 c1 d8 76 d9 9a d9 34 6e 49 |rt.+'.F..v...4nI|
000002f0 c9 69 4d 57 b6 eb dd a4 7b 9d 77 3e 59 9b d0 af |.iMW....{.w>Y...|
00000300 09 41 30 8c 3e 2b 57 97 71 84 fc 1a d5 45 59 02 |.A0.>+W.q....EY.|
00000310 03 01 00 01 a3 12 30 10 30 0e 06 03 55 1d 0f 01 |......0.0...U...|
00000320 01 ff 04 04 03 02 07 80 30 0d 06 09 2a 86 48 86 |........0...*.H.|
00000330 f7 0d 01 01 0b 05 00 03 82 02 01 00 9c 77 0e 7f |.............w..|
00000340 8e 57 ba 2d 0e ed fe a7 3e c3 0b 3c fb 09 a0 49 |.W.-....>..<...I|
00000350 30 40 43 9d fe c5 e8 7c b2 df 10 fc 92 91 3f bb |0@C....|......?.|
00000360 d8 85 4d 34 4a f1 61 2c c7 c8 fd 26 f4 25 49 bd |..M4J.a,...&.%I.|
00000370 ba b4 88 d6 b7 4e b0 5e c8 28 f3 75 b4 5d 82 8c |.....N.^.(.u.]..|
00000380 20 6d a7 80 ee 97 5b 7b 38 2b 15 a3 0d a6 70 21 | m....[{8+....p!|
00000390 ca ab ee 52 36 28 9b 00 7a 13 b4 f9 c6 83 c5 78 |...R6(..z......x|
000003a0 8e 1b cf ef 2f 99 0f a3 cc 03 40 bb 2b 4b 8f 25 |..../.....@.+K.%|
000003b0 c4 20 e5 6f 15 69 14 d2 f4 5b e7 d0 f5 06 ef 30 |. .o.i...[.....0|
000003c0 81 c8 be 67 9d 61 51 c5 4a 58 8d 93 88 31 2f c6 |...g.aQ.JX...1/.|
000003d0 30 f1 6b b5 28 3c 89 57 5a 86 f0 99 ab 0e 09 2b |0.k.(<.WZ......+|
000003e0 02 e0 43 a5 0c 67 21 f2 da dd d1 6d dc f5 13 78 |..C..g!....m...x|
000003f0 f6 7a 73 c1 2b c6 77 54 60 91 ef b1 01 b9 9d f0 |.zs.+.wT`.......|
00000400 8e 3a 7a 41 cc 60 5f 29 68 52 dd e1 be 3e 56 24 |.:zA.`_)hR...>V$|
00000410 8e dc d9 1b 62 6e 9b c0 d1 4a aa 91 60 1e cc 10 |....bn...J..`...|
00000420 a6 14 fa 97 58 11 84 53 f6 b9 07 3e 33 f3 9f 61 |....X..S...>3..a|
00000430 13 07 e2 9e ff 41 ae d8 e9 1c 73 c0 17 91 2b f2 |.....A....s...+.|
00000440 d8 de 49 d7 0b 3e 4c c9 57 75 f7 f1 67 dc 54 56 |..I..>L.Wu..g.TV|
00000450 00 43 e6 54 53 68 fc ec fc 27 ce f3 b5 f2 5b ce |.C.TSh...'....[.|
00000460 dd 55 fa 8a 65 4e 9b f1 7e 4b 73 9d c2 49 a0 11 |.U..eN..~Ks..I..|
00000470 25 13 cc 27 d5 0b 41 b0 f3 f9 91 15 1a 7d c3 5a |%..'..A......}.Z|
00000480 46 b2 7c 0a 4d 05 f3 d6 ba a1 68 4a 04 82 ef 31 |F.|.M.....hJ...1|
00000490 7c 5c da a6 74 dd 92 2d b8 05 e4 a6 38 69 fd 22 ||\..t..-....8i."|
000004a0 45 76 a6 98 6c 57 14 9b f4 c2 a4 76 1e 2b 3d 54 |Ev..lW.....v.+=T|
000004b0 ef fb 02 a9 1c 60 ea b5 9f 7d b6 cf cc a8 73 cc |.....`...}....s.|
000004c0 7c 57 91 69 9c 27 39 74 01 1c d0 e6 f5 23 13 65 ||W.i.'9t.....#.e|
000004d0 c2 69 60 16 e3 f2 a8 b1 66 2a f7 50 7d fa ac 53 |.i`.....f*.P}..S|
000004e0 cb 6c 00 79 71 7b e1 ce 08 8b 87 a5 be 39 47 e9 |.l.yq{.......9G.|
000004f0 54 1d 7f 6c a0 1c 96 93 e8 99 f1 b2 0c a6 39 76 |T..l..........9v|
00000500 be 46 65 d0 8f 42 57 8a c0 53 38 f0 a6 18 70 3d |.Fe..BW..S8...p=|
00000510 a8 dd a0 cc e2 45 68 5d dd 34 31 fc b3 68 70 8e |.....Eh].41..hp.|
00000520 5a 31 88 a6 82 e0 3b d8 bb e9 ea ba 01 a6 88 4e |Z1....;........N|
00000530 00 ee 34 ad 60 46 f0 20 6b a1 b1 4b |..4.`F. k..K|
0000053c
from sbctl.
Foxboron
commented on August 14, 2024
This all looks correct to me. Output of sbctl status and sbctl verify. Did you sign the current boot chain?
from sbctl.
demostanis
commented on August 14, 2024
archlinux% sudo sbctl status
[sudo] password for demostanis:
Installed: ✔ Sbctl is installed
Owner GUID: fe9ea98e-d0aa-4575-ac84-a17eb4633c7b
Setup Mode: ✔ Disabled
Secure Boot: ✘ Disabled
archlinux% sudo sbctl verify
Verifying file database and EFI images in /boot...
✔ /boot/EFI/BOOT/BOOTX64.EFI is signed
✔ /boot/EFI/systemd/systemd-bootx64.efi is signed
✔ /boot/vmlinuz-linux-hardened is signed
from sbctl.
Foxboron
commented on August 14, 2024
I'm not sure what the issue is. I need to write some better debug tools in sbctl so we can verify that the efivarfs certificates corresponds to the certificate files. Are you sure there are not any other conflicting options in the firmware options?
Can you run cp /sys/kernel/security/tpm0/binary_bios_measurements ./log.bin && tpm2_eventlog ./log.bin as well?
from sbctl.
demostanis
commented on August 14, 2024
I don't have a /sys/kernel/security/tpm0/binary_bios_measurements file (not even its parent folder) nor a tpm2_eventlog command.
from sbctl.
Foxboron
commented on August 14, 2024
What sort of computer is this? Desktop or laptop? I'm curious if the issue is signed firmware loaded on boot, the rejection of the db key or any of the boot files.
The TPM2 eventlog should record this so if you have a TPM it would be great to look at it :)
from sbctl.
demostanis
commented on August 14, 2024
I am on desktop. I don't think I have a TPM.
from sbctl.
beroal
commented on August 14, 2024
sbctl status:
Setup Mode: ✔ Disabled Secure Boot: ✘ Disabled
In order to enroll a PK, a motherboard should be in the setup mode. Read the README file.
from sbctl.
demostanis
commented on August 14, 2024
I already said I tried both with Setup Mode enabled and disabled (#86 (comment)). It isn't the issue. I am able to enroll keys.
from sbctl.
Foxboron
commented on August 14, 2024
I suspect this is solved with some of the recent documentation we have on properly getting into user mode.
from sbctl.
Related Issues (20)
- Include Target= for linux-firmware HOT 1
- Allow export also in user mode HOT 2
- sbctl skips signing remaining items if one is not found HOT 1
- create-keys fails with "mkdir : no such file or directory" HOT 7
- Pacman hook doesn't work while installing wireless-regdb HOT 1
- Mkinitcpio post hook not included in Arch package HOT 3
- Move code to GitLab or Codeberg HOT 1
- Why does sbctl return "‼ /boot/efi/EFI/systemd/systemd-bootx64.efi does not exist" HOT 1
- Current minimum required go version is at least 1.20 HOT 4
- The point of the create-keys -e and -d options? HOT 2
- `sbctl verify` different output everytime HOT 2
- Enabling Secure Boot with enroll-keys HOT 3
- Automatic signing mkinitcpio post hook not working in latest archlinux package HOT 1
- Mkinitcpio post hook error HOT 4
- In the README the Ubuntu package link is not available, it takes the reader to the OpenSUSE package HOT 3
- Implement sbctl debug HOT 1
- Multiple displays and resolution doesn't work HOT 9
- Cannot re-enroll keys after upgrading system HOT 4
- Kernel removal fails if image file is already removed, resulting in multiple installed kernels on fedora HOT 2
- Unable to make secure boot to work on Surface Go 1st Gen and Arch Linux
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sbctl.