Re: [PATCH v4 RESEND] efi: Do not import certificates from UEFI Secure Boot for T2 Macs

13 Apr 2022


      ...
Both the comment here and the patch description above still needs to be
improved. Perhaps something along these lines.
Checkout v5
...
Secure boot on Apple Macs with a T2 Security chip cannot read either
the EFI variables or the certificates stored in different db's (e.g.
db, dbx, MokListXRT). Attempting to read them causes ...
Avoid reading the EFI variables or the certificates stored in different
dbs. As a result, without certificates secure boot signature
verification fails.
thanks,
Mimi

2024

2023

2022

2021

2020

2019

2018

2017

Re: [PATCH v4 RESEND] efi: Do not import certificates from UEFI Secure Boot for T2 Macs