From ec114b23852623cdcabbee236d4c925ee2921670 Mon Sep 17 00:00:00 2001 From: Tim Crawford Date: Tue, 24 Jan 2023 10:41:01 -0700 Subject: [PATCH] edk2: Enable Secure Boot support This enables *support* for Secure Boot. It is not recommended to enable Secure Boot. There is no firmware UI for managing the state or keys. The system will default to disabled in Setup Mode: $ mokutil --sb-state SecureBoot disabled Platform is in Setup Mode This is sufficient to install Windows 11. Signed-off-by: Tim Crawford --- CHANGELOG.md | 4 ++++ models/addw1/edk2.config | 2 +- models/addw2/edk2.config | 2 +- models/addw3/edk2.config | 2 +- models/bonw14/edk2.config | 2 +- models/darp5/edk2.config | 2 +- models/darp6/edk2.config | 2 +- models/darp7/edk2.config | 2 +- models/darp8/edk2.config | 2 +- models/galp2/edk2.config | 2 +- models/galp3-b/edk2.config | 2 +- models/galp3-c/edk2.config | 2 +- models/galp3/edk2.config | 2 +- models/galp4/edk2.config | 2 +- models/galp5/edk2.config | 2 +- models/galp6/edk2.config | 2 +- models/gaze14_1650/edk2.config | 2 +- models/gaze14_1660ti/edk2.config | 2 +- models/gaze15/edk2.config | 2 +- models/gaze16-3050/edk2.config | 2 +- models/gaze16-3060-b/edk2.config | 2 +- models/gaze16-3060/edk2.config | 2 +- models/gaze17-3050/edk2.config | 2 +- models/gaze17-3060-b/edk2.config | 2 +- models/lemp10/edk2.config | 2 +- models/lemp11/edk2.config | 2 +- models/lemp9/edk2.config | 2 +- models/oryp10/edk2.config | 2 +- models/oryp11/edk2.config | 2 +- models/oryp5/edk2.config | 2 +- models/oryp6/edk2.config | 2 +- models/oryp7/edk2.config | 2 +- models/oryp8/edk2.config | 2 +- models/oryp9/edk2.config | 2 +- models/qemu/edk2.config | 2 +- models/serw13/edk2.config | 2 +- 36 files changed, 39 insertions(+), 35 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index aedea13..7e390e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ Changes are identified by the date of the released firmware including them. If you are running System76 Open Firmware, opening the boot menu will show this date followed by an underscore and a short git revision. +## unreleased + +- Enabled support for Secure Boot + ## 2022-11-21 - lemp11: Added workaround to force S0ix entry on suspend diff --git a/models/addw1/edk2.config b/models/addw1/edk2.config index 28b2a3c..b237808 100644 --- a/models/addw1/edk2.config +++ b/models/addw1/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/addw2/edk2.config b/models/addw2/edk2.config index 28b2a3c..b237808 100644 --- a/models/addw2/edk2.config +++ b/models/addw2/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/addw3/edk2.config b/models/addw3/edk2.config index 28b2a3c..b237808 100644 --- a/models/addw3/edk2.config +++ b/models/addw3/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/bonw14/edk2.config b/models/bonw14/edk2.config index 28b2a3c..b237808 100644 --- a/models/bonw14/edk2.config +++ b/models/bonw14/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/darp5/edk2.config b/models/darp5/edk2.config index 28b2a3c..b237808 100644 --- a/models/darp5/edk2.config +++ b/models/darp5/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/darp6/edk2.config b/models/darp6/edk2.config index 28b2a3c..b237808 100644 --- a/models/darp6/edk2.config +++ b/models/darp6/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/darp7/edk2.config b/models/darp7/edk2.config index 28b2a3c..b237808 100644 --- a/models/darp7/edk2.config +++ b/models/darp7/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/darp8/edk2.config b/models/darp8/edk2.config index 28b2a3c..b237808 100644 --- a/models/darp8/edk2.config +++ b/models/darp8/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/galp2/edk2.config b/models/galp2/edk2.config index 28b2a3c..b237808 100644 --- a/models/galp2/edk2.config +++ b/models/galp2/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/galp3-b/edk2.config b/models/galp3-b/edk2.config index 28b2a3c..b237808 100644 --- a/models/galp3-b/edk2.config +++ b/models/galp3-b/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/galp3-c/edk2.config b/models/galp3-c/edk2.config index 28b2a3c..b237808 100644 --- a/models/galp3-c/edk2.config +++ b/models/galp3-c/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/galp3/edk2.config b/models/galp3/edk2.config index 28b2a3c..b237808 100644 --- a/models/galp3/edk2.config +++ b/models/galp3/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/galp4/edk2.config b/models/galp4/edk2.config index 28b2a3c..b237808 100644 --- a/models/galp4/edk2.config +++ b/models/galp4/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/galp5/edk2.config b/models/galp5/edk2.config index 28b2a3c..b237808 100644 --- a/models/galp5/edk2.config +++ b/models/galp5/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/galp6/edk2.config b/models/galp6/edk2.config index 28b2a3c..b237808 100644 --- a/models/galp6/edk2.config +++ b/models/galp6/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze14_1650/edk2.config b/models/gaze14_1650/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze14_1650/edk2.config +++ b/models/gaze14_1650/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze14_1660ti/edk2.config b/models/gaze14_1660ti/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze14_1660ti/edk2.config +++ b/models/gaze14_1660ti/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze15/edk2.config b/models/gaze15/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze15/edk2.config +++ b/models/gaze15/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze16-3050/edk2.config b/models/gaze16-3050/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze16-3050/edk2.config +++ b/models/gaze16-3050/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze16-3060-b/edk2.config b/models/gaze16-3060-b/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze16-3060-b/edk2.config +++ b/models/gaze16-3060-b/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze16-3060/edk2.config b/models/gaze16-3060/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze16-3060/edk2.config +++ b/models/gaze16-3060/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze17-3050/edk2.config b/models/gaze17-3050/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze17-3050/edk2.config +++ b/models/gaze17-3050/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/gaze17-3060-b/edk2.config b/models/gaze17-3060-b/edk2.config index 28b2a3c..b237808 100644 --- a/models/gaze17-3060-b/edk2.config +++ b/models/gaze17-3060-b/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/lemp10/edk2.config b/models/lemp10/edk2.config index 28b2a3c..b237808 100644 --- a/models/lemp10/edk2.config +++ b/models/lemp10/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/lemp11/edk2.config b/models/lemp11/edk2.config index 28b2a3c..b237808 100644 --- a/models/lemp11/edk2.config +++ b/models/lemp11/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/lemp9/edk2.config b/models/lemp9/edk2.config index 28b2a3c..b237808 100644 --- a/models/lemp9/edk2.config +++ b/models/lemp9/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/oryp10/edk2.config b/models/oryp10/edk2.config index 28b2a3c..b237808 100644 --- a/models/oryp10/edk2.config +++ b/models/oryp10/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/oryp11/edk2.config b/models/oryp11/edk2.config index 28b2a3c..b237808 100644 --- a/models/oryp11/edk2.config +++ b/models/oryp11/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/oryp5/edk2.config b/models/oryp5/edk2.config index 28b2a3c..b237808 100644 --- a/models/oryp5/edk2.config +++ b/models/oryp5/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/oryp6/edk2.config b/models/oryp6/edk2.config index 28b2a3c..b237808 100644 --- a/models/oryp6/edk2.config +++ b/models/oryp6/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/oryp7/edk2.config b/models/oryp7/edk2.config index 28b2a3c..b237808 100644 --- a/models/oryp7/edk2.config +++ b/models/oryp7/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/oryp8/edk2.config b/models/oryp8/edk2.config index 28b2a3c..b237808 100644 --- a/models/oryp8/edk2.config +++ b/models/oryp8/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/oryp9/edk2.config b/models/oryp9/edk2.config index 28b2a3c..b237808 100644 --- a/models/oryp9/edk2.config +++ b/models/oryp9/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/qemu/edk2.config b/models/qemu/edk2.config index 3b24613..e72d944 100644 --- a/models/qemu/edk2.config +++ b/models/qemu/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE diff --git a/models/serw13/edk2.config b/models/serw13/edk2.config index 28b2a3c..b237808 100644 --- a/models/serw13/edk2.config +++ b/models/serw13/edk2.config @@ -2,7 +2,7 @@ BOOTLOADER=COREBOOT DISABLE_SERIAL_TERMINAL=TRUE PLATFORM_BOOT_TIMEOUT=2 PS2_KEYBOARD_ENABLE=TRUE -#SECURE_BOOT_ENABLE=TRUE +SECURE_BOOT_ENABLE=TRUE SERIAL_DRIVER_ENABLE=FALSE SHELL_TYPE=NONE TPM_ENABLE=TRUE