I had disabled sometime ago secureboot to get a driver for anbox android emulator working. Now I want to re-enable secureboot. I signed the specific android .ko with kmodsign sha512 using the .priv and .der files in /var/lib/shim-signed/mok/ .
When I re-enabled secureboot in my UEFI settings then try to boot I get an 0x1a error. So I changed the mode to "Audit mode" which seems to be the secure boot check but passes through to boot anyways if it fails, for testing this stuff. its better than the tedium of disabling secure boot, then editing something in Ubuntu, then reboot, re-enable, test, ad-infinitum, etc.
Anyways so as I said, when I try to do a 'mokutil --enable-validation', set a temp password, then reboot, in the blue MOK screen when I try to change secure boot state to enabled, enter the temp password, then I get "Failed to delete secure boot state" then just give up and reboot.
I had disabled sometime ago secureboot to get a driver for anbox android emulator working. Now I want to re-enable secureboot. I signed the specific android .ko with kmodsign sha512 using the .priv and .der files in /var/lib/shim-signed/mok/ .
When I re-enabled secureboot in my UEFI settings then try to boot I get an 0x1a error. So I changed the mode to "Audit mode" which seems to be the secure boot check but passes through to boot anyways if it fails, for testing this stuff. its better than the tedium of disabling secure boot, then editing something in Ubuntu, then reboot, re-enable, test, ad-infinitum, etc.
Anyways so as I said, when I try to do a 'mokutil --enable-validation', set a temp password, then reboot, in the blue MOK screen when I try to change secure boot state to enabled, enter the temp password, then I get "Failed to delete secure boot state" then just give up and reboot.
Here are the outputs of two relevant files:
I had tried mokutil --reset, which seemed to work, and then resetting the db, pk, dbx, kek within my firmware. But I still get similar problem.