On Mon, Sep 19, 2022, at 2:45 PM, Robbie Harwood wrote:
The only way to get the TPM state to match not using a particular
loader
is to not use a loader - i.e., have grub2 (or efibootmgr in Fedora
userspace) set EFI BootNext and reboot the machine.
I know systemd-boot does implement bootnext, can modify it in NVRAM. But last I checked
GRUB can't.
I've asked upstream GRUB about supporting bootnext and a reboot, but the discussion
didn't go anywhere. Is there any interest or work happening to make this possible?
Because if not, then it seems the only way forward is efibootmgr, and see if desktops want
to add a GUI wrapper around it.
--
Chris Murphy