I made a disk image of an external HDD (sdb) in Disks a while back and stored it on a partition on another external HDD. After having changed the USB ports for my several different external HDDs over time, I realized that the name associated with the original HDD (sdb) wasn't using the same port as it originally had been, and not really understanding (until now) that the image file is constantly updated, I thought I could just delete the image file, which I did.

When I later ran dmesg -w while doing something else, I got a message that said /dev/mem, /dev/kmem, and one of my ports (can't remember the exact port # at this point) were restricted and referred me to see man kernel_lockdown.7, where I discovered I shouldn't have erased the image file. Everything has been fine otherwise, but there are obviously issues with EFI and Secure Boot mode, now that I've rebooted my system.

Running dmesg after rebooting, I get:

[ 0.000000] Kernel is locked down from EFI Secure Boot mode; see man kernel_lockdown.7

There's a note in the man file that I don't understand:

What do I need to do to fix this problem and put things back in order? Any help would be appreciated.

This message: is not indicating an error. It just indicates that your computer is in secure boot mode. It is generally a good thing that your firmware and boot image can't be tampered with, even if your computer is infected with malware.

It's not clear to me that you have a problem that needs to be fixed. Disk names are not consistent between reboots if you add or remove drives. This is normal. The kernel doesn't change, it just names the drives in the order they are found.

1 members found this post helpful.