I made a disk image of an external HDD (sdb) in Disks a while back and stored it on a partition on another external HDD. After having changed the USB ports for my several different external HDDs over time, I realized that the name associated with the original HDD (sdb) wasn't using the same port as it originally had been, and not really understanding (until now) that the image file is constantly updated, I thought I could just delete the image file, which I did.
When I later ran dmesg -w while doing something else, I got a message that said /dev/mem, /dev/kmem, and one of my ports (can't remember the exact port # at this point) were restricted and referred me to see man kernel_lockdown.7, where I discovered I shouldn't have erased the image file. Everything has been fine otherwise, but there are obviously issues with EFI and Secure Boot mode, now that I've rebooted my system.
Running dmesg after rebooting, I get:
[ 0.000000] Kernel is locked down from EFI Secure Boot mode; see man kernel_lockdown.7
There's a note in the man file that I don't understand:
Quote:
NOTES
The Kernel Lockdown feature is enabled by CONFIG_SECURITY_LOCKDOWN_LSM. The lsm=lsm1,...,lsmN command line parameter
controls the sequence of the initialization of Linux Security Modules. It must contain the string lockdown to enable
the Kernel Lockdown feature. If the command line parameter is not specified, the initialization falls back to the value
of the deprecated security= command line parameter and further to the value of CONFIG_LSM.
|
What do I need to do to fix this problem and put things back in order? Any help would be appreciated.