Bug#1019192: Pile of error messages from certs subsystem on boot
For reference, I'm seeing the same error messages (but only 4 of them)
on an ASUS Z87-PRO (UEFI secure boot enabled) with current Debian
testing (starting with 5.19.6-1, but also with 5.19.11-1).
The best explanation I could find is a post in a Lenovo forum
https://forums.lenovo.com/topic/findpost/15028/5166897/5733178
So, it seems to happen if you have
(a) Duplicate entries in the efi dbx revocation list
(b) Linux kernel 5.19
I checked that out on my system:
[0]$ dbxtool -l | awk '{ print $4 }' | sort | wc -l
278
[0]$ dbxtool -l | awk '{ print $4 }' | sort | uniq | wc -l
274
Indeed, 4 duplicates in dbx, and therefore 4 error messages!
Personally, I think the error messages are a little bit "over the top"
in that particular case. A warning such as "You have ... duplicates in
the efi dbx revocation list" may be enough. I would not know, how to
repair this with a pre-historic BIOS, anyway.
Regards, Klaus
Reply to: