If you use the -m flag with enroll-keys, won't that also load the MS keys, which the Nvidia firmware should be signed by, allowing verification to pass?
Probably. There's also a Lenovo key in there, I believe, which sbctl probably doesn't know about.
My laptop is out of warranty and I'm not interested in starting a legal battle should the firmware bug persist and soft brick the motherboard, so I'm not going to try it.
jeroenhd|7 months ago
My laptop is out of warranty and I'm not interested in starting a legal battle should the firmware bug persist and soft brick the motherboard, so I'm not going to try it.