mirror of
https://github.com/siderolabs/talos.git
synced 2025-12-24 19:01:56 +01:00
ddc690d739
Fixes #8995 There is no security impact, as the actual SecureBoot state/configuration is measured into the PCR 7 and the disk encryption key unsealing is tied to this value. This is more to provide a way to avoid accidentally encrypting to the TPM while SecureBoot is not enabled. Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com> (cherry picked from commit cf5effabb209fb570f59ba305bdab0b6409c7b93)