UEFI update prompt from System 76

Psimon · March 8, 2025, 5:59am

Hello all,

I have been using a Lenovo Ideapad 3 (Lick) with Coreboot and PopOS installed for a couple of years without issue (it runs much better than my more powerful Windows PC I use for work).

I recently received a prompt to update system firmware UEFI dbx, however I wonder if I should proceed as I originally flashed the firmware from MrChromebox guide and I would not wish to damage my system,

Would greatly appreciate any advice on whether to proceed or not, and if not, how would I disable the constant reminders?

Lenovo Ideapad 3 (Lick), Intel (R) Celeron (R) N4020 CPU @ 1.10GHZ 4096MB RAM

Thank you,
Simon

tony1x1 · March 9, 2025, 5:23pm

Can’t really advise you on this, but you may find the update won’t actually install, a few of us have had issues with it. See this thread here… https://forum.chrultrabook.com/t/ultramarine-linux-error-updating-secureboot-dbx/3651

MrChromebox · March 9, 2025, 5:38pm

the UEFI secureboot revocation database (DBX) is an updatable component of the UEFI firmware that tells secureboot what signed EFI executables not to trust anymore. It’s designed to be updated independently of the main firmware, but MrChromebox firmware does not support this feature at the current time. You can ignore for now and the next MrChromebox update will include an updated DBX.

Psimon · March 10, 2025, 1:57am

Understood, and thank you. Do you know of any way to disable the notification to apply the DBX update?

MrChromebox · March 10, 2025, 2:02am

not offhand unfortunately. How often are you seeing it?

Psimon · March 10, 2025, 2:06am

All the time ha ha. Not a big deal, a minor annoyance I can live with. But I will ask on a related PopOS forum, thanks.
Simon