disk: modify tpm-fde job wording

Additional testing with TPM-enabled full disk encryption shows that something as simple as switching Secure Boot on/off in the BIOS is enough to change the TPM state and therefore to prevent the device from booting.
author: Pierre Equoy <pierre.equoy@canonical.com> 2019-10-09 11:29:20 +0800
committer: Pierre Equoy <pierre.equoy@canonical.com> 2019-10-09 11:29:20 +0800
commit: 0cccbd1e0e2eb5a7de99f066ec15c700c9c6cf76 (patch)
tree: 3ac8b4f19df40916f69452244c943d9332975f9f
parent: b89db3f9329f9f2dc61298577571d964a67838cd (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/units/disk/encryption.pxu b/units/disk/encryption.pxu
index dea0637..b805a37 100644
--- a/units/disk/encryption.pxu
+++ b/units/disk/encryption.pxu
@@ -38,11 +38,11 @@ _purpose:
 partition.
 _steps:
 1. Install the image and make sure it boots and you can log in.
- 2. Turn the device off and upgrade/downgrade the BIOS
+ 2. Turn the device off and upgrade/downgrade the BIOS or modify Secure Boot state
 3. Make sure the BIOS is set up properly (e.g. TPM enabled, UEFI boot mode)
 4. Start the device
 _verification:
 Mark this test as "Passed" if the device cannot boot anymore.
- Note: You must flash the BIOS back to the latest version and re-install the
- image afterwards.
+ Note: You must flash the BIOS back to the latest version, re-enable Secure Boot
+ and re-install the image afterwards.
author	Pierre Equoy <pierre.equoy@canonical.com>	2019-10-09 11:29:20 +0800
committer	Pierre Equoy <pierre.equoy@canonical.com>	2019-10-09 11:29:20 +0800
commit	0cccbd1e0e2eb5a7de99f066ec15c700c9c6cf76 (patch)
tree	3ac8b4f19df40916f69452244c943d9332975f9f
parent	b89db3f9329f9f2dc61298577571d964a67838cd (diff)