Hello, a question came up in this github issue: https://github.com/systemd/systemd/issues/35202
Is there a way to exclude the grubenv file from the PCR measurements, or to tell GRUB not to modify that file? It seems the grubenv file occasionally changes on boot beyond user's control, which makes it unsuitable for adding its digest in the PCR 9. An option should be added to make it possible. Also please explain the circumstances that can trigger a modification of the grubenv file. Many thanks, Lars
