Comment 0 for bug 1877089

I installed Ubuntu 20.04 on IBM z15 with secure=1 in zipl conf.
System can be secure booted, /sys/firmware/ipl/secure shows "1".
I prepared zfcp dump disk as described in LTC bug 185713.
Stopped the system and performed a SCSI dump with "Enable Secure Boot for Linux" enabled.

Operating System Messages on HMC:
Preparing system.
Starting system.
System version 8.
Watchdog enabled.
Running 'ZBootLoader' version '1.0.0' level 'D41C.D41C_0014'.
ZBootLoader 2.1.0.
MLOLOA6269064E Secure IPL: There are no signed components available on device HB
A=0.0.1800, WWPN=500507630309D327, LUN=4046400900000000.
IPL failed.

Without "Enable Secure Boot for Linux" the dump kernel was IPLed and a dump created.

Then I tried to rewrite the zfcp dump kernel with explicite setting of --secure=1:
root@t35lp25:~# zipl --secure=1 -d /dev/disk/by-id/scsi-36005076303ffd3270000000000004609-part1
Building bootmap directly on partition '/dev/disk/by-id/scsi-36005076303ffd3270000000000004609-part1'
Adding dump section
  initial ramdisk...: /lib/s390-tools/zfcpdump/zfcpdump-initrd
  kernel image......: /lib/s390-tools/zfcpdump/zfcpdump-image
  kernel parmline...: 'root=/dev/ram0 dump_mem=1 possible_cpus=1 cgroup_disable=memory '
  component address:
    heap area.......: 0x00002000-0x00005fff
    stack area......: 0x0000f000-0x0000ffff
    internal loader.: 0x0000a000-0x0000dfff
    parameters......: 0x00009000-0x000091ff
    kernel image....: 0x00010000-0x001b9fff
    parmline........: 0x001ba000-0x001ba1ff
    initial ramdisk.: 0x001c0000-0x0020edff
Preparing boot device: sde.
Done.

...and tried to SCSI dump this device again. But the same failure occured.
Again, without "Enable Secure Boot for Linux" the dump kernel was IPLed and a dump created.