Revert "image_signing: skip signing of boot*.efi on reven board". This reverts commit 4200cb21c7f6c79dacee511400c88994bca5cf7f. The reason for revert is because this commit fails to load the secure boot. BUG=b/226099733 TEST=presubmit RELEASE_NOTE=None Change-Id: Id25bd22945a177bc3298162160ef610df5f6a478 Reviewed-on: https://cos-review.googlesource.com/c/third_party/platform/vboot_reference/+/31420 Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com> Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com>

diff --git a/scripts/image_signing/sign_official_build.sh b/scripts/image_signing/sign_official_build.sh
index 98c8610..2f2621d 100755
--- a/scripts/image_signing/sign_official_build.sh
+++ b/scripts/image_signing/sign_official_build.sh

@@ -711,7 +711,6 @@
 # Args: LOOPDEV
 sign_uefi_binaries() {
   local loopdev="$1"
-  local efi_glob="*.efi"
 
   if [[ ! -d "${KEY_DIR}/uefi" ]]; then
     return 0
@@ -728,18 +727,13 @@
   # in the signing repo. This is a temporary fix to unblock reven-release.
   if [[ "${KEY_DIR}" != *"Reven"* ]]; then
     "${SCRIPT_DIR}/install_gsetup_certs.sh" "${esp_dir}" "${KEY_DIR}/uefi"
-  else
-    # b/205145491: the reven board's boot*.efi files are already signed,
-    # change the glob so that they don't get resigned.
-    efi_glob="grub*.efi"
   fi
-  "${SCRIPT_DIR}/sign_uefi.sh" "${esp_dir}" "${KEY_DIR}/uefi" "${efi_glob}"
+  "${SCRIPT_DIR}/sign_uefi.sh" "${esp_dir}" "${KEY_DIR}/uefi"
   sudo umount "${esp_dir}"
 
   local rootfs_dir="$(make_temp_dir)"
   mount_loop_image_partition "${loopdev}" 3 "${rootfs_dir}"
-  "${SCRIPT_DIR}/sign_uefi.sh" "${rootfs_dir}/boot" "${KEY_DIR}/uefi" \
-                               "${efi_glob}"
+  "${SCRIPT_DIR}/sign_uefi.sh" "${rootfs_dir}/boot" "${KEY_DIR}/uefi"
   sudo umount "${rootfs_dir}"
 
   info "Signed UEFI binaries"

diff --git a/scripts/image_signing/sign_uefi.sh b/scripts/image_signing/sign_uefi.sh
index d0f9e51..14c328e 100755
--- a/scripts/image_signing/sign_uefi.sh
+++ b/scripts/image_signing/sign_uefi.sh

@@ -130,8 +130,7 @@
   local working_dir="$(make_temp_dir)"
 
   local efi_file
-  # Leave ${efi_glob} unquoted so that globbing occurs.
-  for efi_file in "${bootloader_dir}"/${efi_glob}; do
+  for efi_file in "${bootloader_dir}"/*.efi; do
     if [[ ! -f "${efi_file}" ]]; then
       continue
     fi