[mjg59]

You can never really trust a system's assertion about its Secure Boot state, so refusing to run when Secure Boot appears to be disabled would be more of a feel-good approach than anything else. You really need a measured boot process here, and if you have that then Secure Boot's not buying you a great deal in this case.

[ossreality]

Don't you need SecureBoot to start the process of the measured boot?

[mjg59]

No, Secure Boot only comes into play at the point where the firmware starts executing external code (option ROMs or bootloaders). You need to start measurement way before that.