grub: remove unneeded lockdown and shim_lock patch

Disabling inside lockdown and shim_lock verifieirs with patch is unneeded,
as there is already a `--disable-shim-lock`[1] option, which should be used
instead.

[1] https://www.gnu.org/software/grub/manual/grub/html_node/UEFI-secure-boot-and-shim.html

Signed-off-by: Piotr Łobacz <[email protected]>

Author: Dvergatal

meta-efi-secure-boot/recipes-bsp/grub/grub-efi-efi-secure-boot.inc

@@ -12,9 +12,8 @@ GRUB_MOKVERIFY_PATCH = " \
     file://0004-support-mok2-verify-in-multiboot2-protocol.patch \
     file://0005-Verify-all-buffiles.patch \
     file://0006-grub-efi-support-passing-a-buffer-to-be-verified.patch \
-    file://0007-kern-efi-init.c-disable-inside-lockdown-and-shim_loc.patch \
-    file://0008-efi-fallback-to-legacy-mode-if-mok2verify-is-loaded.patch \
-    file://0009-mok2verify-remove-unused-parameter-from-grub_efi_mok.patch \
+    file://0007-efi-fallback-to-legacy-mode-if-mok2verify-is-loaded.patch \
+    file://0008-mok2verify-remove-unused-parameter-from-grub_efi_mok.patch \
 "
 
 SRC_URI:append:class-target = " \
@@ -49,6 +48,7 @@ GRUB_SECURE_BUILDIN:append:class-target = " \
   ${GRUB_SELOADER_MODULES} \
   ${GRUB_TPM_MODULES} \
   --sbat ${WORKDIR}/sbat.csv \
+  ${@'--disable-shim-lock' if d.getVar('UEFI_SELOADER') == '1' else ''} \
   "
 
 # Set a default root specifier.