first boot after "TPM" install of mantic-desktop-canary-amd64.iso fails

This was fixed by https://github.com/snapcore/core-initrd/pull/201 , but a new kernel snap needs to pick up the fix from https://launchpad.net/~snappy-dev/+archive/ubuntu/image/+packages?field.name_filter=&field.status_filter=published&field.series_filter=mantic.

There is in-progress build of v6.4 kernel which should include pc-kernel snap builds.

In mantic, kernel team has added the ability to produce self-signed kernel snaps, out of kernel team's build ppas, prior to completing secureboot verification and thus prior to the production secureboot signing.

The respin of a v6.4 kernel abi is now ready for amd64 in the stream2 build ppa, and a kernel snap is available for testing.

It is signed with the self-signed kernel team unstable secureboot certificate from https://ppa.launchpadcontent.net/canonical-kernel-team/unstable/ubuntu/dists/mantic/main/signed/linux-generate-amd64/6.4.0-2.2/signed.tar.gz

Please enroll that into DB prior to attempting installation.

Please use revision 1386 of pc-kernel, version 6.4.0.2.2 to verify if this issue is resolved. It is accessible from the following global store channel 23.10/edge/stream2 but also via manual inclusion (snap refresh --revision 1386 available publically, snap download --revision 1386 pc-kernel, or fetchable from launchpad librarian at https://launchpad.net/~canonical-kernel-snaps/+snap/mantic--linux--pc-kernel--edge--2/+build/2204108 )

This kernel snap was built using ubuntu-core-initramfs amd64 66+284+202308102031~ubuntu23.10.1 & snapd snapd 2.60.2+23.10.

Rev 1386 of pc-kernel, plus the cert in the DB, looks like enough to solve this issue.
Attached is the procedure for updating for ISO for the above pc-kernel (more or less, I ran it in parts and threw this together, so the script might need tweaks)

I'm closing this issue. 20230822.1 boots both on VM and HW even if there are missing modules and firmware.