TBH, I don’t know much about secure boot, except how to turn it off. It’s something I definitely don’t use.
Mine is 2011 … I just missed out on secure boot, but I have UEFI.
So no manufacturer is brave enough to omit secure boot and manufacture only for Linux.
The name 'Secure boot ’ is misleading. It is not an effective security measure and it is not an effective anti-linux dèvice. It is just a failed corporate push that has become a nuisance. Some say that it was started because software security had failed so they migrated the problem to hardware. … so it is a side effect of the ineffectiveness of software security?