"grub.efi" has to be a one-size fits all. It is digitally signed at build time, so cannot be adapted to a particular install situation. And there is no "btrfs" subvolume for people not using "btrfs". By contrast, the "grubx64.efi" (which is a copy of "/boot/grub2/x86_64-efi/core.efi" is built at install time as part of installing grub2, so it is adapted to what you need. Yes, I agree that this bug should probably be closed. But I prefer to leave that to someone from the openSUSE development team. Perhaps they need to add a more detailed description as to what that "secure boot support" flag does in Yast bootloader.