On Tue, Apr 28, 2015 at 2:34 PM, Plamen K. Kosseff <[email protected]> wrote: > Hi Andrei, > > На 28.04.2015 в 12:26, Andrei Borzenkov написа: >> On Tue, Apr 28, 2015 at 11:55 AM, Plamen K. Kosseff <[email protected]> >> wrote: >>> Gentoo doesn't support Shim. Their view on the matter is that you should >>> boot the kernel directly and rely on the >>> firmware to provide boot loader functionality, however I have a very "nice" >>> implementation of UEFI from HP that >>> will always boot windows and will override changes in the boot order on >>> every boot. >>> >> Well, you could try to use chainloader then. It will simply load >> kernel and let firmware to verify it. > Well the possibility to load any kernel will still exist
You misunderstand. Chainloader is using EFI API to load image. So your firmware will verify signature, just like it does it for grub. Using "linux" loader in grub is different. Here grub directly reads in memory and transfers control to kernel binary, bypassing EFI firmware. > > Is it possible to patch out everything else and just leave the chainloader? If you generate image that does not have filesystem driver for a /boot/grub (i.e. where grub modules are located) you are restricted to only those commands and functionalilty that are included in image _______________________________________________ Help-grub mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-grub
