08.12.2016 18:50, Giovanni Santini пишет: > Il 08/12/2016 15:05, Andrei Borzenkov ha scritto: >> >> Well, I do not know about Arch, but Ubuntu is using patch similar to >> openSUSE, which means - it REQUIRES shim. Patch replaces default >> chainloader command with one that calls shim and fails if it cannot do >> it. It should have provided additional one, chainloaderefi similar to >> linuxefi, instead. >> > > I see... > From what I know, shim is not provided by ArchLinux. The suggested way > for Secure Boot is to use Linux Foundation PreLoader and HashTool. > From our discussion, I understood that using PreLoader doesn't involve > running it again. > So, the only needed thing to fix is the 'chainloader' command so that it > can read UEFI binaries even under Secure Boot (or provide a new one like > 'chainloaderefi'), if I understood correctly.
If you are using Linux Foundation chainloader I expect normal GRUB chainloader command to work. Do you have pointers to preloader binary you are using? I am actually interested in testing it as alternate way of providing secure boot support in GRUB. > Not sure else how to make PreLoader load other UEFI files else, as it > tries automatically to load the binary called 'loader.efi'. > You should only need to load main GRUB binary. Do you have pointers to Arch package and patches it uses? _______________________________________________ Help-grub mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-grub
