Re: GRUB can't chainload Windows under Secure Boot

Fri, 09 Dec 2016 04:12:08 -0800 

Il 09/12/2016 04:41, Andrei Borzenkov ha scritto:
> 
> Well, normal grub-install knows nothing about loader.efi. So probably
> now is your turn to explain what you did exactly.
> 

So, my full GRUB setup can be summarized with the following steps:
1. install the needed packages with
$ yaourt -S grub preloader-signed
2. mount EFI partition at /boot/efi and set it up in fstab
3. install grub with
$ grub-install --target=x86_64-efi --efi-directory=/boot/efi
--bootloader-id=ArchGrub
4. Add the needed PreLoader and HashTool where needed
$ cp /usr/share/preloader-signed/*.efi /boot/efi/EFI/ArchGrub
5. Copy GRUB to be called 'loader.efi' as PreLoader wants
$ cp /boot/efi/EFI/ArchGrub/grubx64.efi /boot/efi/EFI/ArchGrub/loader.efi
6. Add the needed UEFI entry with efibootmgr
efibootmgr --disk /dev/sda --part 1 --create --label "SecureGrub"
--loader /EFI/ArchGrub/PreLoader.efi
7. Boot with Secure Boot ON; PreLoader will fail to load GRUB, so
HashTool will be executed. I've then enrolled 'loader.efi' and I was
able to start GRUB under Secure Boot and also every other Linux OS.

A note: I've added a custom target for GRUB so that it could chainload
HashTool directly... But it isn't working. So I suppose something is
wrong with the chainloader command... maybe. As I said, I am not an
expert of GRUB.

> Edit grub-core/loader/efi/chainloader.c, print EFI status when loading
> fails, then we at least know why it fails. This is in function
> grub_cmd_chainloader, after call to b->load_image.
> 
>   status = efi_call_6 (b->load_image, 0, grub_efi_image_handle, file_path,
>                        boot_image, size,
>                        &image_handle);
>   if (status != GRUB_EFI_SUCCESS)
>     {
>       if (status == GRUB_EFI_OUT_OF_RESOURCES)
>         grub_error (GRUB_ERR_OUT_OF_MEMORY, "out of resources");
>       else
>         grub_error (GRUB_ERR_BAD_OS, "cannot load image");
> 
>       goto fail;
>     }
> 
> Change to
> 
> grub_error (GRUB_ERROR_BAD_OS, "cannot load image: %08x", status)
> 

OK! I will made this change and build it.
Then I will provide you feedback on boot attempt!

-- 
Giovanni Santini
My blog: http://giovannisantini.tk
My code: https://git{hub,lab}.com/ItachiSan
My GPG: 2FADEBF5

_______________________________________________
Help-grub mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/help-grub

Reply via email to