[Bug 1187233] Re: Grub2 fails on ASUS X201E with secure boot is enabled
Steve Langasek
steve.langasek at canonical.com
Tue Jul 9 20:03:26 UTC 2013
Hi Franz,
On Fri, Jul 05, 2013 at 09:07:13AM -0000, Franz Hsieh wrote:
> Please help me check if my steps are correct.
> note: The platform runs Ubuntu-12.04.2 for ASUS image.
> <BOOT the platform to non-secure mode>
> 1. copy LockDown.efi to /boot/efi/ <EFI partition mount point>
> 2. copy shimx64.efi to /boot/efi/EFI/ubuntu/BOOTX64.EFI
> 3. reboot and change to secure mode in BIOS
This step is wrong. After copying LockDown.efi to /boot/efi, you next need
to *boot* LockDown.efi from the firmware while in setup mode. LockDown.efi
handles the process of configuring the firmware's SecureBoot support to
include the key used for signing this shim binary, so that you can do a true
SecureBoot boot with a test binary.
After running LockDown.efi, you should be able to boot shimx64.efi in Secure
Boot mode without a security violation.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shim in Ubuntu.
https://bugs.launchpad.net/bugs/1187233
Title:
Grub2 fails on ASUS X201E with secure boot is enabled
Status in GRand Unified Bootloader:
New
Status in OEM Priority Project:
Confirmed
Status in OEM Priority Project precise series:
New
Status in “shim” package in Ubuntu:
Confirmed
Bug description:
Summery:
I downloaded images from ubuntu.com and use usb-creator-gtk to create bootable usb.
Then use the usb key to boot on my ASUS X201E laptop and it is always failed to boot to OS.
These images are all failed:
ubuntu-12.04.2-desktop-amd64.iso
ubuntu-12.10-desktop-amd64.iso
ubuntu-13.04-desktop-amd64.iso
I also enabled grub2 debug message, and found they all fail on:
loader/i386/efi/linux.c:69: Asking shim to verify kernel signature.
The BIOS revision of ASUS X201E is 209 which can be downloaded from
official ASUS website.
Additionally, Win8 and Fedora-18 can be booted and installed on this
platform.
To manage notifications about this bug go to:
https://bugs.launchpad.net/grub/+bug/1187233/+subscriptions
More information about the foundations-bugs
mailing list