[Bug 1845289] Re: Grub EFI amd64 no longer start EFI/Microsoft/Boot/bootmgfw.efi

Tue Oct 29 00:39:37 UTC 2019

Take a look at this diff between disco and eoan:

--- grub2-2.02+dfsg1/grub-core/loader/efi/linux.c	2019-10-29 00:23:53.000000000 +0000
+++ grub2-2.04/grub-core/loader/efi/linux.c	2019-10-29 00:10:44.000000000 +0000
@@ -23,6 +23,7 @@
 #include <grub/efi/efi.h>
 #include <grub/efi/pe32.h>
 #include <grub/efi/linux.h>
+#include <grub/efi/sb.h>

 #define SHIM_LOCK_GUID \
  { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} }
@@ -40,6 +41,13 @@
   grub_efi_shim_lock_t *shim_lock;
   int status;

+  if (! grub_efi_secure_boot())
+    {
+      grub_dprintf ("linuxefi", "secure boot not enabled, not validating");
+      return 1;
+    }
+
+  grub_dprintf ("linuxefi", "Locating shim protocol\n");
   shim_lock = grub_efi_locate_protocol(&guid, NULL);
   grub_dprintf ("secureboot", "shim_lock: %p\n", shim_lock);
   if (!shim_lock)

if grub_efi_secure_boot() returns 0 then grub_linuxefi_secure_validate()
prints "secure boot not enabled" but returns 1? Doesn't sound right.
Should return 0 I guess?

And if grub_linuxefi_secure_validate() returns 1 then this chainloader
code switches to secureboot:

  rc = grub_linuxefi_secure_validate((void *)((grub_addr_t) address), fsize);
  grub_dprintf ("chain", "linuxefi_secure_validate: %d\n", rc);
  if (rc > 0)
    {
      grub_file_close (file);
      grub_loader_set (grub_secureboot_chainloader_boot,
		       grub_secureboot_chainloader_unload, 0);
      return 0;
    }
  else if (rc == 0)
    {
      grub_load_and_start_image(boot_image);
      grub_file_close (file);
      grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 0);

      return 0;
    }

resulting in trying to secure boot windows efi image instead of just
calling grub_load_and_start_image().

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/1845289

Title:
  Grub EFI amd64 no longer start EFI/Microsoft/Boot/bootmgfw.efi

Status in grub2 package in Ubuntu:
  Confirmed
Status in grub2 source package in Eoan:
  Confirmed

Bug description:
  On a dual boot computer with Windows 10 Pro and Ubuntu 19.10, since a
  month, Grub was unable to boot Windows 10. Hitting the Windows entry
  line give me a 0.1s black screen and get me back to Grub Menu.

  sudo update-grub give me :

  Sourcing file `/etc/default/grub'
  Sourcing file `/etc/default/grub.d/init-select.cfg'
  Generating grub configuration file ...
  Found linux image: /boot/vmlinuz-5.3.0-10-generic
  Found initrd image: /boot/initrd.img-5.3.0-10-generic
  Found Windows Boot Manager on /dev/sda1@/EFI/Microsoft/Boot/bootmgfw.efi
  Adding boot menu entry for EFI firmware configuration
  done

  ProblemType: Bug
  DistroRelease: Ubuntu 19.10
  Package: grub-efi-amd64 2.04-1ubuntu5
  ProcVersionSignature: Ubuntu 5.3.0-10.11-generic 5.3.0-rc8
  Uname: Linux 5.3.0-10-generic x86_64
  ApportVersion: 2.20.11-0ubuntu7
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Sep 25 08:01:05 2019
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=fr_FR.UTF-8
   SHELL=/bin/bash
  SourcePackage: grub2
  UpgradeStatus: Upgraded to eoan on 2018-11-14 (314 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1845289/+subscriptions

