diff options
author | Andrew Cady <d@jerkface.net> | 2023-06-17 16:10:18 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2023-06-17 16:21:51 -0400 |
commit | 297d9046b61e9d6695f4f06da260635123f3e3f5 (patch) | |
tree | 438e7fe72f45eb7f788b3fb4b30df000296df472 | |
parent | 0b4c41d1fb932246463e253b93ab312794d7179f (diff) |
"fix" efi booting with disgusting hack and out-of-repo binary
it turns out all that we need to do to make EFI booting
work is to replace the BOOTX64.EFI file that is produced
by GRUB's "grub-install" command with the version of that
file from Ventoy's upstream source of the same file:
<https://github.com/ValdikSS/Super-UEFIinSecureBoot-Disk/>.
Ventoy claims that to be their source here:
<https://github.com/ventoy/Ventoy/blob/master/DOC/BuildVentoyFromSource.txt>
"""
5.10 UEFIinSecureBoot
https://github.com/ValdikSS/Super-UEFIinSecureBoot-Disk/releases
Super-UEFIinSecureBoot-Disk_minimal_v3.zip
unzip it and get Super-UEFIinSecureBoot-Disk_minimal.img, extract the img by 7zip.
INSTALL/EFI/BOOT/BOOTX64.EFI --> EFI/BOOT/BOOTX64.EFI SHA-256:
475552c7476ad45e42344eee8b30d44c264d200ac2468428aa86fc8795fb6e34
"""
That SHA-256 matches what we have downloaded and are using.
I have created a separate repo containing the code that pulls down the
.zip file and extract the BOOTX64.EFI file from it. That code verifies
the SHA-256 hash. It can be added as a sami.git submodule.
This code is not usable without that file generated by that code. This
commit should be amended with a git submodule added with that code too.
-rwxr-xr-x | src/partvi | 30 |
1 files changed, 30 insertions, 0 deletions
@@ -302,6 +302,7 @@ copy_data_to_mounted_target_filesystems() | |||
302 | ;; | 302 | ;; |
303 | efi-system-partition) | 303 | efi-system-partition) |
304 | EFI_DIR=$mnt | 304 | EFI_DIR=$mnt |
305 | $sudo mkdir "$EFI_DIR"/EFI "$EFI_DIR"/EFI/BOOT | ||
305 | ;; | 306 | ;; |
306 | esac | 307 | esac |
307 | } | 308 | } |
@@ -386,3 +387,32 @@ iterate_partitions copy_data_to_mounted_target_filesystems | |||
386 | 387 | ||
387 | time loudly $sudo eatmydata -- grub-install --boot-directory="$BOOT_DIR" "$whole" --target=i386-pc | 388 | time loudly $sudo eatmydata -- grub-install --boot-directory="$BOOT_DIR" "$whole" --target=i386-pc |
388 | time loudly $sudo eatmydata -- grub-install --boot-directory="$BOOT_DIR" "$whole" --target=x86_64-efi --removable --efi-directory="$EFI_DIR" || true | 389 | time loudly $sudo eatmydata -- grub-install --boot-directory="$BOOT_DIR" "$whole" --target=x86_64-efi --removable --efi-directory="$EFI_DIR" || true |
390 | |||
391 | ventoy_efi_dir=../ventoy-EFI-BOOT | ||
392 | valdik_efi_dir=../import-grub-bootx64-efi/3 | ||
393 | if false | ||
394 | then | ||
395 | # Ugly Ventoy hack. Finally got EFI boot working!! | ||
396 | $sudo mv -v "$EFI_DIR"/EFI/BOOT/grubx64.efi "$EFI_DIR"/EFI/BOOT/grub.efi | ||
397 | # Ventoy BOOTX64.EFI boots grub.efi | ||
398 | $sudo cp -v --preserve=timestamps -t "$EFI_DIR"/EFI/BOOT/ -- $ventoy_efi_dir/BOOTX64.EFI | ||
399 | elif true | ||
400 | then | ||
401 | # Same ugly hack but w/ Ventoy's upstream <https://github.com/ValdikSS/Super-UEFIinSecureBoot-Disk> | ||
402 | # Valdik BOOTX64.EFI boots grubx64.efi | ||
403 | $sudo cp -v --preserve=timestamps -t "$EFI_DIR"/EFI/BOOT/ -- $valdik_efi_dir/BOOTX64.EFI | ||
404 | elif false | ||
405 | then | ||
406 | # Same ugly hack but using Ventoy's upstream, valdik. We chain-load valdik's | ||
407 | # second stage with Ventoy's BOOTX64.EFI because valdik's first stage | ||
408 | # doesn't work in versions marked "3-" (older version "3" works). | ||
409 | $sudo cp -v --preserve=timestamps -t "$EFI_DIR"/EFI/BOOT/ -- $ventoy_efi_dir/BOOTX64.EFI | ||
410 | $sudo cp -v --preserve=timestamps -- $valdik_efi_dir/grubx64.efi "$EFI_DIR"/EFI/BOOT/grub.efi | ||
411 | $sudo mv -v "$EFI_DIR"/EFI/BOOT/grubx64.efi "$EFI_DIR"/EFI/BOOT/grubx64_real.efi | ||
412 | elif false | ||
413 | then | ||
414 | # Here is valdik's version 3 working, with its own second stage, and the | ||
415 | # third stage replaced with our grub: | ||
416 | $sudo mv -v "$EFI_DIR"/EFI/BOOT/grubx64.efi "$EFI_DIR"/EFI/BOOT/grubx64_real.efi | ||
417 | $sudo cp -v --preserve=timestamps -t "$EFI_DIR"/EFI/BOOT/ -- $valdik_efi_dir/BOOTX64.EFI $valdik_efi_dir/grubx64.efi | ||
418 | fi | ||