TPM-backed encryption bootloader is not registered in UEFI boot menu
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ubuntu-desktop-provision |
New
|
Undecided
|
Unassigned | ||
Bug Description
When installing with TPM-backed encryption, the bootloader is not registered in UEFI boot menu. Typically it is "ubuntu", but no entry has been created the many times I installed and tried the final Ubuntu 24.04.0 images.
---
- No boot menu entry is created
- Selecting to boot from the drive gives `/EndEntire` twice (at first I interpreted that as an error message)
- Then boots successfully to GDM
- After rebooting there is still no boot menu entry
- I'm not sure if this is specific to Fedora/RHEL (and Windows?), but my expectation is that when I select to boot from the drive (with the fallback loader), a new boot menu entry should be created
---
Two laptops are currently affected, a Thinkpad T580 and Thinkpad P14s Gen 1. I'm looking forward to test and migrate other machines as soon as I have time and TPM chips are in the mail. I also have a T530, but that is not supported because it only has a TPM 1.x chip. Installing Ubuntu 24.04 with other partitioning and encryption options worked without problems.
Since I'm also trying out the autoinstall functionality I have included this command as a late-command:
sudo efibootmgr --create --disk /dev/nvme0n1 --part 1 --label "Ubuntu" --loader '\EFI\boot\
This works, so I assume the command does not get executed by the installer, or there is some error in the logs which I can't find.
For readers who boot from the first SATA drive this command should be used:
sudo efibootmgr --create --disk /dev/sda --part 1 --label "Ubuntu" --loader '\EFI\boot\
