grub2 fails to insmod keystatus and loadenv when running with secureboot

Bug #1066399 reported by Stéphane Graber on 2012-10-13
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Release Notes for Ubuntu
Undecided
Unassigned
Quantal
High
Unassigned
grub2 (Ubuntu)
High
Colin Watson
Quantal
High
Colin Watson

Bug Description

When booting my laptop (thinkpad x230) on current quantal, I'm getting error messages from grub complaining that keystatus and loadenv couldn't be loaded because secureboot prevented it.

This is then followed by a "Press any key to continue.." message which appears to timeout after 15-30s then booting the machine just fine.

It looks like we need those two modules added to our grub2 signed efi image which should then give me a perfect boot experience.

Stéphane Graber (stgraber) wrote :
Steve Langasek (vorlon) wrote :

The fix for this is straightforward; we just need to include those modules in the secureboot grub images. The question is whether we're comfortable doing so without first auditing them, since Fedora currently aren't including them in their image.

Changed in grub2 (Ubuntu):
status: New → Triaged
importance: Undecided → High
Steve Langasek (vorlon) on 2012-10-14
Changed in grub2 (Ubuntu Quantal):
milestone: none → quantal-updates
Changed in ubuntu-release-notes:
status: New → Invalid
Colin Watson (cjwatson) on 2012-10-15
Changed in grub2 (Ubuntu Quantal):
status: Triaged → In Progress
assignee: nobody → Colin Watson (cjwatson)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package grub2 - 2.00-7ubuntu11

---------------
grub2 (2.00-7ubuntu11) quantal-proposed; urgency=low

  * Fix incorrect initrd minimum address calculation (LP: #1055686).
  * Add keystatus and loadenv to signed image (LP: #1066399).
 -- Colin Watson <email address hidden> Sun, 14 Oct 2012 09:30:55 +0100

Changed in grub2 (Ubuntu Quantal):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers