rendaw <7e9wc56emja...@s.rendaw.me> writes: > On 5/3/19 7:17 AM, Marius Bakke wrote: >> It would be great to have UEFI support in the <virtual-machine> record, >> mainly for system tests, but I doubt that is what rendaw is after :-) > > Yeah, ideally I'd like secure boot from the flashed media but failing > that I'd at least like to be moving closer to it (boot without having to > enable legacy boot).
I see. Do you know what is needed to enable secure boot with grub-efi? >> That means you can't just take an operating system hard drive from one >> EFI system to another. > > I'm absolutely not an expert on UEFI, and it's likely I'm > misinterpreting some of the more subtle points you wrote, but do you > have more information on the NVRAM restriction? I've found a fair > amount of references to making secure boot and UEFI capable media (USB > and CD) around the web so I'm surprised it's not possible to make a > portable UEFI image. Wouldn't that make it difficult to install UEFI > bootloaders on blank systems? To clarify: "grub-efi" will not work to make a portable UEFI installation. For that you need "grub-mkstandalone" and place the resulting executable in "/efi/boot/bootx64.efi" on your EFI System Partition, like Guix does for disk images: <https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/build/vm.scm#n399>. It would be nice to make this procedure more generally accessible. Perhaps create a (grub-standalone-bootloader ...) procedure, similar to (grub-efi-bootloader)? Then it can be used to create portable EFI systems straight from your config.scm. Would you like to give it a go?
signature.asc
Description: PGP signature
