|
Hi. I have posted a bug here and
described it .
I reviewed source code and find out the cause:
type "GRUB_FILE_TYPE_CRYPTODISK_ENCRYPTION_KEY" which is defined
in file "grub-core/disk/cryptodisk.c" is not included in
"grub-core/kern/efi/sb.c" in "shim_lock_verifier_init" . because
of that grub will deny loading keyfile and says "error: prohibited
by secure boot policy" . So in order to fix that, we should simply
add two lines of below in switch case statement of the image
attachment:
1 case GRUB_FILE_TYPE_CRYPTODISK_ENCRYPTION_KEY:
2 case GRUB_FILE_TYPE_CRYPTODISK_DETACHED_HEADER:
I've done and built it with this modification and it was OK.
Thanks.
|
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
