On 03/08/2018 11:50 AM, Hans de Goede wrote: > <somehow this part of the thread was missing some email addresses, I've > added these now> > > Hi, > > On 07-03-18 12:34, Javier Martinez Canillas wrote: <snip> >> Are you also able to read the TPM event logs? >> >> $ hexdump /sys/kernel/security/tpm0/binary_bios_measurements > > Yes for me that outputs a lot of hex :) For me, /sys/kernel/security/tmp0 doesn't exist on 4.15.6 or 4.16 with the patch reverted. >> The UEFI firmware does some measurements and so does shim. So you should >> have some event logs. What version of shim are you using? And also would >> be good to know if it's the same shim version that Jeremy is using. > > That is a very good question, I'm using: shim-ia32-13-0.7.x86_64, which is > the last version for F27 AFAICT. All my tablet has installed is shim-0.8-10.x86_64, no shim-ia32. > > But Jeremy's tablet might very well be not using the shim at all, as > I manually installed Fedora 25 on the tablet he now has, before Fedora > supported > machines with 32 bit EFI. I then later did a "dnf distro-sync" to > Fedora-27. > > Jeremy might also very well still be booting using a grub binary I build > manually back then, without any shim being involved. > > Jeremy what does efibootmgr -v output on your device ? # efibootmgr -v BootCurrent: 0003 Timeout: 4 seconds BootOrder: 0003,0000,0001,2001,2002,2003 Boot0000* Android X64 OS HD(1,GPT,215e6cf3-e97d-4735-9c4e-7338c8f5a645,0x800,0x32000)/File(\EFI\BOOT\bootx64.efi)RC Boot0001* Internal EFI Shell FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(c57ad6b7-0515-40a8-9d21-551652854e37)RCM&". Boot0003* Fedora HD(1,GPT,215e6cf3-e97d-4735-9c4e-7338c8f5a645,0x800,0x32000)/File(\EFI\fedora\grubx64.efi) Boot2001* EFI USB Device RC Boot2002* EFI DVD/CDROM RC Boot2003* EFI Network RC Boot8087* Udm FvVol(a881d567-6cb0-4eee-8435-2e72d33e45b5)/FvFile(9a9ab4c1-ee1b-488b-b300-24544a7bd418) I think you're right about it using the old grub binary. I'm embarrassingly unfamiliar with both UEFI and grub, but I'm guessing you set the location of grub.cfg at compile time? When I boot \EFI\fedora\grubx64.efi, it's pulling the grub.cfg from \EFI\redhat\grub.cfg. Regards, Jeremy
