I am new to grub. I am trying to enable UEFI secure boot from grub. I have decided to use shim to verify kernel's signature. Grub can be verified from UEFI.
I have pulled patches from Ubuntu's grub git repository. Grub uses grub_efi_locate_protocol() function to locate shim, currently it is not able to find shim and returns NULL.
I have following queries:
- Where should I place
shim.efibinary (I have placed it /boot partition) - Where does
grub_efi_system_tablevariable get populated, and how is it used bygrub_efi_locate_protocol?
Thanks
I was able to solve this issue. When shim is executed, it installs shim protocol. Shim protocol is installed only when secure boot is enabled. I was trying to use the shim protocol with no secure boot, so, grub was unable to find shim protocol. A complete explanation of shim is here https://mjg59.dreamwidth.org/19448.html