On Wed, 30 Sep 2020 at 11:54, Erich Eickmeyer <er...@ericheickmeyer.com>
wrote:

> On 9/30/2020 8:17 AM, Chris Murphy wrote:
> > On Wed, Sep 30, 2020 at 2:05 AM Marius Schwarz <fedora...@cloud-foo.de>
> wrote:
> >> Hi,
> >>
> >> the livecds from F32 and F33 are suffering from a problem not booting on
> >> Microsoft device(s)
> >>
> >> https://bugzilla.redhat.com/show_bug.cgi?id=1879921
> >> https://bugzilla.redhat.com/show_bug.cgi?id=1883593
> >>
> >> F31 is booting fine, the newer ones not. Looks like a GrubBootloader
> >> issue to me, as not even grub comes up.
> > That suggests the scary region of firmware, hybrid ISO, shim, and boot
> loader.
> >
> > The bug reports have the wrong component set on them, and aren't
> > discrete actionable bug reports. It's just saying "this doesn't work"
> > but the people most likely to figure out what *is* happening are those
> > with this specific hardware.
> >
> >> An instant reset back into the bios happens if a usb boot is tried.
> > Sounds like both a regression and a firmware bug. Maybe we'll be lucky
> > and someone on the list has an idea already. But if not, someone with
> > the hardware will have to do the tedious work of figuring out exactly
> > where it's getting tripped up.
> >
> >
> >> Unfortunatly the assignee is not reacting and i would really miss my
> >> linux surface after upgrading to F32 :D
> > I have no idea what the LiveCD component is, but the bug report
> > contains so little information I also don't know what I'd reassign it
> > to. Asking about it on devel is probably the right thing to do for
> > now.
>
> I can confirm this bug does exist. Attempting to boot on my Surface Pro
> 4 requires secure boot to be momentarily shut-off. SB actually is
> reporting a secure boot violation for whatever reason. I have reason to
> believe that the UEFI files are missing correct signing, or that signing
> needs to be updated.
>
> I have also seen SB failures with my Dell laptop with SB enabled, but
> those are easier to work around than going nuclear on a Surface Pro and
> shutting-off secure boot.
>
> F31 and F32 are unaffected, this appears to have started with F33.
>
>
The Fedora secure boot signing keys were updated after F32 was initially
released to deal with the grub2 problems found during the summer. I believe
some systems have needed firmware updates from the manufacturer to work
with the new key because they worked by white listing the old set, and
don't know how to handle when a new key signed and authorized is presented.
I don't know how the Surface Pro does its firmware updates and if one is
needed.




> --
> Erich Eickmeyer
> Project Leader         Ubuntu Studio
> Maintainer             Fedora Jam
>
> _______________________________________________
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
>


-- 
Stephen J Smoogen.
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

Reply via email to