Public bug reported: This still needs to be verified, but I have a strong hunch that this is a bug...
Please see final comments on https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/2078307 What is likely happening is that shim does not export MokPolicy when Secure Boot is disabled, thus GRUB decides that it must always enforce NX. It might be a more sensible default to never enforce NX if Secure Boot is off. The only obvious impact right now is Windows chainloading from GRUB when Secure Boot is disabled. ** Affects: grub2 (Ubuntu) Importance: Undecided Status: New ** Description changed: This still needs to be verified, but I have a strong hunch that this is a bug... - Please see comments on + Please see final comments on https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/2078307 What is likely happening is that shim does not export MokPolicy when Secure Boot is disabled, thus GRUB decides that it must always enforce NX. It might be a more sensible default to never enforce NX if Secure Boot is off. ** Description changed: This still needs to be verified, but I have a strong hunch that this is a bug... Please see final comments on https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/2078307 What is likely happening is that shim does not export MokPolicy when Secure Boot is disabled, thus GRUB decides that it must always enforce NX. It might be a more sensible default to never enforce NX if Secure Boot is off. + + The only obvious impact right now is Windows chainloading from GRUB when + Secure Boot is disabled. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2084104 Title: UEFI GRUB2 enforces NX even with a non-NX shim when Secure Boot is disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/2084104/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs