-0.5.0 (12/?/2012):
+0.5.1 (??/??/201?):
+-------------------
+
+- Implemented a workaround to enable ELILO to launch with Secure Boot
+ active: Pass a "-C \path\to\elilo\elilo.conf" option to the program.
+ The user will need to explicitly provide the path to the Linux kernel and
+ initrd, not rely on the program to be able to read the files from the
+ current directory. In elilo.conf, the path should be specified with
+ forward slashes or doubled-up backslashes.
+
+0.5.0 (12/6/2012):
------------------
- Added the ability to include quote marks ('"') in refind.conf and
href="mailto:rodsmith@rodsbooks.com">rodsmith@rodsbooks.com</a></p>
<p>Originally written: 11/13/2012; last Web page update:
-12/6/2012, referencing rEFInd 0.5.0</p>
+12/8/2012, referencing rEFInd 0.5.0.1</p>
<p>I'm a technical writer and consultant specializing in Linux technologies. This Web page is provided free of charge and with no annoying outside ads; however, I did take time to prepare it, and Web hosting does cost money. If you find this Web page useful, please consider making a small donation to help keep this site up and running. Thanks!</p>
try to launch two drivers, rEFInd throws up an <tt>Access Denied</tt>
error for the second driver.</li>
-<li>ELILO can't find its configuration file when launched from rEFInd in
- Secure Boot mode. The same may be true of GRUB Legacy or other boot loaders,
- but I haven't tested them. (GRUB 2 seems fine.)</li>
-
-<li>Signing the Windows boot loader with a MOK won't work; it hangs, probably
- for reasons similar to the ones that cause ELILO to fail. Fortunately,
- the Windows 8 boot loader should work because it should be verified and
- launched via EFI calls rather than via the new shim-derived code. (I lack
- a Windows 8 installation for testing, though.) This limitation could affect
- you if you want to boot Windows 7 with Secure Boot active, though.</li>
+<li>ELILO can't find the directory from which it was launched when launched
+ from rEFInd in Secure Boot mode. This means that you must pass the
+ <tt>-C <tt class="variable">/path/to/binary/</tt>elilo.conf</tt> option
+ to ELILO. rEFInd does this automatically for the default ELILO option,
+ but you should bear the need in mind if you edit that option or use the
+ secondary boot options. Because of the same problem, you must specify
+ the complete path to your kernel and initial RAM disk file in
+ <tt>elilo.conf</tt>. Be sure to specify these paths using either
+ forward slashes (<tt>/</tt>) or doubled-up backslashes (<tt>\\</tt>).
+ It's possible that some other boot loaders will suffer from the same
+ problem.</li>
+
+<li>Signing the Windows boot loader with a MOK won't work; it hangs,
+ probably for reasons similar to the ones that cause ELILO to fail to
+ find its home directory. Fortunately, the Windows 8 boot loader should
+ work because it should be verified and launched via EFI calls rather
+ than via the new shim-derived code. (I lack a Windows 8 installation
+ for testing, though.) This limitation could affect you if you want to
+ boot Windows 7 with Secure Boot active, though.</li>
<li>Under certain circumstances, the time required to launch a boot loader
can increase. This is unlikely to be noticeable for the average small
if (AboutMenu.EntryCount == 0) {
AboutMenu.TitleImage = BuiltinIcon(BUILTIN_ICON_FUNC_ABOUT);
- AddMenuInfoLine(&AboutMenu, L"rEFInd Version 0.5.0");
+ AddMenuInfoLine(&AboutMenu, L"rEFInd Version 0.5.0.1");
AddMenuInfoLine(&AboutMenu, L"");
AddMenuInfoLine(&AboutMenu, L"Copyright (c) 2006-2010 Christoph Pfisterer");
AddMenuInfoLine(&AboutMenu, L"Copyright (c) 2012 Roderick W. Smith");
Temp = FindLastDirName(LoaderPath);
MergeStrings(&OSIconName, Temp, L',');
MyFreePool(Temp);
+ Temp = NULL;
if (OSIconName != NULL) {
ShortcutLetter = OSIconName[0];
}
Entry->UseGraphicsMode = GlobalConfig.GraphicsFor & GRAPHICS_FOR_OSX;
} else if (StriCmp(FileName, L"diags.efi") == 0) {
MergeStrings(&OSIconName, L"hwtest", L',');
- } else if (StriCmp(FileName, L"e.efi") == 0 || StriCmp(FileName, L"elilo.efi") == 0) {
+ } else if (StriCmp(FileName, L"e.efi") == 0 || StriCmp(FileName, L"elilo.efi") == 0 || StriSubCmp(L"elilo", FileName)) {
MergeStrings(&OSIconName, L"elilo,linux", L',');
Entry->OSType = 'E';
+ if (secure_mode()) { // hack to enable ELILO to boot in secure mode
+ Temp = StrDuplicate(L"-C ");
+ MergeStrings(&Temp, PathOnly, 0);
+ MergeStrings(&Temp, L"elilo.conf", L'\\');
+ Entry->LoadOptions = Temp;
+ }
if (ShortcutLetter == 0)
ShortcutLetter = 'L';
Entry->UseGraphicsMode = GlobalConfig.GraphicsFor & GRAPHICS_FOR_ELILO;
* Once the image has been loaded it needs to be validated and relocated
*/
static EFI_STATUS handle_image (void *data, unsigned int datasize, EFI_LOADED_IMAGE *li,
- CHAR16 *Options, REFIT_VOLUME *DeviceVolume, IN EFI_DEVICE_PATH *DevicePath)
+ CHAR16 *Options, REFIT_VOLUME *DeviceVolume, IN CHAR16 *FileName)
{
EFI_STATUS efi_status;
char *buffer;
EFI_IMAGE_SECTION_HEADER *Section;
char *base, *end;
GNUEFI_PE_COFF_LOADER_IMAGE_CONTEXT context;
+ EFI_DEVICE_PATH *DevicePath;
/*
* The binary header contains relevant context and section pointers
* grub needs to know its location and size in memory, its location on
* disk, and its load options, so fix up the loaded image protocol values
*/
+ DevicePath = FileDevicePath(NULL, FileName);
+ DevicePath = FileDevicePath(DeviceVolume->DeviceHandle, FileName);
li->DeviceHandle = DeviceVolume->DeviceHandle;
li->FilePath = DevicePath;
li->LoadOptionsSize = ((UINT32)StrLen(Options) + 1) * sizeof(CHAR16);
/*
* Verify and, if appropriate, relocate and execute the executable
*/
- efi_status = handle_image(data, datasize, li, Options, DeviceVolume, DevicePath);
+ efi_status = handle_image(data, datasize, li, Options, DeviceVolume, ImagePath);
if (efi_status != EFI_SUCCESS) {
Print(L"Failed to load image\n");