Bug#1064102: shim-signed: Shim needs to be updated to latest version for Microsoft Surface devices
Package: shim-signedVersion: 1.40+15.7-1Severity: normalTags: upstreamDear Maintainer,*** Reporter, please consider answering these questions, where appropriate ***I tried to install Debian on a Surface Pro 9, but it doesn't boot even with adisabled SecureBoot (secured core must be disabled in any case).In order to have a bootable Linux you need to hack into /efi/boot/debian andoverwrite mmx64.efi with grubx64.efi or even try more exotic actions.Here you can find a more detailed explanation on this bug and possible workingsolutions:https://github.com/linux-surface/linux-surface/issues/1274[...]The good news is: This issue is fixed on the shim main branch, so once thedistributions update their shim, this issue should disappear. The bad news is,that it is not possible for us to fix this, since we can't get a signed shim /MokManager from Microsoft.For now there are three possible solutions: Disable secureboot and don't enroll any certificates. This is certainly theeasiest. There is a Linux Mint installation image (21.2) that contains a workingMokManager. When you are trapped in the bugged state, you can use this tofinish the enrollment process. After the certificate is enrolled, you should beable to boot normally. Downgrading the firmware.[...]*** End of the template - remove these template lines ***-- System Information:Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable')Architecture: amd64 (x86_64)Kernel: Linux 6.7.2-surface-1 (SMP w/12 CPU threads; PREEMPT)Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GBShell: /bin/sh linked to /usr/bin/dashInit: systemd (via /run/systemd/system)LSM: AppArmor: enabledVersions of packages shim-signed depends on:ii grub-efi-amd64-bin 2.12-1ii grub2-common 2.12-1ii shim-helpers-amd64-signed 1+15.7+1ii shim-signed-common 1.40+15.7-1shim-signed recommends no packages.shim-signed suggests no packages.-- no debconf information
Reply to: