Debian 10 inaccessible with Secure Boot (Lenovo ThinkPad X390)
by l0f4r0 from LinuxQuestions.org on (#4X8WE)
Hello,
I cannot access Grub and so my fresh new installed Debian 10 with Secure Boot activated on my new Lenovo ThinkPad X390.
Here is my boot list order:
Code:efibootmgr
BootCurrent: 001D
Timeout: 0 seconds
BootOrder: 001D,001E,001C,001F,0020,0024,0021,001B,0023,0022,0012,0011,0000
Boot0000* Windows Boot Manager
Boot0010 ThinkShield secure wipe
Boot0011* LENOVO CLOUD
Boot0012* HTTPS BOOT
Boot0013 Setup
Boot0014 Boot Menu
Boot0015 Diagnostic Splash Screen
Boot0016 Lenovo Diagnostics
Boot0017 Regulatory Information
Boot0018 Startup Interrupt Menu
Boot0019 Rescue and Recovery
Boot001A MEBx Hot Key
Boot001B* USB CD
Boot001C* USB FDD
Boot001D* NVMe0
Boot001E* NVMe1
Boot001F* ATA HDD0
Boot0020* ATA HDD1
Boot0021* USB HDD
Boot0022* PXE BOOT
Boot0023 Other CD
Boot0024 Other HDD
Boot0025* IDER BOOT CDROM
Boot0026* IDER BOOT Floppy
Boot0027* ATA HDD
Boot0028* ATAPI CDAs startup, no matter what following choice I make, the screen refreshes after 1 second and nothing happens (obviously my laptop cannot boot):
Quote:
As soon as I deactivate Secure Boot, Grub 2.02+dfsg1-20 is launching and offers:
Quote:
Options 1 & 2 lead to my Debian as expected.
FYI, I have installed my Debian via an LVM inside a LUKS.
Here is my partioning scheme:
Code:lsblk -o NAME,FSTYPE,LABEL,MOUNTPOINT,SIZE
NAME FSTYPE LABEL MOUNTPOINT SIZE
nvme0n1 477G
a"a"nvme0n1p1 vfat SYSTEM /boot/efi 477M
a"a"nvme0n1p2 16M
a"a"nvme0n1p3 ext4 boot /boot 477M
a"a"nvme0n1p4 ntfs WinRE_DRV 1000M
a""a"nvme0n1p5 crypto_LUKS 474,8G
a""a"nvme0n1p5_crypt LVM2_member 474,8G
a"a"myLvmGroup-myLvmSwap swap [SWAP] 14,9G
a"a"myLvmGroup-myLvmVar ext4 var /var 18,6G
a"a"myLvmGroup-myLvmRoot ext4 root / 74,5G
a""a"myLvmGroup-myLvmHome ext4 home /home 326GPS: I have no dual-boot with Windows 10 anymore. I've just kept partitions WinRE_DRV and nvme0n1p2 as legacy.
Some additional info:
Quote:
It's really weird because I thought Debian 10 works out-of-the-box with Secure Boot...
Any idea please? :)
I cannot access Grub and so my fresh new installed Debian 10 with Secure Boot activated on my new Lenovo ThinkPad X390.
Here is my boot list order:
Code:efibootmgr
BootCurrent: 001D
Timeout: 0 seconds
BootOrder: 001D,001E,001C,001F,0020,0024,0021,001B,0023,0022,0012,0011,0000
Boot0000* Windows Boot Manager
Boot0010 ThinkShield secure wipe
Boot0011* LENOVO CLOUD
Boot0012* HTTPS BOOT
Boot0013 Setup
Boot0014 Boot Menu
Boot0015 Diagnostic Splash Screen
Boot0016 Lenovo Diagnostics
Boot0017 Regulatory Information
Boot0018 Startup Interrupt Menu
Boot0019 Rescue and Recovery
Boot001A MEBx Hot Key
Boot001B* USB CD
Boot001C* USB FDD
Boot001D* NVMe0
Boot001E* NVMe1
Boot001F* ATA HDD0
Boot0020* ATA HDD1
Boot0021* USB HDD
Boot0022* PXE BOOT
Boot0023 Other CD
Boot0024 Other HDD
Boot0025* IDER BOOT CDROM
Boot0026* IDER BOOT Floppy
Boot0027* ATA HDD
Boot0028* ATAPI CDAs startup, no matter what following choice I make, the screen refreshes after 1 second and nothing happens (obviously my laptop cannot boot):
Quote:
| NVMe0 SAMSUNG MZVLB512HAJQ-000L7 LENOVO CLOUD Windows Boot Manager |
Quote:
| Debian GNU/Linux Advanced options for Debian GNU/Linux System setup |
FYI, I have installed my Debian via an LVM inside a LUKS.
Here is my partioning scheme:
Code:lsblk -o NAME,FSTYPE,LABEL,MOUNTPOINT,SIZE
NAME FSTYPE LABEL MOUNTPOINT SIZE
nvme0n1 477G
a"a"nvme0n1p1 vfat SYSTEM /boot/efi 477M
a"a"nvme0n1p2 16M
a"a"nvme0n1p3 ext4 boot /boot 477M
a"a"nvme0n1p4 ntfs WinRE_DRV 1000M
a""a"nvme0n1p5 crypto_LUKS 474,8G
a""a"nvme0n1p5_crypt LVM2_member 474,8G
a"a"myLvmGroup-myLvmSwap swap [SWAP] 14,9G
a"a"myLvmGroup-myLvmVar ext4 var /var 18,6G
a"a"myLvmGroup-myLvmRoot ext4 root / 74,5G
a""a"myLvmGroup-myLvmHome ext4 home /home 326GPS: I have no dual-boot with Windows 10 anymore. I've just kept partitions WinRE_DRV and nvme0n1p2 as legacy.
Some additional info:
Quote:
| UEFI BIOS version : N2JET83W (1.61) UEFI BIOS Date : 2019-11-22 Embedded Controller Version : N2JHT32W (1.16) ME Firmware Version : 12.0.40.1433 |
Any idea please? :)