TL;DR: bitlocker does not like grub

Full story:

Months ago I installed fedora on my desktop, dual booting Windows 11.

In all this time I never had the need to boot into windows. I remembered that it worked fine after install, good, and then I forgot about that.

Today I needed a specific windows only software, so at grub I chose the microsoft bootloader and… BITLOCKER.

Huh? Bitlocker? Me? What? Searched frantically for that decryption password in my keepass, did not find. What?? How???

After a few minutes staring at that screen I thought, ok let’s just wipe that shit and reclaim the space. I went back to linux, opened the partition manager, then remembered that i had something important in single copy over there. Noooooo

Went back to the boot screen to try again, still failed password.

Then I notice the error:

e_fve_pcr_mismatch

that mismatch lets me think that maybe I had something wrong in my booting.

I try to put windows first in the bios and it works! WHAT THE…???

So, if i put linux first, then launch windows from grub, bitlocker takes the windows partition under ransom, i can only access if windows is first. And of course in windows 11 x64 is no longer possible add linux partitions in their boot manager (previously it was possible)

Incompetence or maliciousness?

  • tea@lemmy.today
    231·
    10 hours ago

    I have given up dual-booting and just have a Windows VM for work things that require Windows. Less muss, less fuss and I can move the VM around as needed when moving between primary PCs.

    • Engywook@lemmy.zip
      51·
      9 hours ago

      This. And fuck secure boot. Nowadays almost any of can run VMs flawlessly.

      • wildbus8979@sh.itjust.works
        4·
        7 hours ago

        You can even use SecureBoot and TPM in a VM ;) OVMF EDK2 fully supports both ;)

        SecureBoot is fine, sucks that vendors won’t add distro keys but you can do that yourself, or use the shim.

      • tea@lemmy.today
        2·
        8 hours ago

        My work has licenses I can apply for VMs when I’m keeping them for longer client work, so yes they are licensed in my case.

        I wouldn’t do that for my own personal use though.

      • anon5621@lemmy.ml
        21·
        8 hours ago

        No why pay money for this assholes,more over I use windows server edition which not possible to get if u are not business client and it cost 800$

      • 9point6@lemmy.world
        1·
        9 hours ago

        You don’t have to

        If you only need it for 90 days before it expires, Microsoft will give you the VM for free (and if you’re particularly industrious, you might write a script that then installs a load of your shit for you to run after you fire up a fresh one)

        If you don’t care about potentially breaking the law you can run it forever with a couple of scripts you can find on GitHub

        If you don’t want to break the law but also don’t want to pay full price you can get a dubious but working key from sites like G2A and cdkeys

        If that’s still too sketchy there’s the OEM licenses (honestly not worth it since they can only activate on a single machine ever)

        Or finally you might feel sorry for Microsoft for some strange reason and want to go full retail price.

        Basically the same experience with all options for a lot of cases, they’re just happy to have users it seems