I have a UEFI laptop with Bitlocker on the Windows partition. This forces the primary bootloader to be Windows Boot Manager with Secure Boot enabled in order for Bitlocker to work properly on Windows. That is to say, with this setup, Windows can only boot if its boot manager was the first thing called by the UEFI, due to the encryption keys used by Bitlocker being stored in the TPM.
Chainloading the Windows Boot Manager from Grub doesn't work [windows does complain about the Secure Boot environment being not safe anymore], so we must do the other way: adding a menu entry for Ubuntu's shimx64.efi to the Windows Boot Manager using bcdedit.exe.
I have tried all kind of tricks with bcdedit /copy bcdedit /create etc… but even if Windows detects the entry, when jumping into it I get a fatal error at boot time:
File: \EFI\ubuntu\shimx64.efi
Status: 0xc000007b
Info: The application or operating system couldn't be loaded because a required file is missing or contains errors.
Does anyone know what the right bcdedit magic to add an Ubuntu entry is? TIA.
[Note that this answer sadly produces the above]
edit: Note that if I go to my UEFI Bios and select the Ubuntu entry Linux loads properly. So for now I am stuck with going to BIOS and selecting the OS I'd like to boot.
edit2: Bitlocker is not used from Linux nor I do want to do so; its role here is to encrypt the Windows partition.
Best Answer
Boot both Linux and Windows from UEFI. Its that simple, as you can see chainloading either Windows from GRUB or Linux/GRUB from Windows Boot Manager has drawbacks for Secure Boot and Bitlocker.
Many Motherboards give the UEFI boot menu with F11. If that doesn't work try Escape or Delete to either get a functions menu or this might drop right into configuration which might give you a boot order configuration or an option to "instant boot" which is the same thing the boot menu does.
The key is you're selecting the OS you want from UEFI not from a boot loader.