[syslinux] SYSLINUX PXE LOCALBOOT Bitlockers

Ian Bannerman ian at internals.io
Tue Apr 29 11:43:00 PDT 2014 

Any deviation from the expected boot process will prevent BitLocker from accessing the volume key in the TPM. One reason this behavior exists is to prevent malicious code from being loaded (such as via booting first to CD / USB / PXE, loading malware, and then continuing to boot to Windows). So what's happening here is the deviation from firmware -> PXE -> HDD is detected and the volume key is not released.
There is no circumventing this behavior. 
--Ian

> Date: Mon, 28 Apr 2014 16:35:41 -0400
> From: gene.cumm at gmail.com
> To: Matthew.Taylor at chevron.com
> CC: syslinux at zytor.com
> Subject: Re: [syslinux] SYSLINUX PXE LOCALBOOT Bitlockers
> 
> On Mon, Apr 28, 2014 at 4:06 PM, Taylor Jr, Matthew [U.S. Computer
> Corp] <Matthew.Taylor at chevron.com> wrote:
> > Label is OS and I believe there are all booting MBR. Is there a way to clear the memory then continue loading ? or rebooting the machine from the menu.
> 
> No, the entire LABEL stanza including its LOCALBOOT/COM32/KERNEL and
> APPEND lines as applicable.
> 
> -- 
> -Gene
> 
> A: Because it messes up the order in which people normally read text,
> especially the archives of mailing lists.
> Q: Why is Top-posting such a bad thing?
> 
> 
> > -----Original Message-----
> > From: Gene Cumm [mailto:gene.cumm at gmail.com]
> > Sent: Monday, April 28, 2014 1:04 PM
> > To: Taylor Jr, Matthew [U.S. Computer Corp]
> > Cc: syslinux at zytor.com
> > Subject: Re: [syslinux] SYSLINUX PXE LOCALBOOT Bitlockers
> >
> > On Mon, Apr 28, 2014 at 3:37 PM, Taylor Jr, Matthew [U.S. Computer
> > Corp] <Matthew.Taylor at chevron.com> wrote:
> >> Hello;
> >>
> >> I use Bitlocker on my machines and I notice that when I am in my PXE Menu and I select "Boot to Local Hard Drive" it continues on then bitlockers. I am assuming that the syslinux is still in memory, bitlocker is being triggered because of the change. I need a solution to overcome this. I cannot remove bitlocker from the machines.
> >
> > What does your LABEL look like?  Are you booting the MBR or VBR?
> >
> > --
> > -Gene
> 
> _______________________________________________
> Syslinux mailing list
> Submissions to Syslinux at zytor.com
> Unsubscribe or set options at:
> http://www.zytor.com/mailman/listinfo/syslinux

More information about the Syslinux mailing list