I want to apologize in advance that the below post is related mostly to Windows and not macOS, but I can't think of a better place to ask it so please bear with me here.
As you probably know by now, Microsoft made Secure Boot and TPM mandatory requirements to run Windows 11. And it so happens that I have Supermicro X10SAT, a pretty decent motherboard, which even supports TPM 2.0 via add-on module, but is completely incapable of Secure Boot. The capability isn't detected by Windows 10 and there is no option to enable it anywhere on BIOS.
This obviously means that I cannot install Windows 11 the normal way, and this fact saddens me pretty much, because otherwise I have a relatively decent system build on this board. It fully suits my needs for the moment and haven't had any plans for changing it. And even though the end of support for Windows 10 is set only for 2025, I would like to still be able to run Windows 11 once it's released.
Currently, while Windows 11 is in the testing stage there are several workarounds that allow to bypass Secure Boot requirements. But it's not clear whether those will remain working after the official release. Also, it's not clear what impact they will have on the overall stability and ability to install updates for example. Those I would like to consider these options as a last resort and preferably find other solution to make Windows 11 work.
While thinking about possible solutions I thought that the best option will be if Supermicro will release BIOS update that will enable Secure Boot. But this almost certainly won't happen since the board has reached end-of-life status a few years ago. But then Hackintosh bootloaders came to my mind...
I'm not an active Hackintosh user and definitely not an expert, but I had some experience with it in the past. And at least as I understand it, the purpose of the bootloaders like Clover and OpenCore is to fake hardware properties for the OS making it think, that it's running on the one different from the actual one. Obviously, their main purpose is to do this for macOS by maybe it can be done for Windows as well?
This post already came up quite long, so I proceed with my main question: Is it possible to configure Clover or OpenCore in a way, that will fake/emulate presence of the Secure Boot capability to Windows on a motherboard that by itself doesn't support one?
I tried to find answers myself, but information on this topic is quite scarce. On some forums, it was said that this is possible, but all the guides I found seem to describe ways to configure the bootloader itself to work on Secure Boot enabled motherboard, and how to "passthrough" this capability to Windows. Nothing was said anywhere on how to create the appearance of Secure Boot from scratch (at least for Windows, it seems for macOS there are some options).
[link] [comments]
There is swtpm for qemu but dont think coreboot/tianocore can emulate a hardware that presists after os boots
ReplyDelete