TL;DR: bitlocker does not like grub
Full story:
Months ago I installed fedora on my desktop, dual booting Windows 11.
In all this time I never had the need to boot into windows. I remembered that it worked fine after install, good, and then I forgot about that.
Today I needed a specific windows only software, so at grub I chose the microsoft bootloader and… BITLOCKER.
Huh? Bitlocker? Me? What? Searched frantically for that decryption password in my keepass, did not find. What?? How???
After a few minutes staring at that screen I thought, ok let’s just wipe that shit and reclaim the space. I went back to linux, opened the partition manager, then remembered that i had something important in single copy over there. Noooooo
Went back to the boot screen to try again, still failed password.
Then I notice the error:
e_fve_pcr_mismatch
that mismatch lets me think that maybe I had something wrong in my booting.
I try to put windows first in the bios and it works! WHAT THE…???
So, if i put linux first, then launch windows from grub, bitlocker takes the windows partition under ransom, i can only access if windows is first. And of course in windows 11 x64 is no longer possible add linux partitions in their boot manager (previously it was possible)
Incompetence or maliciousness?
Only as long as Microsoft allow it, and only because a lot of work was put into that shit. The first couple of years it was very flaky.
It’s easy enough to add your own secure boot keys, you can even remove the Microsoft keys so that only your OS will boot.
OK that’s new to me, I have to admit I haven’t been looking at it for years, I do not feel comfortable following Microsoft specifications, as Microsoft has a long h9istory of fucking things up for others on purpose, and their safety record is probably among the worst in the industry.