Wednesday, November 7th 2018
Linux Won't Boot on New MacBook Air: Apple's T2 Security Chip Prevents It
The new MacBook Air with Retina display is overall a nice upgrade from the old versions of these laptops. There's one caveat, though: the new T2 chip that manages Touch ID's Secure Enclave, APFS storage encryption or UEFI Secure Boot validation will make it impossible to boot with a Linux distribution. Apple's T2 documentation (PDF) explicitly covers how the support for booting Linux is not available: the Microsoft Corporation UEFI CA 2011 certificate used also by Linux distributions isn't trusted at this moment, so the T2 chip will make it impossible to boot from Linux distributions. Only Windows is allowed to boot via Boot Camp at the moment.
Apple's Secure Boot support page shows how the new 'Startup Security Utility' can be used to disable Secure Boot, but some people have tried to boot Linux through this method and even with that change it's impossible to boot Linux. The problem extends to the rest of machines including the T2 Security Chip, like the Mac mini, the iMac Pro or the MacBook Pro 2018, for example. Apple hasn't made any comments on the issue.
Apple's Secure Boot support page shows how the new 'Startup Security Utility' can be used to disable Secure Boot, but some people have tried to boot Linux through this method and even with that change it's impossible to boot Linux. The problem extends to the rest of machines including the T2 Security Chip, like the Mac mini, the iMac Pro or the MacBook Pro 2018, for example. Apple hasn't made any comments on the issue.