[GTALUG] war story: missing boot entry in UEFI
D. Hugh Redelmeier
hugh at mimosa.com
Sun Apr 1 21:43:38 EDT 2018
This may never hit you. I blame the problem on an early UEFI
firmware (2012).
Background:
I had an old cute PC that I dusted off and then installed Fedora.
- Foxconn nT-A3500
- the disk drive had decayed so I installed a new one (shucked from an
external portable drive)
- installed Fedora 27 in UEFI mode, then updated it
- I then noticed a newer firmware and installed it
+ firmware installation required DOS
+ I fiddled with the boot sequence to legacy-boot a FreeDOS USB stick
with the updates
+ applied firmware updates and shut down
+ the firmware was from 2012 -- quite old. No Secure Boot support.
At this point, Fedora would not boot off the HDD?!?!?
End of background
The firmware setup pages seemed to offer no way to specify booting
something from the HDD in UEFI mode. Quite odd. (Remember that there
was a way before the firmware update.)
The HDD had a proper EFI System Partition (FAT with type code EF00).
I could boot the Fedora 27 live USB in UEFI mode. That was a reasonable
platform for exploration. Beware: /boot/EFI points to something on the
USB stick, not the HDD (you can use chroot magic to get around this).
fsck showed no problems with the hard drive's EFI System Partition.
(I have reported on the list how one computer I have won't boot off of
the EFI System Partition if it had not been cleanly unmounted.)
UEFI settings live two places:
- in what we used to call the CMOS memory of the motherboard. A small
chunk of persistent memory on the motherboard.
- in the EFI System Partition of the HDD
You need different tools to change each.
I decided that the problem must be in the CMOS memory. After all, a
firmware update is unlikely to change a disk. The tool I used to
examine and modify the settings was efibootmgr(2). It can show, add,
or modify boot entries. Warning: some of that crap is in UTF16, a
perversion that is awkward to deal with.
Show the boot entries.
Each entry has a 4-digit number.
'*' means active.
$ sudo efibootmgr
BootCurrent: 0001
Timeout: 1 seconds
BootOrder: 0001,0000,0002
Boot0000* SATA: TOSHIBA MQ01ABD100
Boot0001* UEFI: ADATA USB Flash Drive 1.00
Boot0002* ADATA USB Flash Drive 1.00
REALLY show the boot entries. What was shown before was what a user
is expected to understand. The -v also shows the part that the bootloader
actually uses.
If you have a Windows entry, it will likely include UTF16. This
computer does not have Windows (or a Windows license).
BBS seems to stand for "Bios Boot Setting", meaning old fashioned
Master Boot Record style booting.
$ sudo efibootmgr -v
BootCurrent: 0001
Timeout: 1 seconds
BootOrder: 0001,0000,0002
Boot0000* SATA: TOSHIBA MQ01ABD100 BBS(17,,0x0)
Boot0001* UEFI: ADATA USB Flash Drive 1.00 PciRoot(0x0)/Pci(0x15,0x2)/Pci(0x0,0x0)/USB(1,0)/HD(1,MBR,0x2563bf1a,0x1b9d0,0x4664)
Boot0002* ADATA USB Flash Drive 1.00 BBS(21,,0x0)
Magic sequence to add an entry for Fedora 27.
"-c" means Create an entry.
"-l" means Loader: what the entry should do
I accepted the default for:
"-d disk" specifies the disk; default /dev/sda
"-L label" specifies the user-readable description; default "linux"
$ sudo efibootmgr -c -l '\EFI\FEDORA\SHIM.EFI'
BootCurrent: 0001
Timeout: 1 seconds
BootOrder: 0003,0001,0000,0002
Boot0000* SATA: TOSHIBA MQ01ABD100
Boot0001* UEFI: ADATA USB Flash Drive 1.00
Boot0002* ADATA USB Flash Drive 1.00
Boot0003* Linux
REALLY show the boot entries. Notice the new entry has a lot of
gobbledigook. I can read that but I'm glad that I didn't have to write
it.
$ sudo efibootmgr -v
BootCurrent: 0001
Timeout: 1 seconds
BootOrder: 0003,0001,0000,0002
Boot0000* SATA: TOSHIBA MQ01ABD100 BBS(17,,0x0)
Boot0001* UEFI: ADATA USB Flash Drive 1.00 PciRoot(0x0)/Pci(0x15,0x2)/Pci(0x0,0x0)/USB(1,0)/HD(1,MBR,0x2563bf1a,0x1b9d0,0x4664)
Boot0002* ADATA USB Flash Drive 1.00 BBS(21,,0x0)
Boot0003* Linux HD(1,GPT,7ff1c66f-7d72-4295-ad96-01203c384c0b,0x800,0x64000)/File(\EFI\FEDORA\SHIM.EFI)
After this, everything worked.
I don't know why the firmware setup screen had no way to accomplish this (I
tried a lot of settings).
Reference:
<http://www.rodsbooks.com/efi-bootloaders/installation.html>
More information about the talk
mailing list