|
No Boot on UEFI box (Samsung 350V)
I've had a go at this, and sense I'm close, so I'm asking for help now.
I'm working with This Box From these docs: Slackware's Doc but I can't set usb boot capability, and http://www.rodsbooks.com/efi-bootloaders/elilo.html I have SAMSUNG 350V, AMI BIOS Version P03ABE, & MICOM Version P03ABE. Of the new crop of laptops, it's certainly one of the more stubborn to get linux onto, and I imagine Samsung have bent over backwards to facilitate m$ :-(. in the EFI System Partition, I now have: EFI/ EFI/Boot/ with bootx64.efi, bzImage-3.6.10-dec.efi, elilo.conf, elilo.efi EFI/Microsoft/ Who cares what's here? EFI/Slackware/ Basically the same as Boot/ The default file is EFI/Boot/bootx64, which is now an elilo file, but there's no joy. Every helpful download that m$ had on it's site has vanished, and there's a massive number of broken links in all of this. On top of this, there's more developer packages than user ones. On the box, I have installed a lot of stuff. Elilo doesn't ship with filesystem drivers, so it relies on the start up software (Better words than BIOS) handling that stuff. So everything has to go right where it is. Elilo doesn't even have a 'make install' target. It makes elilo.so & elilo.efi. The elilo.efi I know what to do with - what about the lib? Elilo.conf reads: prompt chooser=textmenu timeout=50 default=Slackware image=bzImage-3.6.10-dec.efi #has the efi stub option set) label=Slackware read-only root=/dev/sda8 Do I have to run elilo in all boot changes, dangers, temptations & afflictions like one did with lilo?? I have secure boot disabled, and am running on a boot order of 1. CD 2. Hard disk with no mention of secure boot 3. UEFI Secure Boot for windows. If I take out the CD, & reboot, I get a generic error about "please insert a disk in selected boot device and press any key" the UEFI equivalent of the middle finger. Ditto if I disable Secure boot while booting from hd. In the Microsoft directory, there's bootmgr.efi, memtest.efi, and bootmgfw.efi, which look promising, but I can't get to them. Samsung has no information _at_all_ available on this. There has to be a shell somewhere. I have a download and an EDK environment to build it with, but this is all a bit beyond the average luser. Can anyone point me from their success? |
Looking for articles that can help you-
Found these: http://social.msdn.microsoft.com/For...6-166dddf32205 Here is a PDF about Samsung and Windows 8 with UEFI that might help: Using the Samsung Series 7 Slate (700T) with Windows 8 ... Adobe PDF Samsung Support can only respond to support issue with the version of ... Configure system firmware for UEFI Boot Install Windows 8 Customer Preview http://www.samsung.com/global/window...ta/1_Using_the... More results from samsung.com » http://blogs.msdn.com/b/b8/archive/2...with-uefi.aspx http://www.neowin.net/news/microsoft...-uefi-concerns How To Dual Boot Ubuntu and Windows 8 http://techmell.com/how-to/dual-boot-ubuntu-windows-8/ http://www.linuxquestions.org/questi...ux-4175433507/ Windows + Slackware Dual Boot http://www.linuxforums.org/forum/sla...dual-boot.html Hope this helps and I wish you the best!;) |
@Ztcoracat: Thanks for the docs. I'll go through them. I'm beginning to realize many of them are just plain WRONG as far as windows 8 is concerned, because m$ insists on windows 8 pcs having a DB of approved keys in nvram. This isn't a UEFI restriction, this is an M$ restriction.
Legacy Boot requires an MBR. I've just booted my windows 8 box on an MBR formatted disk. Secure boot is disabled and Legacy OS is set. I can (and have been) booting from the CD also. This is what some windows head says: Quote:
The GNU tools are out there, but the certificates registered with m$ (and consequently accepted by the system) are not. For me, the choice is simple. I can either 1. Keep the most unusable version of windows ever written for the foreseeable future. :banghead: 2. Clear the disk, and go to legacy boot with an mbr. :D 3. Fart about endlessly hacking into my own system trying to run under secure boot.:banghead: For the benefit of anyone testing software in this area, I have 6 partitions: 1 - Recovery for EFI, 2 - ESP, 3 - 'm$ reserved' 128mb & unreadable, 4 - drive C, 5 - RecoveryImage for W8, 6 -data/ Backup/restore stuff. I can access BIOS type setup to disable secure boot, and F4 & F5 bring me to an M$ recovery setup. That's it. No shell, except through windows. Adding Keys seems to pose a significant obstacle, where nothing is documented and it's like trying to crack a safe. I did find a shell for download, and the EDK environment needed around it to build, but they're windows stuff and I'm not into building windows software. |
I got to some of those links. This may save others time.
Quote:
Quote:
Quote:
Quote:
Quote:
For this to work there have to be 3 keys. A personal key, a platform key, and a private key (Manufacturer's and registered with m$). I have to lead the private key into the nvram database of such keys. Another Catch-22 is this: The only way to boot with a GPT disk is secure boot. With Secure boot disabled, I'm down to the Slackware DVD, using the kernel-3.2.29. To get loading stuff into the db & boot order, the only shell I can use is efibootmgr. That requires the efi_vars module. Slackware's 3.2.29 doesn't ship with efi_vars :-(. I have 3.6.10 on disk with everything, but I can't get it to load. All that farting about, to keep the @$%£#-iest windows ever! The only thing that stopped me wiping windows entirely tonight is that it's such a perfectly locked up and locked out system, it would be nice to keep it and have the disk there for developers to test their ideas on. If they get going on this one, they're good! |
If it were me; Mate I Would Be really ticked off-
Thanks for saying I was kind to think of everything:hattip: I certainly hope that your able to overcome this most undesirable nonsense- Quote:
Quote:
I remember reading about a platform key but the personal key is news to me. Think I better :study: some more. I see; you have 3.6.10 Kernel on disc but can't get it to load- I'm sorry that your frustrated; I feel for ya- Wish I could help more- If I find any other articles or a light bulb in this head of mine lights up I'll write ya another post- Off to do more re-search and :study: |
Reviewing the notes I wrote by hand I'm sharing what I found.
If your already aware; pardon me repeating what you are already educated on- For Linux to access UEFI Runtime Services, the UEFI Firmware processor architecture and the Linux Kernel processor must match. It is independent of the bootloader used. A man at Canonical was able to create his own securied binaries that will boot and work on a UEFI Linux Secured System. I think he achieved it by extracting the Operating System's Vendors key exchange key from it and installed it to the database. (These keys you already mentioned) This tool would be activated by the UEFI System as soon as it saw the un-autherised media inserted so the platform owner could decide whether they wished to accept the key for OS install and boot. I tried going here 3 times and my browser didn't comply-(page was re-set) http://fedoraproject.org/wiki/Features/EFI And a PDF@ http://www.linuxfoundation.org/publi...open-platforms Here's something I didn't know: UEFI application may launch another application (in case of UEFI shell or a boot MGR like rEFlnd) or the kernel and initramfs (in case of bootloader; Grub 2) Depending on how the UEFI application was configured. Legacy mode is no-EFI mode; right? |
Member Response
Hi,
@ Ztcoracat Your link is broken, correct link: Making UEFI Secure Boot Work With Open Platforms Other Useful UEFI links from Linux Foundation: http://www.linuxfoundation.org/search/node/UEFI |
Thanks Onebuck for the correction!:)
|
Good information to learn from in regard to taking control of all the keys!
http://blog.hansenpartnership.com/uefi-secure-boot/ Still studying- |
Quote:
I bought an ssd on ebay last night - a small one, but a new disk nevertheless. It's going in, formatted with an mbr, and secure boot is being disabled. That will work. I know it will work because I've already tried it. My HD I am keeping as is for the moment. Onebuck, you being a moderator type, can you notify the various distro maintainers that they have the most awkward box imaginable sitting here in Ireland ready to test their attempts? I can shove the disc back in and they can ruin it - I don't care. It's backed up, and not in use. And the box is bad: With Secure Boot on, it won't look at the CD/DVD unless I'm mistaken; It doesn't boot usb in any case. It will boot PXE with F12 pressed at boot. No shell is supplied that I can find - just a 'windows recovery' program. Grub2 just craps out on it (Does grub2 do anything else?). Fedora's grub-legacy & grub-efi say "Failed to embed stage1 ... failed to embed stage2). Elilo is ignored. There is a 'bootmgr.exe' buried somewhere in the windows stuff. No documentation :-(. |
Member Response
Hi,
I wish things were that easy. Most active maintainers are doing their best to interact with their user base when necessary to keep things working for the distribution. Look at Slackware as an example, PV does lurk and interact at times on Slackware forums. Very receptive to the user base input. Not to say changes are made all the time but that the mood along with experiences do help to improve the distro. 'UEFI' is not new, 'Secure Boot' is Microsoft's way of implementing the protocol to insure their OS for the user base. Researching 'UEFI' protocol and how the future with OEM equipment that will or are using 'Secure boot' so I will know how or when things can be done too utilize hardware with Open Source. Every user needs to be aware of the abilities to use the hardware and how with open source on this same hardware. if at all. If the machine has a Microsoft Windows 8 logo you should be able to implement via disable or jump through the right hoops to get a install on the equipment by use of Key Exchange Keys (KEK) that can be added to a database stored in memory to allow other certificates to be used. But the KEK must be connected to the systems private part of the platform key. If not done properly then you will have errors. Please be aware that their are to many rumors or just plain 'FUD' that conflicts the situation thus creating uncertain situation for those that are not fully aware of the what & how concerning 'UEFI' protocol and the feature use of 'Secure boot' protocol by Microsoft. 'UEFI' is necessary for the future of computing. 'BIOS" has been extended via hacks to implement newer abilities/capabilities for ever changing computer hardware. We need this expansion, 'UEFI' protocol is not a bad thing, just a necessity to extend capabilities for newer hardware & software. Linux users will do everything to prevent root kits or other means to prevent unwanted access to their system. I look at 'UEFI' as means to improve the methods from a firmware perspective to allow full use of hardware instead of the BIOS way. BIOS has to many holes and hacks to get hardware to work thus vulnerable. |
I should have made myself clearer.
If anyone wants to put a distro out, he is going to have to take UEFI on henceforth. Here is the toughest obstacle they are likely to meet. If nobody needs that, it's OK, and I'll reformat the drive sometime. I personally feel pxe may be the way to do it - it seems easier than the other options. |
Member Response
Hi,
Quote:
My question to you is how 'PXE' is the way to do what? How do you expect to enable the 'PXE' via 'UEFI'? 'UEFI PXE' is available. You will still need to integrate KEK for that install. You could use 'iPXE' (work in progress) to do a standard install; Quote:
HTH! |
This is a good place to lay that stuff down, because people will search these threads for their own answers.
I spent the last week reading up on this stuff and while I wouldn't claim to be the world's expert, I did get an idea of what was involved. For me, windows is not worth it. My experience on this box with Secure boot enabled: No access to any shell, short of vandalizing the m$ boot. If you do that, it's recovery recreates the m$ boot, AFAICT. No usb boot; No CD boot. Only pxe, with which I haven't experimented. When windows 8 is booted, the ESP is examined and "Fixed" without any option to avoid it. With Secure Boot disabled, I have cd boot. No GPT Boot, so the disk won't boot. Just mbr & CD boot works with secure boot disabled. To my mind, that's a pretty wilful way of locking out competitor OSes in an attempt to prop up the worst version of windows ever. Installing isn't out of the question, but dual boot certainly seems to be. |
Quote:
However; I can't seem to wrap my mind around why this has become a normal practice and what exactly are the motives to repeat this over and over again.(Other than mass produce to provide a corporation profit) This is just my thoughts and opinions but I think that if one (meaning a individuial, group, corporation)does enough bad it comes back. In my mind this practice of producing this Unified Extensible Firmware Interface is generating positive and negative energies and a hint of upheavel. The average folks that have PC may have extream difficulity trying to figure/configure this equation out- I'll think twice before I purchase another PC in the future. I wish you the best business_kidd and I hope that your distro is now functional on your new computer. This is a great thread to learn from; I'll teach it to noobs if I'm asked- Have a great weekend! |
Quote:
Disabling secure boot disables gpt (i.e. hard disk) booting. Disabling GPT disables windows 8. Enabling secure boot locks you onto the hd, which, as explained, checks and fixes itself to be m$ only every time it wakes up in windows 8. Besides those, PXE looks more attractive. I have disabled secure boot, installed Slackware-14.0 and left the dvd in the cdrom. With that, I can type a line of boot parameters and get running on the box's root with the dvd kernel. To start windows, I need to revisit the BIOS and enable secure boot. As I lost my last motherboard because the Bios were rewritten too often, I'm not likely to take this approach too tar. So there it ends for the moment - with an eternal question. I have emailed Samsung support and offered to warn the linux community about how unsuitable any samsung uefi box like mine is for linux and pointed out that I wanted to install linux with windows in a vm perhaps. I'll post on the outcome. |
Have you tried booting off a usb stick? It might be more convenient than using the dvd.
|
The box is congeitally incapable ob usb booting under any circumstances. Got a 60G SSD for €75 which arrived today. Installed Slackware-14.0 and am up and running without secure boot. Hello from RoseViolet :-P.
If any uefi developer wants to try his stuff I still have the hd here. |
Quote:
I need your help because i am in the same situation, i just bought a samsung laptop - same model as the one that described at the first post, and installing linux looks the same as the theory of relevativity!!!!!!!! I'm very disappointed with samsung.Is my first laptop, and i waited the moment to install my favorite slackware and get rid of the sucked win 8.....and i realize that is build only for hosting win OS.....I'm pretty close to sell it and buy a dell with ubuntu pre-installed...:P::P:P:P:P:P:P |
What I did was buy a 60G SSD (doesn't have to be ssd), partition it with fdisk (not gdisk). It was gpt so I deleted all partitions and started with fdisk. Here's my partition table
Code:
Device Boot Start End Blocks Id SystemSlackware went on fine, but fedora shrieked in protest, the installer barfed big time and I eventually shoehorned it on manually, which was a nightmare. I just needed fedora's electronic spin. The original gpt disk is lying in a drawer awaiting the warranty return to Samsung. My keyboard chip is dying. |
Thanks a lot for the info.
Choosing legacy at BIOS options i could say that the behavior is as the old good days.....you could install as we all know ,and install lilo and boot.....wahhhh!!!!! Working a few hours with my slack ,choosing xfce, some time after random time laptop freeze and no key combination is working, e.g alt+f7, alt+ctrl+backspace only possible option is to press power button in order to forced shut down and power on again. I have slack 32bit 14 with full installation chosen. did you notice any related behavior at your case???? |
The only time I recall seeing this sort of behaviour with slackware was when I had issues with the Nvidia driver.
|
Had this once or twice here, too. No sense or reason to it - I think it's a BIOS thing. I'm on Intel graphics. Then the keyboard chip went funny, but the crashes stopped :-).
|
It is still reproducible with slackware 14 x64 full installation and using xfce
I'm very disappointed.....i want to paint the laptop blue and throw it to the aegean sea.... What do you mean when you say that "the keyboard chip went funny"??? you are my last chance i suppose ,because you claimed that crashes stopped!!!!! |
@business kid were you able to get a working system on original hdd, or are you just saving it for rainy day?
|
To get a working system, I'd have had to reformat gpt at the time.
This thread is six months old. Since the information in this thread was posted, some UEFI capable distributions have come along. I have not tried them. I believe Samsung's implementation under windows 8 is particularly problematic. I like to forget I have windows 8, and like not to think about it as windows 8 is really that bad. |
I think i found the cause of the problem.......
It looks that wpa_gui application crash the system..... I remember that the last app that that i open was that, and after a couple o minutes the laptop freeze ... When i start again the laptop , i was able to use i, for a long time without the freeze problem..... |
| All times are GMT -5. The time now is 05:45 AM. |