Finding path of MBR shadow boot entry

[ranshalit]

Hello,

I manage to unlock device using usb rescue UEFI64.img But trying to boot into PBA boot fails. These are the steps I am doing:

1. After using the instructions in Encrypting-your-drive wiki, I see that there is no PBA option in the bios.

2. There is no bcfg instruction in the BIOS, so I tried to use efibootmgr to add a boot entry as following: in boot I first checked where the PBA efi is: ls fs0:\EFI\boot\bootx64.efi So, I then added it to bios entry from linux :

   efibootmgr -c -d /dev/sda -p 0 -L "mypba" -l "\EFI\boot\bootx64.efi"
   
   efibootmgr -v 
   BootCurrent: 0000
   Timeout: 2 seconds
   BootOrder: 0001,0000,0005,0004,0006
   Boot0000* ubuntu    HD(1,800,100000,bfed1092-82b4-4bc2-ac30-40d1018630ac)File(\EFI\ubuntu\shimx64.efi)
   Boot0001* mypba HD(0,0,1bf244b0,00000000)File(\EFI\boot\bootx64.efi)
   Boot0004* Built-in EFI Shell    Vendor(5023b95c-db26-429b-a648-bd47664c8012,)
   Boot0005* Hard Drive    BIOS(2,0,00)PATA: BearTech 081108S7       .
   Boot0006* UEFI: USB Flash Disk 1100 ACPI(a0341d0,0)PCI(1d,0)USB(1,0)USB(4,0)HD(1,800,24fdf,b99116cd-2281-4fd7-a414-430920bdca25)

   Then I shutdown system, boot and stops in BIOS. Then on trying to boot into "mypba" , is just returns back to bios doing nothing.

3. I tried to change numbering from 0 to 1 (should it be 0 or 1 for the PBA?) efibootmgr -c -d /dev/sda -p 1 -L "mypba" -l "\EFI\boot\bootx64.efi" But still nothing happens when stopping in bios and trying to boot into PBA.

The device I'm using is Micron's M500IT mSATA NAND Flash SSD.

Maybe it is one of the following issues:

• wrong number of partition in efibootmgr -c -d /dev/sda -p 1 <<------- ?
• wrong path ""\EFI\boot\bootx64.efi" maybe in efibootmgr command ? (this is the path I see from uefil shell: fs0:\EFI\boot\bootx64.efi )
• using big/small letters in path ("EFI" or "efi") ?
• bios issue which does not support MBR shadow ? the bios is quite old from 2011.

Thank you for any advise. Ran

[cristim]

Here's how it looks for me

$ efibootmgr -v               
BootCurrent: 0000
Timeout: 0 seconds
BootOrder: 0000,0013,0002,0003,0001,0004,000D,0011,0014
Boot0000* ubuntu    HD(1,GPT,c4159472-e329-4e5b-90dc-7b73de59d8ea,0x800,0x10800)/File(\EFI\ubuntu\grubx64.efi)
Boot0001* Diskette Drive    BBS(Floppy,Diskette Drive,0x0)..BO
Boot0002* PBA   PciRoot(0x0)/Pci(0x1d,0x0)/Pci(0x0,0x0)/NVMe(0x1,00-25-38-53-71-B1-0F-DA)/HD(1,GPT,ebab925c-9722-40eb-9d12-1710a074c85d,0x800,0xf7df)/File(\EFI\boot\bootx64.efi)
Boot0003  PBA Rescue    PciRoot(0x0)/Pci(0x14,0x0)/USB(0,0)/HD(1,GPT,f94fffac-b78c-4199-934e-a170d1556a83,0x800,0x3f7df)/File(\EFI\boot\bootx64.efi)
Boot0004* CD/DVD/CD-RW Drive    BBS(CDROM,CD/DVD/CD-RW Drive,0x0)..BO
Boot000D* M.2 PCIe SSD  BBS(HD,Samsung SSD 960 EVO 1TB ,0x0)..BO
Boot0011* USB Storage Device    BBS(USB,USB Storage Device,0x0)..BO
Boot0013  UEFI: Samsung SSD 960 EVO 1TB, Partition 1    HD(1,GPT,c4159472-e329-4e5b-90dc-7b73de59d8ea,0x800,0x10800)/File(EFI\Ubuntu\shimx64.efi)..BO
Boot0014* Onboard NIC   BBS(Network,IBA CL Slot 00FE v0110,0x0)..BO

My PBA boot menu entries were not created using efibootmgr from Linux but by using the system setup menu's boot priority settings, which allowed me to browse to the bootx64.efi file and find a path that works from the perspective of the UEFI boot loader.

Give that a try, I hope it works for you.

[ranshalit]

Hi Cristiain,

Thank you very much.

This might gives me a hint why I might have failed to reach the device (MBR shadow?), becuase I see that your PBA device is different than just HD(1,...) , and contain some PCI device before that. It is also interesting that although the HD partition number is the same (1), the serial number is different (ebab925c-9722-40eb-9d12-1710a074c85d) for the PBA.

Yet, I still don't see anywhere how to configure device using efibootmgr . Its annoying that my BIOS is tool old (no bcfg), and seems that no update is available :( I'll keep trying.

Just verified that using the same ssd with another different HW board, works perfect! (both PBA and OS), which means that the problem is the limitation in the older board HW/BIOS. If anyone has idea about how to define the boot entry please tell me.

Thank you, Ran

[cristim]

As I said, enter the setup menu (often known as BIOS) after a cold boot and search for the boot settings.

There should be a way to browse the devices including the PBA image and find the boot image file as seen by the mainboard's EFI implementation.

[ranshalit]

Thanks cristim,

yes, I do find it in fs0:\EFI\booboox64.efi But I can't add it as boot entry because BIOS (AMI , American Megatrends Inc), does not support bcfg command.

[cristim]

You should not need that, just use the graphical system setup (a.k.a BIOS menu) by pressing Delete, F2 or F10 right after pressing the power button.

It should allow you to change the boot entries and change the boot device priority from the GUI

[ranshalit]

I know. I enter BIOS and I see the boot entry which I created using efibootmgr . I can't create these boot entry and efi shell and I also don't have this boot entry if I don't create it somehow (create it in efi shell or linux with efibootmgr ). Inside the BIOS there is no option to define path for the boot entry but only to start boot from device. Is it a bios limitation which prevent me ? using the same ssd in another different computer works like charm.

[ranshalit]

This issue is solved! I had to add the entry from unencrypted boot. I did it before from encrypted boot, so it gave a wrong boot entry ! sudo efibootmgr -c -d /dev/sda -L "mypba" -l "\EFI\boot\bootx64.efi" Thanks.