Automatic EFI Boot Entry Deletion Issue with BIOS/UEFI

[korentzari]

When my PC boots with the flag "bmrdore=false" and the disk locked, my BIOS/UEFI automatically deletes the invalid entry at that moment because the disk is locked. I have searched everywhere and my BIOS/UEFI does not allow preventing this deletion. It is necessary to be able to add an EFI boot entry before rebooting.

[korentzari]

I made a modification which you can review at https://github.com/korentzari/sedunlocksrv-pba/tree/feature-efi. I decided to execute the code before rebooting to easily add context. There was also the option to add the code to launch efiupdate.sh in reboot.sh, but I didn't prefer that because a reboot should be just that, and not something else. Let me know if this functionality interests you and if you see any issues with my implementation.

[Jip-Hop]

Thanks for the explanation and link to your implementation. I understand now what you want to fix. However with my hardware I fortunately don't run into this issue. So I can't really validate if this works and frankly I don't want to dive into this atm. I'll leave this issue open so people can find your fork in case they run into this.

[decafgeek]

I might be seeing something similar to this? After successfully unlocking the disk, if I shutdown the system and remove power completely, then power back up, the system fails to locate the PBA partition on the boot drive and is unable to start up at all. My system is running a SuperMicro X10SDV-4C with a Samsung EVO 980 drive.

Am I describing what you are seeing correctly? If so, I will try your efi update script and see if it resolves the issue.

[korentzari]

951 / 5 000 I'm not sure I understand. How did you unlock the disk if you managed to boot on the PBA. To be precise my problem was the following. If the PC does not boot from scratch EFI does not scan the hard disk to find records to add and worse it removes those it does not find in all cases.

How it works for me:

EFIMGR: Boot Archlinux only shutdown

Cold boot my EFI scans the disks Finds and adds PBA SED EFI Archlinux is missing so it deletes it

Boot on sedunlocksrv-pba: Unlock the disks and my script adds the EFI Archlinux entry that had disappeared and my PC will not see if it does not restart cold. reboot

Boot on EFI Archlinux ( entry is added by my change )

We can summarize: Cold boot adds bootable partitions to EFI Cold boot non-unlocked disk so no bootable OS partition

Hot boot deletes EFI entries which are no longer valid.

[decafgeek]

Hello,

So to clarify my issue, I cold-boot into the PBA, unlock, and boot into TrueNAS Scale (debian) without an issue. Any warm reboot will work fine after that. If I shutdown the system gracefully, and remove power to lock the drive again, I cannot boot at all; neither TrueNAS nor the PBA is found at all. I suspect I'm having a similar issue to your, it just seems my case is not seeing the shadow MBR where PBA is located once the disk is unlocked, removing it from EFI, and then rendering things inoperable as a result. So basically the PBA only works the first time after install, then it fails.

Also one more question - what is the flag "bmrdore=false" you originally mentioned? I was trying to look into it but could not find any information.