Solved

EFI config and boot from legacy and reverse

Posted on 2013-06-12
6
761 Views
Last Modified: 2016-02-11
hello guys

my question is actually 3 questions in one, but i'll be happy to get at least part of it done


does anybody know how to change efi boot options from  system that does not run in EFI mode. all my attempts at using efibootmgr failed, and i'm not even sure it is supposed to be feasible. i have an ubuntu and a FreeBSD installed and ready to use, and i can boot live cds or install mostly anything else if required

$ sudo modprobe efivars ; echo MODPROBE_RET=$? ; sudo efibootmgr MODPROBE_RET=0 Fatal: Couldn't open either sysfs or procfs directories for accessing EFI variables. Try 'modprobe efivars' as root. $ lsmod | grep -i efi $
i'm using this command in grub : "chainloader (${root})/efi/.../something.efi" and already tried many variations

i am NOT interested in alternate solutions involving to replace existing files with grub files. i already know how to do that and i'm trying to set it up the clean way


has anybody succeeded in booting and EFI kernel from a grub2 installed in a regular mbr ? how ? i'm also interested in a legacy grub solution if needed.

i've been successful at setting the EFI partition as the root partition (which i can tell because if i use a wrong filename it properly complains that the file does not exist),

but actually booting yields "error : invalid signature" on every efi kernel installed while all those kernels work in EFI mode (currently 2 versions of refind, and a windoze 8 loader work but i had the same problem with other boot loaders)


has anybody succeded in booting a regular mbr from an EFI grub ? any glitches ? i have not given it a try, and i believe this part should be easy enough and not a priority so i'm only interested in your experience and i might no give any feed back on that part

as a side note, i wanted to test this in qemu, but i noticed that changes made to the filesystem when i'm running linux are not visible in qemu when accessing the block device unless i wait for a LONG time. calling sync does not help. i'm interested in both the reason and/or possible workarounds. i noted the same behavior wth usb keys. you have to unmount the partition an physically remove the device before the changes are picked.

the ultimate goal would be to install grub2-efi and grub2 on the mbr with stage 2 located on the efi partition, if possible share the same config among the grub instances, and do a little grub-scripting to autodetect EFI and possibly non-EFI systems, and if possible have a way to set this up from a non-efi live system

this is partly for educational reasons, so please don't discuss the usefullness of it all

thanks everyone
0
Comment
Question by:skullnobrains
  • 5
6 Comments
 
LVL 87

Expert Comment

by:rindi
Comment Utility
You can't boot or simulate an efi system if you don't have the hardware. So either you will have to get a new mainboard with efi, or just do it in theory.
0
 
LVL 26

Author Comment

by:skullnobrains
Comment Utility

You can't boot or simulate an efi system if you don't have the hardware

i assume you are only answering to my 2nd question

i understand the point. nevertheless, grub's efi runtime can boot macos EFI, and i'm looking into modified versions that may work with windows.

qemu also has EFI bios emulation using a third party bios emulator

i do have EFI hardware, and i'm looking for solutions that work both using the hardware and chain-booting from cms.

if that is actually impossible, i need to know precisely why, but for now, i do not see a reason why it would not work. it's fairly possible that it has not been done yet, though.
0
 
LVL 26

Author Comment

by:skullnobrains
Comment Utility
update on my second question : booting an EFI kernel from a grub2 installed in a regular mbr

this works using tianocore

here is a link to the precompiled binaries, which i used successfully. read the sources and compile them yourself if you are concerned about security.
https://gitorious.org/tianocore_uefi_duet_builds/tianocore_uefi_duet_memdisk_compiled/archive-tarball/master

steps are the following
- extract the .img in the archive to your EFI partition
- extract "memdisk" from a syslinux package ( should be /boot/syslinux/memdisk if you are using syslinux )
- configure your bootloader to load the "memdisk" kernel using the image file as initrd. sample configs for grub2 and syslinux are provided in the archive. i copy-pasted the block corresponding to the loader from the sample, and it worked verbatim so i'm not including it here. you'll have to edit the paths if you do not store the files at the root of the EFI partition.

i tested this working chain and many others : once refind fires up, everything that boots through the system's EFI + refind should boot also using tianocore + refind
mbr:grub2 > grub2 stage2 on gpt linux partition > memdisk + tianocore on the EFI partition > refind > windows 8

this does ot work in qemu or is too slow, but using qemu with efi emulated hardware is simpler anyway. this let me successfully boot my locally installed windows in virtualbox (on a ubuntu host, but it should work from any other os host)

NOTE : this does not help with the first question as the bcfg (EFI shell v2), bcfgedit (windows), efibootmgr (likely every unix-like OS) commands you can run in this case change stuff inside tianocore instead of the system's NVRAM. i have not tested wether these changes are persistent or not. if not a .nsh script might be the way to go

for those who are interested in other ways of achieving a similar goal. i was successfull in getting some things to work using boot sectors from coreboot and clover. chameleon might also be helpful. some of these solutions work without changing the bios for another one, but not all, and i do not have anything worthy to post but those interested should start googling boot132
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 26

Author Comment

by:skullnobrains
Comment Utility
just keeping this question open as a work in progress. the EFI -> legacy is more difficult then i expected : it requires lots of bios emulation to get something workable (int13h and acpi being bare minimum). not too much time but looking into coreboot components (bios emulators) that could be compiled as EFI
0
 
LVL 26

Accepted Solution

by:
skullnobrains earned 0 total points
Comment Utility
time to close this question...

change efi boot options from  system that does not run in EFI mode

this is not possible as far as i know, but it is fairly easy to install efi shells into an existing efi system. i'm unsure if this would work with safe boot enabled.

booting and EFI kernel from a grub2 installed in a regular mbr

as stated above, tianocore is an easy way. other options such as coreboot should also work

booting a regular mbr from an EFI grub

i had no time to work with bios emulators, but refind works with some firmwares

---

if anybody stumbles on this thread, feel free to post additional information or ask questions. i may not be around so it might take a few weeks before i answer
0
 
LVL 26

Author Closing Comment

by:skullnobrains
Comment Utility
accepting my own comment for obvious reasons
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Suggested Solutions

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
I previously wrote an article addressing the use of UBCD4WIN and SARDU. All are great, but I have always been an advocate of SARDU. Recently it was suggested that I go back and take a look at Easy2Boot in comparison.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now