As a continuation of the quest I started the other day with learning about GRUB configuration and my system, I have encountered some *interesting* information that could, as an extension of logic, have an impact on building LFS.
In trying to discern whether my new HP Envy has UEFI firmware, I've done some extensive reading in the last couple of days. The first thing of which I became aware is that many terms in use these days; e.g., BIOS System, are uses that aren't quite specific to the actual situation. More precisely, in terms of booting, the question is, "Does the BIOS use an MBR partition or EFI partition to boot?" I have learned that in even UEFI firmware there is an "MBR protected" area at the beginning of the hard drive. This is for backward compatibility. I have also learned that GRUB can work in "old," "hybrid," or "new" firmware environments. This all depends on where GRUB puts its "stage 2" files. Of course, when GRUB is configured for "efi," there are no stage 2 files. The "indicators" that the firmware is UEFI and that an *actual* GPT partition is in use are that there exist an EFI partition with a FAT32 file system and that the number of primary partitions is not limited to four. If a person has Windows installed, one can go to disk management and look at the volumes. If one is, "EFI, healthy" then there is an actual, not hybrid, GPT partition. If there is no such animal and the partition table show only "C:\" which is healthy and has the boot flag set, it is an MBR partition. I have also learned that the kernel must be configured with the efi options turned on. I can't remember their specific names right now, but I'll note and report when I configure my kernel shortly. Those are all the "complicated or confusing" things. Now to the possible can of worms. It's the signing of kernels and boot loaders. At the start, I must say that the way around this is to turn off "secure boot" in the BIOS setup. But, then, some folks may not want to do this. If so, they may have to deal with this signing stuff. Right now, and I repeat, right now; i.e., currently, GRUB can be used as a bootloader in a secure environment, if and only if, there is a signed key. Only Ubuntu and Fedora have those. There is a way to generate personal keys, but I haven't learned that yet. I'm just hoping that this stuff doesn't "progress" to the point at which we, LFS builders, will need them. The war has already started. Microsoft can "revoke" any firmware certificate it wants "without notice." It does this through Windows Update. I don't know how far this will go, but I'm distressed about it. As long as I don't have to proceed with secure boot, I'm happy. Anyway, I just wanted to share what I have discovered. This may lead to posts like, "I did this and it didn't work. The book needs to be changed." The implementation of LFS, configuring and installing both the kernel and GRUB can be successful regardless of how the BIOS boots. There is a learning curve though. And some of GRUB's building and installing arguments need to be a little different. Dan -- http://linuxfromscratch.org/mailman/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page
