UEFI and GPT

From Restart Wiki
Revision as of 20:02, 10 October 2017 by Pleriche (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page will help you learn about UEFI (the modern replacement for the BIOS) and the GPT disk partitioning scheme which goes with it.

Summary

The pre-boot environment of a computer is controlled by the BIOS, or in modern computers, UEFI. This page has been written to help you understand it and the problems you might encounter with it.

Introduction

Because a computer can't do anything, even loading a program, without a program to tell it how, computers have faced a chicken-and-egg problem since the dawn of the computer age: how to load the first program. Some have solved it with dedicated hardware to inject the first program into memory but others including all PCs and laptops have an initial program built-in and stored in flash memory (the same sort as used in memory sticks). Traditionally, this has been known as the BIOS, but since around 2011 this has been superseded by a much more powerful program called UEFI (though still often referred to as the "BIOS").

The BIOS or UEFI is responsible for the following tasks:

  • Performing an inventory of all hardware and initialising it
  • Power-on self-test (POST)
  • Loading and executing the first stage of the operating system boot sequence.

Safety

Warning03.png
When changing BIOS or UEFI settings take note of the values you started wth so you can restore them, otherwise you could end up with an unbootable system.

BIOS vs UEFI

The BIOS was overdue for replacement. In particular:

  • It was not governed by any formal specification.
  • It was encumbered by legacy architecture dating back to the 1980's.
  • It could only run in 16 bit mode, restricting it to a mere 1MB of memory. (All modern operating systems run in 32 or 64 bit mode.)
  • Its method of booting the operating system was crude and error-prone.
  • It ran into severe problems booting disks greater than 2TB.
  • In order to create any kind of boot manager for multi-booting or for full disk encryption it was necessary to use areas of disk which were traditionally unused but not guaranteed to be so by any formal specification.

Which have I got?

Go into the BIOS setup (often this is bu pressing F2 while booting) and search the menus for any reference to SecureBoot, or Legacy vs UEFI boot modes, or a BIOS whichg responds to the mouse. These all indicate that our BIOS is not a BIOS at all but UEFI.

Alternatively, under Windows, press <Windows key>-R and in the box type msinfo32 and press Enter. Under System, look for any mention of BIOS Mode. It may indicate UEFI, indicating you have UEFI and you are booted in UEFI mode, or Legacy, meaning your UEFI has booted the machine in BIOS-emulation mode. If not reported, you have an old fashioned BIOS.

MBR vs GPT disk layout

Often, a single hard disk (or SSD) will need to be divided into several "partitions", for quite separate purposes and managed by different programs, such as a filestore for all the operating system and user files, and a recovery partition containing installation files for factory reset.

The traditional method of doing this was known as MBR (Master Boot Record) in which a table at the start of the disk defines where on the disk each partition resides. In recent years this method has run into severe difficulties for various reasons:

  • It uses 32 bit addressing, limiting it to disks no larger than 2TB.
  • In fact it can use 2 different addressing methods, which can lead to inconsistencies.
  • It's limited to a maximum of 4 partitions, although a somewhat messy kludge allows one of those "primary partitions" to be subdivided into an arbitrary number of "logical partitions".
  • There is only a single copy of the partition table, so if it becomes unreadable or corrupt then all is lost.
  • Partition types are defined by a single byte, which has resulted in collisions.
  • There is no formal specification, resulting in different sometimes incompatible implementations between different vendors.

The UEFI specification includes a formal definition of new partition definition known as GPT (GUID Partition Table) which addresses all these problems.

Diskmgr2.jpg

Which have I got?

Go to Control Panel Administrative Tools - Computer Management - Disk Management and you will be shown your disks. Right-click on your disk and select Properties. Under the Volumes tab the Partition Style will be shown as either MBR or GPT.

Disks basics

A hard disk structured as sectors, tracks and cylinders.

A hard disk consists of one or more platters with a magnetic recording layer on one or both surfaces. Data is recorded in a series of concentric circles or "tracks", each comprising a number of blocks of data known as "sectors". A sector (traditionally, 512 bytes but now 4096 bytes or larger) is the minimum unit that can be read or written. The set of corresponding tracks of a given radius on all the surfaces is known as a "cylinder". Each surface has its own read/write head but the heads all move together, so a cylinder is the totality of storage that can be read or written without moving the heads to a different set of tracks.

Originally, a partition was defined by the cylinder, track (or read/write head) within the cylinder and sector within the track of the start and the end of the partition but with increasing disk sizes this became impracticable. Besides, for many years now disks have optimised storage capacity by placing more sectors per track on the outer tracks where the track circumference is greater. Hence, partitions are now normally specified by the absolute start and end sector numbers.

The MBR is located at the end of the first sector of a disk. The remainder of that sector contains a bootstrap program which the BIOS loads and executes as the first stage of the boot process.

GPT summary

GPT reserves the first sector of a disk for a "protective MBR" so that programs which only understand MBR don't think the disk is unformatted and corrupt it. This MBR defines a single partition comprising the whole disk, or as much of it as it can address.

Additionally, a GPT-formatted disk contains contains 2 almost identical copies of the GPT header, one starting at the second sector (to avoid the protective MBR) and the other ending on the last sector of the disk. These headers can define up to 128 partitions using 64 bit addressing and hence allowing for disk sizes 16 billion times larger than MBR allows.

Introduction to UEFI

In order to work with UEFI, one of the partitions on a GPT disk must be a special system partition known as the ESP (EFI System Partition). UEFI can recognise this, understand a FAT file system on it, and find the files on it required for booting the computer.

A computer equipped with UEFI will by default boot using the information provided in the system partition but it also has the capability to boot a legacy MBR disk by enabling the Compatibility Support Module (CSM) in the settings, or by defining a boot menu item as a Bios Compatibility item.

UEFI also has the ability to only allow booting of a digitally signed operating system in order to protect against certain forms of malware which might subvert the process, and in an enterprise environment to prevent users booting anything but the approved company system. On an Intel machine it should always be possible to turn this off, but you may need a password in order to do so.

Working with UEFI

How to enter UEFI settings

In many cases you can enter the UEFI setup and boot options menus by pressing F2 or F12 repeatedly just after power-on, just as with a BIOS-based computer.

If that doesn't work, watch out for an indication of the key(s) to press displayed briefly just after power-on.

However, in Windows 10 you can always enter the UEFI setup by holding the shift key whilst clicking Restart. In the menus that follow, select Troubleshoot - Advanced - UEFI Firmware Settings.

UEFI settings menus

The UEFI settings menus may look very similar to traditional BIOS setting, or may be completely different, even navigable with a mouse, especially on gaming PCs. There are several key settings.

Secure Boot enable/disable controls whether unsigned operating system can be booted, such as a live Linux or other bootable diagnostics. Disable it if you wish to do so.

Boot mode controls whether the system will be booted using the EFI System Partition in UEFI mode, or in traditional BIOS mode using the CSM, or possibly either according to the type of boot media. Generally you will need to select BIOS mode for bootable diagnostics.

Boot Priority will give a list of devices to boot from or operating systems to boot.

Supervisor Password allows a password to be set to control access to the UEFI settings. If you are unable to disable Secure Boot it may be that your UEFI demands that a supervisor password be set in order to do so. Record it so you won't loose it.

However, if you do loose the supervisor password (or never had it), there are tools online which will generate a recovery password (see External Links), though Google seems not to list them. This may be one of the rare occasions when you have to resort to the Russian search engine yandex.ru.

Advanced topics

Operating System Installation

Windows or Linux installation media will generally be bootable either in BIOS or UEFI mode. It will format your hard disk as MBR if you booted it with BIOS, or as GPT, creating an EFI System Partition, if you booted it in UEFI mode.

Dual booting

If you wish to dual-boot a system, under BIOS it was necessary to install a boot manager (possibly provided by one of the operating systems). This performed two functions: (a) maintain a list of systems to boot, and (b) offer a menu allowing the user to choose one of them. UEFI always includes the former but not necessarily the latter in a usable form. If you need it, check out rEFInd.

Under Windows, EasyUEFI allows you to examine and modify the boot options and sequence. Under Linux, investigate efibootmgr.

ESP maintenance

To examine the ESP, under Windows, run a command prompt as an administrator then run the command

mountvol x: /s

Your x drive will now be the ESP, but only for that command prompt. You can examine it with the usual cd and dir DOS commands.

External links

  • A UEFI recovery password generator[1]
  • More on UEFI password recovery[2]
  • A useful introduction to UEFI [3]