Page 1 of 1

moving from legacy boot to secure UEFI boot

PostPosted: May 8th, '21, 18:55
by jiml8
I just substantially upgraded my workstation for the first time in 8 years. It now runs a Ryzen 5800X with 64 GB RAM on an Asus X570-Plus mobo.

To get my system to boot, I had to turn on a "compatibility mode" driver in BIOS because my system still boots with the legacy MBR method using grub 1.

My system is 23 years old and has a continuous history for that time, which I value highly. 23 years ago, MBR is how you booted. Now, it is probably the only remaining legacy artifact in my otherwise modern system.

I doubt I will make another substantial upgrade for a long time. But, a decade from now, MBR booting might be completely gone. So, maybe I should think about switching.

Now, I am not going to do this tomorrow or next week; I'm very busy and can't afford the downtime. But next time I do have the time, maybe I will do it.

So my question is: How do I do it?

If I were to, for instance, format my boot volume for UEFI, then do a clean install of the OS, then roll my backup copy into place for everything but the contents of /boot, would that do it? Is there anything in this scenario that would bite me in the ass and keep my system from running?

Is there an easier way? I doubt it given that I am sure I have to reformat the boot volume, but I have to ask.

My new mobo supports m.2 SSDs, and I probably will install a couple of these along the way (probably before very long, actually) and it could be that starting one of those SSDs as UEFI and moving my system onto it would be the way to go.

Has anyone done this? Any pointers?

Re: moving from legacy boot to secure UEFI boot

PostPosted: May 8th, '21, 19:49
by doktor5000
jiml8 wrote:If I were to, for instance, format my boot volume for UEFI, then do a clean install of the OS, then roll my backup copy into place for everything but the contents of /boot, would that do it? Is there anything in this scenario that would bite me in the ass and keep my system from running?

Well, technically speaking the only thing you need to do is [have a GPT-partitioned drive - this is basically optional, but recommended) create a FAT ESP partition there where you install your boot loader into. This is then picked up by UEFI and will be booted.

For some examples on the actual "conversion", have a look at
http://www.rodsbooks.com/bios2uefi/index.html
https://superuser.com/questions/984294/ ... ux-to-uefi
https://unix.stackexchange.com/question ... os-to-uefi
https://bbs.archlinux.org/viewtopic.php?id=176016
https://www.redhat.com/sysadmin/bios-uefi

But after all, you should ask yourself: why? As far as I'm aware, there are no real benefits, maybe marginally improved bootup speed but that's about it.
If you're not going for Secure Boot, then I'd say it's not worth the additional hassle. I'm also using MBR, and I don't think that will simply go away or stop working at some point in time.

Re: moving from legacy boot to secure UEFI boot

PostPosted: May 8th, '21, 20:03
by jiml8
Why do it?

I agree with you; there are no benefits.

But, this upgrade occurred on an emergency basis, and I was a bit worried that MBR boot might no longer be supported. After all, it has been years since I made such an upgrade, and new systems I build all use UEFI (why not?).

In fact, I did have to hunt around in BIOS for awhile, after the mobo failed to detect any boot devices, and turning on this compatibility mode (which was a few menus down) was done with a prayer it would work. The system immediately booted after I did that, so it did indeed work.

Should I face another emergency upgrade, if mbr is no longer supported, I could find myself facing a difficult situation...a non-running system that I need to get running without losing data...and quickly.

If, as you suggest, mbr continues to be supported into the indefinite future, then that won't be a problem. But will it continue to be supported?

Re: moving from legacy boot to secure UEFI boot

PostPosted: May 8th, '21, 22:28
by doktor5000
jiml8 wrote:If, as you suggest, mbr continues to be supported into the indefinite future, then that won't be a problem. But will it continue to be supported?

Well, (U)EFI is around for over 20 years, I don't think that in the next 10-15 years MBR compatibility will simply cease to exist.

And for the migration path, worst case scenario - take another disk, fresh minimal install from USB in 5-10 minutes, then restore your data.
You could also try to migrate an existing test system for science that way. You could even try that in a VM - at least qemu and virtualbox support UEFI nowadays - although not sure how that would translate 1:1 to a physical UEFI system.

Re: moving from legacy boot to secure UEFI boot

PostPosted: May 9th, '21, 03:01
by jiml8
Is UEFI that old? Are you sure? I am thinking it is less than 15 years, but I am not sure of that.

And, standards do disappear in the computer builder's world. Try to find a modern board with an IDE interface. Or an ISA slot. Or an original generation PCI slot.

How often do we see people on the boards here asking if package X will be updated, or complaining that they can't move forward because package X is no longer supported and the next upgrade will break it.

It does happen, with both hardware and software. Presently, distro after distro is dropping support for 32 bit systems, which is orphaning a lot of old software. Microsoft, some years back, dropped their 16 bit subsystem and killed a lot of old software that was still in service.

Python 2 is now Python 3, and breaks backward compatibility. For many years, PHP has rolled forward with no regard for backward compatibility.

Why not mbr boot using the original grub? It is no longer developed; it is the old way. I don't know that it will go away, but, other than supporting stubborn people like you and me, I don't know why it wouldn't. It is a risk.

Re: moving from legacy boot to secure UEFI boot

PostPosted: May 10th, '21, 22:04
by benmc
option for you (and you should get to keep your un-modified existing system).

if you have a spare HDD floating around, size doesnt matter.
unplug your existing HDD and install your spare.
boot up a live system into UEFI - need to do the bios switch, and partition the drive for GPT, I use GParted.
install the system. reboot and check if all good. ok? then power off.
attach your usual system hdd and reboot.
as it is MBR, and your M/B is set to UEFI, it will be ignored, and should boot up your new system.
update grub and check to see that it has picked up your usual system.
reboot to your usual system.

(yes, I know, you shouldnt mix systems)

Re: moving from legacy boot to secure UEFI boot

PostPosted: May 10th, '21, 23:47
by jiml8
I may actually do something like this. This new mobo supports m.2 SSDs. I presently have 2 SATA SSDs in the system, both are about 6 years old, and both are nearly full so I am considering a fast new m.2 SSD to gain capacity and have a new (and very fast) place to put my system.

So that would be the time to attempt something like what you suggest. And if it went wrong, I would still have my system on the SSD that is my current boot device.