Convert Legacy Boot to Uefi zfs (how to)

O

oleyska

New Member
Feb 6, 2023
2
1
3
I had this X710 nic and I wanted VFIO.
Those options were only available using Uefi, I installed proxmox at some point and I didn't do efi boot so just been stuck ever since, I was a bit annoyed to see everyone just say "just reinstall bro" and I just said to myself No! :)

system short specs: X470D4U with a 3900X.

So a brief summary of how to, starting from Legacy booted environment:

1.\
Backups.
Take backups of config, boot files and such just in case.
2.\
proxmox-boot-tool reinit
Note down disk uuid and partitions used so you can verify that it'll do the right thing later, or troubleshoot

lsblk -o +FSTYPE
Your installed drive(s) should have a 512mb partition and that partition appeared as vfat for me.


Install systemd-boot

apt-get install systemd-boot


Verify that " bootctl " command works, this verifies that we can do the commands required later.

3.\
download proxmox-ve install media, I used 8.0.2 for my 8.0.3 installed proxmox, 8.1 refused to boot at all.
http://download.proxmox.com/iso/

4.\
Disable CSM in Bios and all legacy boot options, only Uefi from now on.

5.\
Boot proxmox media, advanced options and console debug.

When prompted press CTRL+D

6.\
Make the live environment more like home (more like the actual install with same paths)
Import your pool, replace rpool with your pool name, it just happened to be my pool name for OS install.

zpool import -f -R /mnt rpool

Mount paths:
mount -o rbind /proc /mnt/proc
mount -o rbind /sys /mnt/sys
mount -o rbind /dev /mnt/dev
mount -o rbind /run /mnt/run

Finally change root folder path
chroot /mnt /bin/bash


7.\
Now we'll actually change the bootloader.
pve-efiboot-tool reinit
pve-efiboot-tool refresh

The Partitions touched should match what you saw in point 2.\

Verify you now have a EFI boot option:
efibootmgr -v


Hopefully Success!!
 
  • Like
Reactions: cweakland
This worked on a test machine I built just to ensure I followed the process and there were no issues, and it was perfect.

Installed on my production machine as well without a problem. Just working through any errors that have occurred (I had the same on test but as it worked OK I didn't try and resolve them at the time).

First was that on boot it didn't remount rpool so I had to manually enter

Code: 
zpool import -f rpool

Second is I noticed an error when creating the EFI boot data. Everything works OK, but I thought I better check the journals

Code: 
journalctl -b0 -u systemd-boot-system-token

Gives me the following.....

Code: 
Apr 13 14:05:06 proxmox1 systemd[1]: Starting systemd-boot-system-token.service - Store a System Token in an EFI Variable...
Apr 13 14:05:06 proxmox1 bootctl[1809]: No ESP found, not initializing random seed.
Apr 13 14:05:06 proxmox1 systemd[1]: Finished systemd-boot-system-token.service - Store a System Token in an EFI Variable.

Digging a bit deeper I ran..

Code: 
bootctl

And I get the following

Code: 
Couldn't find EFI system partition. It is recommended to mount it to /boot or /efi.
Alternatively, use --esp-path= to specify path to mount point.
System:
      Firmware: UEFI 2.40 (American Megatrends 5.11)
 Firmware Arch: x64
   Secure Boot: disabled (disabled)
  TPM2 Support: no
  Boot into FW: supported


Current Boot Loader:
      Product: systemd-boot 252.22-1~deb12u1
     Features: ✓ Boot counting
               ✓ Menu timeout control
               ✓ One-shot menu timeout control
               ✓ Default entry control
               ✓ One-shot entry control
               ✓ Support for XBOOTLDR partition
               ✓ Support for passing random seed to OS
               ✓ Load drop-in drivers
               ✓ Support Type #1 sort-key field
               ✓ Support @saved pseudo-entry
               ✓ Support Type #1 devicetree field
               ✓ Boot loader sets ESP information
          ESP: /dev/disk/by-partuuid/96473510-6563-4482-9c09-7cf8964116ad
         File: └─/EFI/SYSTEMD/SYSTEMD-BOOTX64.EFI


Random Seed:
 Passed to OS: no
 System Token: not set


Boot Loaders Listed in EFI Variables:
        Title: Linux Boot Manager
           ID: 0x0003
       Status: active, boot-order
    Partition: /dev/disk/by-partuuid/96473510-6563-4482-9c09-7cf8964116ad
         File: └─/EFI/SYSTEMD/SYSTEMD-BOOTX64.EFI


        Title: Linux Boot Manager
           ID: 0x0001
       Status: active, boot-order
    Partition: /dev/disk/by-partuuid/b6958877-8e93-428a-8c97-66cd0b4a65a4
         File: └─/EFI/SYSTEMD/SYSTEMD-BOOTX64.EFI


        Title: UEFI OS
           ID: 0x0004
       Status: active, boot-order
    Partition: /dev/disk/by-partuuid/b6958877-8e93-428a-8c97-66cd0b4a65a4
         File: └─/EFI/BOOT/BOOTX64.EFI


        Title: UEFI OS
           ID: 0x0005
       Status: active, boot-order
    Partition: /dev/disk/by-partuuid/96473510-6563-4482-9c09-7cf8964116ad
         File: └─/EFI/BOOT/BOOTX64.EFI



So I can see two errors in there. The Random seed not passed to the OS, but that seems to be more of a symptom of the first error that the EFI system partition can't be found.

I can manually mount the EFI partition (which removes the error from bootctl displaying) , but I'm guessing that's what is needed here. It obviously also still leaves the message about the random seed token not set.

I manually mounted my disk to /boot and then ran...

Code: 
bootctl random-seed

which now gives me
Code: 
Random seed file /boot/loader/random-seed successfully written (32 bytes).
Failed to write 'LoaderSystemToken' EFI variable: Invalid argument

So the questions.......

1. How do I change things so that the correct EFI partition is mounted to /boot on startup? I have two mirrored ZFS drives, both with EFI boot partitions, but obviously the system only boots from one of them, so only one can be mounted.
2. As I have secure boot disabled, is the issue regarding the LoaderSystemToken important or not, and if so...how to resolve?
 
Worked like a charm, I was able to perform this using the latest Proxmox 8.2-2 ISO installer. Your step 5 should read "Boot proxmox media, advanced options and console terminal". The rest of the step worked 100%. Upon reboot my system complained about zfs pool rpool being mounted by another system. I simply had to execute: "zpool import -f rpool", then I believe I hit CTRL-D and it booted. Subsequent reboots were fine, no interaction needed. Thanks again!
 
  • Like
Reactions: oleyska
Sadly could not get this to work for myself.
All seemed okay, and can get it to boot to menu in uefi, but as soon as it loads the kernel option it hangs with:
efi stub loaded initrd from linux_efi_initrd_media_guid device path
and doesn't proceed any further. Any clues? PVE 8.3.2 with kernel 6.8.12-5
 
cbrherms said:
Sadly could not get this to work for myself.
All seemed okay, and can get it to boot to menu in uefi, but as soon as it loads the kernel option it hangs with:
efi stub loaded initrd from linux_efi_initrd_media_guid device path
and doesn't proceed any further. Any clues? PVE 8.3.2 with kernel 6.8.12-5
Click to expand...

it may be bios IOMMU issue, I've had it on a few gigabyte boards with various bios releases where disabling iommu makes it boot..
 
oleyska said:
it may be bios IOMMU issue, I've had it on a few gigabyte boards with various bios releases where disabling iommu makes it boot..
Click to expand...
Was on an R730xd here, latest bios and such.

Firstly had to update to the beta 6.11 kernel. Had read up the last there were a number of issues with passthrough on 6.5 and 6.8 that I was already doing.
apt install proxmox-kernel-6.11

And had to ensure simplefb was an enabled module.

Then it turned out it was then just that the display output wasn't working past getting to that point in boot, so it had looked like it had froze.

So, stripped back my /etc/kernel/cmdline to
intel_iommu=on iommu=pt
(Had to remove things added for a previously installed Nvidia card)
And, had to also blacklist xe and i915 in modprobe to ensure my intel GPU could be passed through and the main display output continued to use the correct mega driver.

All working now, with the exception that I need to figure out what resolution it's outputting at as it no longer plays nicely with a VGA to hdmi adapter I use for my KVM setup. But that's a different issue. Lol
 
You must log in or register to reply here.
Top Bottom