Can't chainload past Fog menu (Boot hard drive) - HP zbook laptop



  • You can see from the below bios config output most everything that may be useful. I am booting EFI firmware. I have secure boot disabled. I have a TPM and it is set to available. I have tried disabling the Intel Software Guard Extensions (SGX) which did nothing and I have reverted to “Software Control”.

    Booting to PXE works great. Imaging works fine (I get a warning about not being able to set the disk UUID after deployment, but that’s the only hiccup).

    Running Fog 1.5.0 RC10
    SVN Revision: 6080
    Kernel 4.13.4

    Product Name
    	HP ZBook 17 G4
    Processor 1 Type
    	Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
    Processor 1 Speed
    	2700 MHz
    Processor 1 Cache Size (L1/L2/L3)
    	256 KB / 1 MB / 6 MB
    Processor 1 MicroCode Revision
    	48
    Processor 1 Stepping
    	9
    Processor 1 Top-Slot 1(top)
    	Empty
    Processor 1 Top-Slot 2(under)
    	Empty
    Processor 1 Bottom-Slot 1(top)
    	8 GB Hynix/Hyundai
    Processor 1 Bottom-Slot 2(under)
    	Empty
    Serial Number
    	**REDACTED**
    SKU Number
    	**REDACTED**#ABA
    Universally Unique Identifier (UUID)
    	**REDACTED**
    Memory Size
    	8192 MB
    System Board CT Number
    	**REDACTED**
    Product Family
    	103C_5336AN
    Primary Battery Serial Number
    	01173 2017/09/23
    System BIOS Version
    	P70 Ver. 01.02  06/09/2017
    BIOS Build Version
    	0000
    ME Firmware Version
    	11.6.12.3202
    Video BIOS Version
    	Intel(R) GOP Driver [9.0.1061]
    Reference Code Revision
    	1.3.0
    Embedded Controller Firmware Version
    	46.39
    Born On Date
    	11/16/2017
    System Board ID
    	**REDACTED**
    Integrated MAC Address 1
    	**REDACTED**
    Asset Tracking Number
    	
    Ownership Tag
    	
    Feature Byte
    	**REDACTED**.aB
    Build ID
    	**REDACTED**#SABA#DABA
    Lock BIOS Version
    	*Disable
    	Enable
    BIOS Rollback Policy
    	*Unrestricted Rollback to older BIOS
    	Restricted Rollback to older BIOS
    Minimum BIOS Version
    	00.00
    Password Minimum Length
    	8
    At least one symbol is required in Administrator and User passwords
    	*No
    	Yes
    At least one number is required in Administrator and User passwords
    	*No
    	Yes
    At least one upper case character is required in Administrator and User passwords
    	*No
    	Yes
    At least one lower case character is required in Administrator and User passwords
    	*No
    	Yes
    Are spaces allowed in Administrator and User passwords?
    	*No
    	Yes
    Prompt for Admin password on F9 (Boot Menu)
    	*Disable
    	Enable
    Prompt for Admin password on F11 (System Recovery)
    	*Disable
    	Enable
    Prompt for Admin password on F12 (Network Boot)
    	*Disable
    	Enable
    TPM Specification Version
    	2.0
    TPM Device
    	Hidden
    	*Available
    TPM State
    	Disable
    	*Enable
    Clear TPM
    	*No
    	On next boot
    TPM Activation Policy
    	F1 to Boot
    	*Allow user to reject
    	No prompts
    Verify Boot Block on every boot
    	*Disable
    	Enable
    BIOS Data Recovery Policy
    	*Automatic
    	Manual
    Prompt on Network Controller Configuration Change
    	*Disable
    	Enable
    Dynamic Runtime Scanning of Boot Block
    	Disable
    	*Enable
    Sure Start BIOS Settings Protection
    	*Disable
    	Enable
    Enhanced HP Firmware Runtime Intrusion Prevention and Detection
    	Disable
    	*Enable
    Sure Start Security Event Policy
    	Log Event Only
    	*Log Event and notify user
    	Log Event and power off system
    Save/Restore MBR of System Hard Drive
    	*Disable
    	Enable
    Save/Restore GPT of System Hard Drive
    	*Disabled
    	Enabled
    Allow OPAL Hard Drive SID Authentication
    	*Disable
    	Enable
    Permanent Disable Absolute Persistence Module Set Once
    	*No
    	Yes
    System Management Command
    	Disable
    	*Enable
    Fingerprint Reset on Reboot
    	*Disable
    	Enable
    Host Based MAC Address
    	*Disable
    	System
    	Custom
    HBMA Factory MAC Address
    	**REDACTED**
    HBMA System MAC Address
    	**REDACTED**
    HBMA Custom MAC Address
    	**REDACTED**
    Pre-boot HBMA Support
    	Disable
    	*Enable
    Windows HBMA Support
    	Disable
    	*Enable
    Single NIC Operation (Disable All Other NICs when HBMA is active on one NIC)
    	*Disable
    	Enable
    HBMA Priority List
    	USB NIC Dongle:HP External Adapter :0BDA_8153
    	Thunderbolt Dock:HP Elite Dock :14E4_1682:14E4_1682
    	Embedded NIC:Intel (vPro) :8086_15B7:103C_8270
    	USB NIC Dongle:HP USB-C Travel Dock :17E9_4352
    	USB NIC Dongle:HP USB Travel Dock :17E9_4351
    	USB NIC Dongle:HP 3005pr :17E9_430A
    	USB NIC Dongle:HP Universal pr :17E9_4327
    Select Language
    	*English
    	Deutsch
    	Espanol
    	Italiano
    	Francais
    	Japanese
    	Portugues
    	Dansk
    	Svenska
    	Nederlands
    	Norsk
    	Suomi
    	Simplified Chinese
    	Traditional Chinese
    Select Keyboard Layout
    	*English
    	Deutsch
    	Espanol
    	Italiano
    	Francais
    	Japanese
    	Portugues
    	Dansk
    	Svenska
    	Nederlands
    	Norsk
    	Suomi
    	Simplified Chinese
    	Traditional Chinese
    Sunday
    	*Disable
    	Enable
    Monday
    	*Disable
    	Enable
    Tuesday
    	*Disable
    	Enable
    Wednesday
    	*Disable
    	Enable
    Thursday
    	*Disable
    	Enable
    Friday
    	*Disable
    	Enable
    Saturday
    	*Disable
    	Enable
    BIOS Power-On Hour
    	0
    BIOS Power-On Minute
    	0
    Power On When AC Detected
    	*Disable
    	Enable
    Power On When Lid is Opened
    	*Disable
    	Enable
    Startup Delay (sec.)
    	*0
    	5
    	10
    	15
    	20
    	25
    	30
    	35
    	40
    	45
    	50
    	55
    	60
    Fast Boot
    	*Disable
    	Enable
    Audio Alerts During Boot
    	Disable
    	*Enable
    NumLock on at boot
    	Disable
    	*Enable
    USB Storage Boot
    	Disable
    	*Enable
    Prompt on Memory Size Change
    	Disable
    	*Enable
    Network (PXE) Boot
    	Disable
    	*Enable
    Prompt on Fixed Storage Change
    	*Disable
    	Enable
    Prompt on Battery Errors
    	Disable
    	*Enable
    Legacy Boot Options
    	Disable
    	*Enable
    Legacy Boot Order
    	HDD:USB:1
    	HDD:M.2:1
    UEFI Boot Options
    	Disable
    	*Enable
    UEFI Boot Order
    	NETWORK IPV4:EMBEDDED:1
    	HDD:M.2:1
    	HDD:USB:1
    	NETWORK IPV6:EMBEDDED:1
    HP_Disk0MapForUefiBootOrder
    	PciRoot(0x0)/Pci(0x1B,0x0)/Pci(0x0,0x0)/NVMe(0x1,95-79-BE-71-B7-38-25-00)/HD(1,GPT,AFFBFB07-C841-4F92-8F9A-FCE300C11F29,0x800,0xB4000)/\EFI\Microsoft\Boot\bootmgfw.efi
    	PciRoot(0x0)/Pci(0x14,0x0)
    	PciRoot(0x0)/Pci(0x1F,0x6)/MAC(**REDACTED**,0x0)/IPv6(0000:0000:0000:0000:0000:0000:0000:0000,0x0,Static,0000:0000:0000:0000:0000:0000:0000:0000,0x40,0000:0000:0000:0000:0000:0000:0000:0000)
    	PciRoot(0x0)/Pci(0x1F,0x6)/MAC(**REDACTED**,0x0)/IPv4(0.0.0.0,0x0,DHCP,0.0.0.0,0.0.0.0,0.0.0.0)
    HP_Disk0MapForLegacyBootOrder
    	BBS(0xFFFF,,0x0)/PciRoot(0x0)/Pci(0x14,0x0)
    	BBS(HD,SAMSUNG MZVLW256HEHP-000H1-**REDACTED**,0x400)/PciRoot(0x0)/Pci(0x1B,0x0)/Pci(0x0,0x0)/NVMe(0x1,95-79-BE-71-B7-38-25-00)
    Smart Card Reader Power Setting (if present)
    	Always powered on
    	*Powered on if card is present
    Secondary Battery Fast Charge
    	Disable
    	*Enable
    Launch Hotkeys without Fn Keypress
    	*Disable
    	Enable
    Swap Fn and Ctrl (Keys)
    	*Disable
    	Enable
    Power Control
    	*Disable
    	Enable
    Fast Charge
    	Disable
    	*Enable
    Lock Wireless Button
    	*Disable
    	Enable
    WWAN Quick Connect
    	Disable
    	*Enable
    Fan Always on while on AC Power
    	*Disable
    	Enable
    Wake on WLAN
    	*Disable
    	Enable
    Wake on LAN on DC mode
    	*Disable
    	Enable
    Wake on WiGig
    	Disable
    	*Enable
    Boost Converter
    	Disable
    	*Enable
    Backlit keyboard timeout
    	5 secs.
    	*15 secs.
    	30 secs.
    	1 min..
    	5 mins.
    	Never.
    Bluetooth
    	Disable
    	*Enable
    Wireless Network Device (WLAN)
    	Disable
    	*Enable
    Embedded WiGig Device
    	Disable
    	*Enable
    Mobile Network Device (WWAN)
    	Disable
    	*Enable
    Mobile Network Device (WWAN) and GPS Combo Device
    	Disable
    	*Enable
    LAN / WLAN Auto Switching
    	*Disable
    	Enable
    GPS Device
    	Disable
    	*Enable
    Configure Legacy Support and Secure Boot
    	*Legacy Support Enable and Secure Boot Disable
    	Legacy Support Disable and Secure Boot Enable
    	Legacy Support Disable and Secure Boot Disable
    Import Custom Secure Boot keys
    	*Do Nothing
    	On next boot
    Clear Secure Boot keys
    	*Disable
    	Enable
    Reset Secure Boot keys to factory defaults
    	*Disable
    	Enable
    Enable MS UEFI CA key
    	No
    	*Yes
    Ready to disable MS UEFI CA Key
    	Not Ready
    	*Ready
    Custom Keys Image Verification State
    	*No Custom Keys
    	Fail
    	Success
    Ready BIOS for Device Guard Use
    	*Do Nothing
    	Configure on Next Boot
    	Clear Configuration on Next Boot
    Configure Storage Controller for RAID
    	*Disable
    	Enable
    USB Type-C Controller(s) Firmware Version:
    	TIPD Primary 1-Port Controller : 1.11.11
    	TIPD Secondary 1-Port Controller : 1.11.11
    Audio Device
    	Disable
    	*Enable
    Intel Smart Sound
    	Disable
    	*Enable
    Embedded LAN controller
    	Disable
    	*Enable
    Wake On LAN
    	Disabled
    	Boot to Network
    	*Boot to Hard Drive
    Integrated Microphone
    	Disable
    	*Enable
    Internal Speakers
    	Disable
    	*Enable
    Runtime Power Management
    	Disable
    	*Enable
    Headphone Output
    	Disable
    	*Enable
    Extended Idle Power States
    	Disable
    	*Enable
    Wake unit from sleep when lid is opened
    	*Disable
    	Enable
    Wake on USB
    	Disable
    	*Enable
    Integrated Camera
    	Disable
    	*Enable
    Fingerprint Device
    	Disable
    	*Enable
    Video Memory Size
    	*32 MB
    	64 MB
    	128 MB
    	256 MB
    	512 MB
    Graphics
    	Hybrid Graphics
    	Discrete Graphics
    	*Auto
    Force to Run Discrete Only Mode
    	*Disable
    	Enable
    Media Card Reader
    	Disable
    	*Enable
    USB Ports
    	Disable
    	*Enable
    USB Legacy Port Charging
    	Disable
    	*Enable
    Disable Charging Port in sleep/off if battery below (%):
    	10
    Smart Card
    	Disabled
    	*Enabled
    M.2 SSD 1
    	Disable
    	*Enable
    M.2 SSD 2
    	Disable
    	*Enable
    SATA1
    	Disable
    	*Enable
    SATA2
    	Disable
    	*Enable
    Thunderbolt Security Level
    	PCIe and DisplayPort - No Security
    	*PCIe and DisplayPort - User Authorization
    	PCIe and DisplayPort - Secure Connect
    	DisplayPort only
    Turbo-boost
    	Disable
    	*Enable
    Intel Software Guard Extensions (SGX)
    	Disable
    	Enable
    	*Software control
    Configure Option ROM Launch Policy
    	All Legacy
    	*All UEFI
    	All UEFI Except Video
    Hyperthreading
    	Disable
    	*Enable
    POST Prompt for RAID Configuration
    	Disable
    	*Enable
    Multi-processor
    	Disable
    	*Enable
    Virtualization Technology (VTx)
    	*Disable
    	Enable
    Virtualization Technology for Directed I/O (VTd)
    	*Disable
    	Enable
    Active Management (AMT)
    	Disable
    	*Enable
    USB Key Provisioning Support
    	*Disable
    	Enable
    Unconfigure AMT on next boot
    	*Do Not Apply
    	Apply
    SOL Terminal Emulation Mode
    	*ANSI
    	VT100
    Verbose Boot Messages
    	*Disable
    	Enable
    Watchdog Timer
    	*Disable
    	Enable
    OS Watchdog Timer (min.)
    	*5
    	10
    	15
    	20
    	25
    BIOS Watchdog Timer (min.)
    	*5
    	10
    	15
    	20
    	25
    USB Redirection Support
    	Disable
    	*Enable
    Show Unconfigure ME Confirmation Prompt
    	Disable
    	*Enable
    Wireless Manageability
    	*Disable
    	Enable
    CIRA Timeout (min.)
    	*1 min
    	2 mins
    	3 mins
    	4 mins
    	Never
    Deep Sleep
    	Off
    	*On
    Update Source
    	*HP
    	Custom
    Automatically Check for Updates
    	Daily
    	Weekly
    	*Monthly
    Automatic BIOS Update Setting
    	*Disable
    	Let user decide whether to install updates
    	Install all updates automatically
    	Install only important updates automatically
    Update Address
    	
    Force Check on Reboot
    	*Disable
    	Enable
    Update BIOS via Network
    	Disable
    	*Enable
    Use Proxy
    	*Disable
    	Enable
    Proxy Address
    	
    DNS Configuration
    	*Automatic
    	Manual
    DNS Addresses
    	
    Data transfer timeout
    	100
    IPv4 Configuration
    	*Automatic
    	Manual
    IPv4 Address
    	
    IPv4 Subnet Mask
    	
    IPv4 Gateway
    	
    Force HTTP no-cache
    	*Disable
    	Enable
     [0_1515608672448_HPBios.txt](Uploading 100%) 
    


  • @george1421 @Sebastian-Roth Ok, now that just not fair!!!

    If I ONLY have DriveRoot/EFI/BOOT/BOOTX64.efi on the USB drive and boot it with the default options, it works fine. Default options means that I am not doing any ACPI DSDT flag setting, no CPU flag setting, etc. I copied that same .efi file onto fog! So all that stuff that config.plist was supposedly fixing is now out the window since the USB just works regardless of the configuration set.

    So that totally chops up both of the things I was going to investigate next. Thoughts?



  • @george1421 Ok, I can remove all files from the USB drive except for these two files and have windows boot fine:

    DriveRoot/EFI/BOOT/BOOTX64.efi
    DriveRoot/EFI/CLOVER/CONFIG.plist

    If I leave config.plist in that folder and rename it to new.plist, when I boot to USB, that config file is NOT found. Does this suggest that clover has a hardcoded path it looks for a config under? Maybe we can pass it an argument that tells it where its config is at.

    Current things I want to check out:
    -Run same settings as what config.plist sets and see if it’ll chainload to windows fine from fog
    -Find out if I can pass arguments or get the clover.efi to find the config file that is present



  • @george1421 Looks like it still worked the exact same.

    Clover menu looks the same as when I chain’d from fog. Still get kernel panic after about 1s on windows login screen. When I exit clover and return to efi shell, imgstat shows config.plist with the right number of bytes and default.ipxe at 452 bytes (script)

    Going to try enabling some of the options from config.plist to see if I can avoid kernel panic. Also going to try removing extra things from USB to check if there are other external dependancies to just the clover.efi and config.plist.

    I would think it best if we figure out how to get clover to read the config.plist, but I am unsure what the next steps to do that would be.



  • @george1421 haha, I went grepping through /var/www/html and did this exact same thing via ssh before you posted. I made a new menu entry as a copy of $refind

    file: /var/www/html/fog/lib/fog/bootmenu.class.php

                'refind_efi' => $refind,
                'clover_efi' => $clover,
    

    and

            $refind = sprintf(
                'imgfetch ${boot-url}/service/ipxe/refind.conf%s'
                . 'chain -ar ${boot-url}/service/ipxe/refind.efi',
                "\n"
            );
            $clover = sprintf(
                'imgfetch ${boot-url}/service/ipxe/config.plist%s'
                . 'chain -ar ${boot-url}/service/ipxe/clover.efi',
                "\n"
            );
    

    And edited /var/www/html/fog/lib/fog/service.class.php

                'refind_efi',
                'clover_efi',
    

    From my test of this and via running the EFI shell manually, config.plist downloads fine. However, the clover boot menu looks totally different when booted from the USB, suggesting to me that when I exit to clover from fog, it is still not reading the config.plist file (which changes graphic modes and other settings that obviously work). imgstat looks good, etc.

    I am going to try adding the exit type with a different name via the web UI as you suggest and report back.


  • Moderator

    @szeraax ok, lets do a little digging here.

    If you set the exit mode to refind in the webgui this is what it puts in the ipxe menu:

    :fog.local
    imgfetch ${boot-url}/service/ipxe/refind.conf
    chain -ar ${boot-url}/service/ipxe/refind.efi || goto MENU
    

    So in your case you swapped refind.efi for what ever the clover boot loader is. You can see that fog is also sending refind.conf.

    Now as a test create a new fog menu, call it fog.clover with a title of Clover Exit or what ever.

    Make the parameters look like this

    imgfetch ${boot-url}/service/ipxe/config.plist
    chain -ar ${boot-url}/service/ipxe/clover.efi || goto MENU
    

    rename clover.efi to what ever the right name is and make sure both files are in /var/www/html/fog/service/ipxe directory.
    Lastly in the fog menu configuration make this menu show up for all hosts.

    Now pxe boot that host and from the ipxe menu pick the clover exit. The test is to see if we can create a menu entry to properly exit out of iPXE menu to boot.



  • @sebastian-roth @george1421 So if I put clover on a USB drive and boot it with the default config.plist, windows starts fine and seems to have no issues. It may just be that we need to transfer the config.plist with the efi file and that exit type would work great.


  • Developer

    @szeraax said in Can’t chainload past Fog menu (Boot hard drive) - HP zbook laptop:

    Of course, the fact that fog can do single part, resizable imaging on this computer means that it must not be TOO crazy of hardware otherwise I wouldn’t be able to see the disk and such.

    No, you have to understand that those are two very different things although we packed those very closely together in the FOG project. One is the Linux Kernel and a stripped down basic Linux system doing the actual imaging work. Many drivers are part of the Kernel. Another component is iPXE that we use for booting and in some cases for exiting to boot to the local disk. In your case this does not seen to work so we have another ring in the chain called rEFInd which has to have it’s own drivers to be able to see and boot from your local disk.



  • @george1421 Regarding your statement about booting rEFInd into a command shell via USB, I think I can probably do that fairly easily. What commands would you want the output of to get a better idea?

    Of course, the fact that fog can do single part, resizable imaging on this computer means that it must not be TOO crazy of hardware otherwise I wouldn’t be able to see the disk and such.


  • Developer

    @szeraax said in Can’t chainload past Fog menu (Boot hard drive) - HP zbook laptop:

    Just to clarify, you think that other people are booting NVMe drives via rEFInd in working without needing to do extra stuff? If so, i’d LOVE to see what their config for refind.conf is… (I’d rather avoid trying to use clover too).

    From my point of view (not having tested this with several different ones myself but reading about this here and there) it all depends on NVMe drivers. Some drives seem to be kind of generic and just work with the usual rEFInd binary (updated in working branch) and other just don’t. Can’t tell you which do.

    As I said, this is not tested. Just the impression I get.



  • And here’s a crappy video I made that shows the default options I’m seeing: https://www.youtube.com/watch?v=pj7JG0TpXEA



  • Ah ha! It seems not that the keyboard and mouse stop working, but that the whole computer freezes. for about half a second, I can move the mouse, but then it stops moving and the clock never changes the minute.



  • Seems to be many people that can’t use keyboard/mouse once booted up. There is some config suggested here https://www.tonymacx86.com/threads/no-mouse-or-keyboard-on-clover-instal.174311/ that might work, if the exit type for Clover were to deliver the boot.efi and config.plist I think?

    It seems like the default clover is set up for hackintosh booting. If we disable or fix some of these options, it may work without issue.



  • @george1421 Ok, bad news. Tested twice and then tested just letting the windows boot manager try by itself and when using clover default, my keyboard and mouse do not work in the laptop once it is booted to windows. Both times I booted from clover, I had to hold down power for 7s to get it to shut off. Afterword when booting without pxe, windows came up and worked fine without any issue.



  • @george1421 Absolutely. Though, i’m told that we need to return this demo laptop cause it doesn’t have enough ram and is missing the 2nd HDD. So it may be a few weeks before I have another laptop of this same model (I probably will turn it in Thursday and can do any testing before then).


  • Moderator

    @szeraax Interesting!! Sebastian and I have been talking about this issue in the background. My focus was to see if we can get refind to boot via usb into a command shell then we can attempt to debug why its not finding your disk.

    But that may not be necessary now. Maybe we need to research what is going on here. I know the easy solution would be to just provide another exit mode and that is where we may end up. But you are not the first to have this issue and refind “should” work. FOG may not be suppling the right info to refind to get it to locate your disks. Once I understand a bit more about refind’s innards, I hope we can ask you to help with your hardware to see if we can come up with a solution.



  • @sebastian-roth HOLY CRAP. Just dropping the clover boot.efi in the place of refind.efi booted windows just fine!



  • @sebastian-roth Just to clarify, you think that other people are booting NVMe drives via rEFInd in working without needing to do extra stuff? If so, i’d LOVE to see what their config for refind.conf is… (I’d rather avoid trying to use clover too).


  • Developer

    @szeraax said in Can’t chainload past Fog menu (Boot hard drive) - HP zbook laptop:

    I think I would LOVE it if I could figure out how to load that NVMe driver .efi that I got from the clover EFI loader… ATM, i’m trying to edit an efi file and inject it directly. But I don’t have the knowhow, lol.

    Sorry, haven’t done that myself yet. I had a look at the Clover project but that seems to be just another universe. Too much for me right now. Keep us posted and I am sure we can jump in with some helpful suggestions from time to time.



  • @sebastian-roth Just dropping the updated rEFInd files (conf and efi) gave me the default ocnfig file again (obviously). And it seems that rEFInd still hangs at “rEFInd - Initializing…” when trying to scan internal. If I do just hdbois, it has no problem (other than no boot entries). I did disable legacy boot prior to testing latest rEFInd. I did confirm windows still starts fine after disabling Begacy Boot options. I did cold boot in order to test.

    I guess my next step is to try moving to working branch. I think I would LOVE it if I could figure out how to load that NVMe driver .efi that I got from the clover EFI loader… ATM, i’m trying to edit an efi file and inject it directly. But I don’t have the knowhow, lol.


Log in to reply
 

445
Online

39.8k
Users

11.2k
Topics

106.8k
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.