From owner-freebsd-current@freebsd.org  Sun Jun 23 07:37:05 2019
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2C6D415C80AA
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Sun, 23 Jun 2019 07:37:05 +0000 (UTC)
 (envelope-from mueller6722@twc.com)
Received: from dnvrco-cmomta01.email.rr.com (dnvrco-outbound-snat.email.rr.com
 [107.14.73.229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "Client", Issuer "CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4398076FF5
 for <freebsd-current@freebsd.org>; Sun, 23 Jun 2019 07:37:03 +0000 (UTC)
 (envelope-from mueller6722@twc.com)
Received: from localhost ([96.28.161.151]) by cmsmtp with ESMTP
 id ex3WhRxuUP088ex3YhNe49; Sun, 23 Jun 2019 07:36:56 +0000
Date: Sun, 23 Jun 2019 07:36:36 +0000
From: "Thomas Mueller" <mueller6722@twc.com>
To: freebsd-current@freebsd.org
Subject: Re: UEFI firmware and getting FreeBSD recognized by default: who to
 talk to?
References: <1e08badd-a963-7e4b-98a7-52a9d3bd77a8@bluestop.org>
 <db7c8df3-ead3-9d56-bd9c-9ff732b401e9@denninger.net>
 <cc6c9260-451b-ae5b-0612-51b1a5525116@bluestop.org>
 <87dee58e-66dc-ddf8-980b-a538875ae8b9@denninger.net>
 <20190623012022.5270E1DDDFE@denninger.net>
 <cb2ef34c-836b-5a2d-9b9f-ff1b40cede59@denninger.net>
X-CMAE-Envelope: MS4wfOzEzlZy6mEKx/euSQZq/38jkqEn6c4vntHQqpplu7rbHbgbK90MlRrPhI1d37SHn75I+t7KNPTX2r71kcb0TnHVrwwyjEqupuni22ZmNmPUszktJWAq
 VZBTZEhYpXkCBaL5HU8N74eVpkGrn3UcCxeOP0l+pRrzR6tUvotdIrIm
X-Rspamd-Queue-Id: 4398076FF5
X-Spamd-Bar: ++++
Authentication-Results: mx1.freebsd.org;
 spf=pass (mx1.freebsd.org: domain of mueller6722@twc.com designates
 107.14.73.229 as permitted sender) smtp.mailfrom=mueller6722@twc.com
X-Spamd-Result: default: False [5.00 / 15.00];
 R_SPF_ALLOW(-0.20)[+ip4:107.14.73.0/24];
 FREEMAIL_FROM(0.00)[twc.com]; TO_DN_NONE(0.00)[];
 MX_GOOD(-0.01)[cached: dnvrco-cmedge02.email.rr.com];
 NEURAL_HAM_SHORT(-0.67)[-0.667,0];
 RECEIVED_SPAMHAUS_PBL(0.00)[151.161.28.96.zen.spamhaus.org : 127.0.0.10];
 IP_SCORE(-1.26)[ipnet: 107.14.73.0/24(-3.46), asn: 7843(-2.77), country:
 US(-0.06)]; R_DKIM_NA(0.00)[];
 ASN(0.00)[asn:7843, ipnet:107.14.73.0/24, country:US];
 SUBJECT_ENDS_QUESTION(1.00)[]; FREEMAIL_ENVFROM(0.00)[twc.com];
 FROM_EQ_ENVFROM(0.00)[]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-0.71)[-0.712,0]; FROM_HAS_DN(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; R_BAD_CTE_7BIT(3.50)[7bit];
 MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[twc.com];
 RCPT_COUNT_ONE(0.00)[1]; MISSING_MID(2.50)[];
 NEURAL_SPAM_LONG(0.95)[0.948,0];
 RCVD_IN_DNSWL_NONE(0.00)[229.73.14.107.list.dnswl.org : 127.0.5.0];
 MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2];
 GREYLIST(0.00)[pass,meta]; RCVD_TLS_LAST(0.00)[]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Jun 2019 07:37:05 -0000

from Karl Denninger and my previous post:

> > This is scary (Bitlocker), sent me to Wikipedia to look up Bitlocker.

> > Can you turn Bitlocker off after turning it on and get your system back?
> You SHOULD (better have!) kept the recovery key.  If you have it, you
> can boot with it.  Then turn it off and back on, and it will generate a
> new key.
> > Now I am even more scared to ever get a computer with MS-Windows!
       
> > One think on my mind is if I need a new motherboard, would it have the undesired Secure Boot?  I guess I'd have to ask the seller and look on the motherboard manufacturer's website (MSI, ASRock, Asus, Gigabyte, or other).
       
> > I have no Secure Boot now.
> Probably.  But you can shut THAT off (and should) provided you wish to
> dual boot.  The exception is ARM-based systems, many of which are
> secure-boot ONLY.  For Intel machines I've never run into one that can't
> have it turned off (and I'd return it immediately if I found one.)
> > I am trying to set up UEFI to boot my FreeBSD and NetBSD installations, and later, Linux.

> Tom

> Easy.  Refind should do that and allow selection from a menu.

Can one recover after losing the recovery key?  I think I would want to avoid Bitlocker from the outset (malware!).

I was thinking about AMD Ryzen if I need to replace motherboard.  I would need a new CPU with any new motherboard, Intel or AMD-compatible, would also need new RAM (DDR4, I now have DDR3), and probaby a new case.

But I would keep and transfer any hard drives that are still good.

Can rEFInd find and boot FreeBSD, NetBSD, Haiku, etc?

I don't see any refind, however partially capitalized, in FreeBSD base system or ports, or NetBSD base system or pkgsrc.  I find efibootmgr now in FreeBSD, but not NetBSD, base system.

I would want to label boot options with the partition label (like WD2G18, WD2G19, WD2G20, WD2G21, and others) so I can see on the boot menu.

I also notice it is difficult to choose the root partition when booting UEFI.  I could create a zero-byte or very small file in root directory with the partition label name, like /WD2G18 on partition WD2G18 just to show up with ls.

Tom