Y12 Preloader File

0 views
Skip to first unread message

Jacquelyne Betance

unread,
Aug 3, 2024, 4:44:14 PM8/3/24
to dropsasearchma

Your structure is pretty simple and all your content is in one DIV. So use a onload IX that is going to hide the content of the page (initial state) and show it 200 or 300ms later, the time for your preloader to show up and finish running. If the content still flashes before being masked by the UI, then just set the content opacity zero in the style panel and make the IX bring it to 100% 300ms
later.

It looks like this is a result of FOUT (Flash of unstyled text). This usually occurs when text is finished loading before the Webfont and is not uncommon with Google Fonts. In this case the flash is interrupting your preloader page load animation.

If you better look at function MyFunction(), you will see that u made mistake at line var preloader = document.getElementsById('loading');, specifically on the part getElementsById, which you need to replace with getElementById.

To use the mini-USB image, you have to enroll the hashes for loader.efi (in the \EFI\BOOT directory; actually gummiboot) as well as shell.efi (in the top level directory). It also includes a copy of KeyTool.efi which you have to enrol the hash of to run as well.

Then I copied it to a FAT usb key and started it. I added the hash of loader.efi which is gummiboot in that example. But of course it was not able to start the shell.efi without adding the hash of that binary.

I have been , and currently a Windows Computer support person. I have been active supporting Windows for over 20 years, but find it frustrating to learn and work with Linux. First of all, I am not a programmer. Secondly, when I run into situations like this, where the industry hardware boot changes, I am stuck. I can download a new Bootloader.exe that will solve the Windwows UEFI boot from USB / CD problem. But when it comes to writing code and going through programmer type work arounds, for get it.

Randy Fry: these instructions is for advanced users only. Users who want to install Linux distro on UEFI/Secure Boot computer will have to wait for distribution releases on April/May (Fedora/Ubuntu and related distros).

Seems like you folded to Microsoft UEFI and microsofts monopolistic decision to have OEMs use UEFI whether a consumer wants this or not under the guise of security when in fact its an effort to maintain control on MS part.

All in all when buying PC hardware one should not be forced to be intertwined with an operating system installed on it period or it seems one has not bought the hardware but instead is renting the right to operate the hardware purchased as well.

Please provide checksums from secure algorithms too. It is trivial to generate two different files with different prechosen contents that still has the same MD5 checksum, there are tools that makes it simple.

I tried your sb-usb.img on a current Asus UX31A. I turned secure boot on
for the experiment. When the system accessed the stick with your image,
it offered me a way to enrol the three keys you describe in your
article. I followed the dialog and rebooted. After reboot I find in the
BIOS the stick as a first class boot option. So I assume this is what
you intended.

Well Keytool is very cool, I did not test it first as it was not as extra download just in the sb-usb.img. After i tried the Keytool I found out what is missing in common firmware: You can NOT reset the MOK db. Using it I could remove all hashes I added and it asked me again.

The efitools source could be better howewer. After a few suggestions the Gummiboot code was modified in a way that it compiles without changes on Debian, in efitools you still see the RedHat/SuSE hardcoded paths (Hint: there is NO lib64 on Debian). Shim is not nice too but Ubuntu packaged it already.

I do not see where the PC booting with UEFI can solve security problems other than locking out the ability of booting another OS supposedly to protect the personal data of a user.
And since linux, once booted, can access an NTFS partition of windows, and get the personal data there as well as modifying files etc., Microsoft wants to block any other OS from being able to boot or be installed.
UEFI does not protect windows from web based attacks.
It only prevents one from booting an OS like linux even if the purpose is to recover personal data from a trashed windows install or to remove files associated with a virus or malware.
I have used linux on a windows PC that ran XP to remove a scareware file that would pop up a window for each application on it saying the file was infected and to click on the link in the notice to buy and install their anti-virus software.

Thank you for making this available for use. I have used the USB image to do a secure boot of Puppy Fatdog64 test version for UEFI on USB flash drive. It does work with some minor issues. The issues are mostly the result of my lack of knowledge. The details are here on the Puppy Forum at this url: -linux.com/puppy/viewtopic.php?t=83402

I have important information for your regarding why it is not possible to boot linux on windows 8 machines and hardware.
Apearently Microsoft did that on purpose in collaboration with the hardware manufacturers and is paying the hardware manufacturers off (bribing them), so they would make sure that other operating-systems (besides Windows 8) cannot be installed on their hardware.
Please check out this article here for details on this:

I guess the only way to make progress in this area is to sue microsoft, and possibly the hardware manufacturers. Microsoft has no interest to help Linux or any other operating systems to run on Windows Computers. They especially bribed the hardware manufacturers, so nobod else can run an other OS so easily on Windows Computers. Why should Microsoft now make it easier for Linux?
Everybody, please look into this.
Check out this link:

In these articles I detail my journey through Hell as I learn about UEFI and Secure Boot; the steps I took to get Mint to work with my UEFI with secure boot disabled and the shocking things I learned from talking to the HP reps.

Thank you for your answer; i follow your instructions but after the reboot i always unable to launch my linux OS after the reboot of my pc. please note that i was already installed my linux platform before to follow the previous steps;
Thanks!

One other thing i noticed is when you use Fastboot with disabled usb init and you have to enrol a new hash you have got a problem. You can not use the keyboard without at least partial init. When you used Win8 first and then rebooted (which shift) then you have got keyboard access but when you then installed Linux as default with Fastboot then you can only hope that holding RESET for a few seconds will get you into the Setup to change Fastboot. So basically you did not gain too much as you can get lost this way. Just a tiny bit later then when you would have to go to Setup to disable Secure Boot. This can always happen when you update your bootloader. Not really optimal using a hash.

b) By updating the ESP on the internal Harddisk. Where I created a EFI\LinFnd directory which contains the Preloader.efi, HashTool.efi and loader.efi (Gummiboot). And inturn changing the boot sequence using a combination of bcfg from efi shell and bcdedit (as win8 was reseting the efi boot order independent of the bios/efi firmware boot sequence).

james,
I got your mini-usb shell running on an ACER V5 171 machine.
From that I can get to the linux foundation bootloader.. and then into win8. ready to put debian wheezy on the machine now.
Many, many thanks for your work.

where are hashes saved? on esp or in the motherboard firmware
does the shim and the preloader support loading several signed loaders? where is shim looking for keys?
Is there possibility to install the grub image on a bios_grub partition and esp at the same time? I need this to boot from portable hdd on computers of both types.

The hashes are saved in the db. This is part of the UEFI variables. You can e.g. enter your UEFI and save the keys. The db is where you will find the hashes. You can extract the stuff like this. Rename the db file to db.esl and the do this:

I have written something to remove the header. But I am unsure whether the bytes which start the .esl in my case are always the same. Perhaps you should adapt DB_START and MOK_START in this tool for you.

This site is ActivityPub enabled so you can follow the blog or announce, like or reply to posts from fediverse clients like mastodon. Simply pull the URL of the blog or post into your fediverse tool search bar and the activitypub will display

My fix was to remove the untar from the makefile (run the tar xvf $(preloader.tar.gz) myself)and/or make sure the filepath does NOT have any spaces in it. Seemed to work for me for now. New preloader.bin generated!

In my case, the file "tar.exe" was in the folder "c:\window\system32". I ran "make -j -d" and at the end saw, that "make" would try to start "c:\windows\system32\tar.exe zxf ..." instead of cygwin path. Of course, windows tar can't to recognise unix path and finishes with error "File not found". So, I deleted "tar.exe" in "c:\window\system32" folder and this is a solution for this issue.

MKami1 answer nailed it, however personnally I did not want to delete c:\windows\system32\tar.exe from my system, so instead I opted for a one line modification of the Makefile, to avoid swapping windows-style paths by unix-style paths for this specific command:

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

A skeleton screen, on the other hand, is a kind of loading screen that shows the structure of the page without its actual content until the server operations finish processing and the data is available to display.

c80f0f1006
Reply all
Reply to author
Forward
0 new messages