Update README.md

2016-08-29 01:48:23 +02:00
parent 6ea55f480e
commit 503084b5cc
1 changed files with 121 additions and 2 deletions
--- a/README.md
+++ b/README.md
@@ -1,6 +1,5 @@
 Microsoft Surface Pro 3 with Arch Linux and i3
 ==============================================
-**!!! documentation unfinished !!!**

 (Dual) Booting Arch Linux (and Windows) with UEFI and Secure Boot
 -----------------------------------------------------------------
@@ -144,5 +143,125 @@ Set the Hardware Clock from the System Clock, and update the timestamps in

    hwclock --systohc --utc

+Create an entry for your hostname in `/etc/hostname` (witch is a computer name):

-...
+    surfacepro3
+
+A matching entry in `/etc/hosts` is recommended
+
+    127.0.0.1       localhost.localdomain   localhost       surfacepro3
+    ::1             localhost.localdomain   localhost       surfacepro3
+
+Set the root password:
+
+    $ passwd
+
+### Bootloader
+Install the bootloader.
+
+    $ pacman -S efibootmgr efitools
+    $ bootctl --path=/boot install
+
+Custom entries for the Systemd-boot must be made for linux kernels.
+Edit `/boot/loader/loader.conf`
+
+    default arch
+    timeout 4
+    editor  0
+
+Install the intel microcode updater and note the `PARTUUID` for the root `/`
+partition on your Arch drive `/dev/sdx3` via `blkid`
+
+    $ pacman -S intel-ucode
+    $ blkid
+
+Add the boot entry for the linux kernel in `/boot/loader/entries/arch.conf` and
+load the intel microcode updater before `initramfs`
+
+    title   Arch
+    linux   /vmlinuz-linux
+    initrd  /intel-ucode.img
+    initrd  /initramfs-linux.img
+    options root=PARTUUID=THE-NUMBER-GIVEN-BY-BLKID rw
+
+Download a Microsoft-signed loader and hashing tool, to generate compatible keys
+for any kernel, tool, etc. Also, change (copy) the name of the standard systemd
+bootloader so that the PreLoader will recognize it
+
+    $ cd /boot/EFI/systemd
+    $ pacman -S wget
+    $ wget http://blog.hansenpartnership.com/wp-uploads/2013/PreLoader.efi
+    $ wget http://blog.hansenpartnership.com/wp-uploads/2013/HashTool.efi
+    $ cp /boot/EFI/systemd/systemd-bootx64.efi /boot/EFI/systemd/loader.efi
+
+The boot order on the motherboard NVRAM has to be changed so that PreLoader.efi
+and HashTool.efi are present
+
+    $ efibootmgr -c -d /dev/sdx -p 1 -L PreLoader -l /EFI/systemd/PreLoader.efi
+    $ efibootmgr -c -d /dev/sdx -p 1 -L HashTool -l /EFI/systemd/HashTool.efi
+
+and in the correct order; PreLoader, HashTool and Linux Boot Manager.
+
+    $ efibootmgr -v                     # get the numbers 000x
+    $ efibootmgr -o 000P,000H,000L      # in my case it was 0003,0004,0000
+
+Exit the root shell
+
+    exit
+
+Unmount all the partitions
+
+    umount -R /mnt
+
+Restart the machine
+
+    reboot
+
+Turn secure boot back on. After reboot you should be loaded into a blue screen.
+The screen prompts you that no signed binaries were found and that you need to
+sign them (Enroll). Using the HashTool the following items MUST be signed for
+the Linux kernel to boot correctly:
+
+    /boot/EFI/systemd/loader.efi
+    /boot/vmlinuz-linux
+
+You can navigate back through folders using the ../ option. If you forgot to
+sign something and can not boot, don’t worry. You can load up the live USB
+(disable Secure Boot), and set HashTool.efi to be the first boot entry
+using `efibootmgr`. Then, you can re-sign (enroll) as needed.
+
+
+
+# Installing Windows
+Install windows normally.
+
+Before you restart for the first time disable fast startup (Windows 10)
+1. Type Control Panel in the search box.
+2. Click Control Panel.
+3. Click Power Options.
+4. Click Choose what the power buttons do.
+5. Click Change settings that are currently unavailable.
+6. Scroll down to Shutdown settings and uncheck Turn on fast startup.
+7. Click Save changes.
+
+To make Systemd-boot able to load windows through PreLoader.efi the Windows boot
+manager must be on the same ESP. But Windows will see the ESP and install it’s
+manager to `/boot/EFI/Microsoft/`.
+
+Windows will overwrite your existing boot order in NVRAM to place its boot
+manager first. Load up the live USB again (disable Secure Boot) and change the
+boot order back to PreLoader.efi being first:
+
+    $ mount /dev/sdx3 /mnt               # the Arch / partition
+    $ mount /dev/sdx1 /mnt/boot          # The Arch /boot partition
+    $ arch-chroot /mnt /bin/bash
+    $ efibootmgr -v                      # get the numbers 000x
+    $ efibootmgr -o 000P,000H,000L,000W
+    $ exit
+    $ umount -R /mnt
+    $ reboot
+
+To make an entry in the systemd-boot menu as default select the entry and press
+`d`.
+It could be handy to make Windows the default entry because of automatic updates
+that require multiple restarts, etc.