Wiki

source: wiki.restarters.net

The pre-boot environment of a computer is controlled by the BIOS, or in modern computers, UEFI.

Because a computer can't do anything (even loading a program) without a program to tell it how, PCs and laptops, have an initial program built-in and stored in read-only memory. Traditionally, this has been known as the BIOS, but since around 2011 it has been superseded by a much more powerful program called UEFI.

* Power-on self-test (POST) * Performing an inventory of all available hardware and initialising it * Loading and executing the first stage of the operating system boot sequence.

The BIOS was overdue for replacement. In particular: * There was no formal specification, making it liable to incompatibilities. * It was encumbered by legacy architecture dating back to the 1980's. * It could only run in 16 bit mode, restricting it to a mere 1MB of memory. (All modern operating systems run in 32 or 64 bit mode.) * Its method of booting the operating system was crude and error-prone. * It ran into severe problems booting disks greater than 2TB. * In order to create any kind of boot manager for multi-booting or for full disk encryption it was necessary to use areas of disk which were traditionally unused but not guaranteed to be so by any formal specification.

In order to work with UEFI, one of the partitions on a GPT disk must be a special system partition known as the ESP (EFI System Partition). UEFI can recognise this, understand a FAT file system on it, and find the files on it required for booting the computer.

A computer equipped with UEFI will by default boot using the information provided in the system partition but it also has the capability to boot a legacy MBR disk by enabling the Compatibility Support Module (CSM) in the settings, or by defining a boot menu item as a BIOS Compatibility item.

To examine the ESP, under Windows, run a command prompt as an administrator then run the command

mountvol x: /s

Your x drive will now be the ESP, but only for that command prompt and any child processes. (run explorer to use a file manager)

UEFI also has the ability to only allow booting of a digitally signed operating system in order to protect against certain forms of malware which might subvert the process, and in an enterprise environment to prevent users booting anything but the approved company system. On an Intel machine it should always be possible to turn this off, but you may need a password in order to do so.