We got a new laptop, and I was thinking that I might as well go Dual Boot on this one and keep that Win 'round, so that Junior could finally play games like Cube World or Species which he had been eyeing but couldn't play on his own (pure) Linux laptop (and which we couldn't get to run in a VM, as XNA& VirtualBox don't appear to mingle well).
You would think that should be 1-Click®© and no big deal in 2014, but hélas, no... thanks to UEFI, as well as the minor added complexity (where's the fun otherwise..) that I wanted disk encryption this was a minor PITA. (FYI the Ubuntu installer does now offer a simple 1-Click full disk encryption installation option for simple wipe-everything-and-install Linux scenarios; this post is specifically about how I got it working in a Dual Boot with UEFI scenario.) Here's how to do it:
We'll start, as always, by grabbing the currently latest Ubuntu 14.04 64-bit image (it has to be the 64-bit; UEFI support isn't available on 32-bit, it seems). Put that on a USB stick, pop that in and boot from it...
First step, and this is super important, you have to make sure that it has booted up from UEFI mode, by checking if /sys/firmware/efi exists. In the case of my laptop, I had made the mistake of having manually disabled secure boot and enabled some BIOS setting allowing mixed UEFI / Legacy / CSM start-up, which ultimately ended up making things MORE complicated; after playing with this a little bit back and forth, I gathered that only by leaving that BIOS setting to "UEFI Boot only" did the Ubuntu installer image from the USB stick come up with /sys/firmware/efi.
Backups are generally never a bad idea, so I did a dd if=/dev/sdX conv=sync,noerror bs=64K | gzip -c > /mnt/myexthdd/hda.img.gz before touching anything, to make a restore-able copy of the entire internal drive (not just the Windows partition); see e.g. Disk Cloning on ArchiWiki for more about this.
OK, onwards; now using GParted to resize the Windows partition to make some free space for Linux. BTW, that seemed to handle resizing NTFS just fine - better than Windows' own Disk Management actually, which does have a Resize command, but even on an almost fresh factory install (after just latest Windows and firmware/BIOS upgrades etc.), it would only let me re-size to about half the original, not more, due to some "fixed position" file problem.
BTW, it's probably interesting and a Good Idea at this stage to have a closer look around at what existing partitions your laptop currently has from the factory - understand what is what, and maybe write that down somewhere - it could be handy later here. In my case, there were 6 (!) partitions BEFORE I started fiddling with Linux installation... thank you very much UEFI and Windows 8.
Right, now finally start the "Install Ubuntu 14.04". It may say "has no detected operating systems" (despite the pre-installed Window) - if it does, ignore that. Or it might notice the Win, but you'll find that you cannot use the "Encrypt the new Ubuntu installation for security" option in that case (it's "greyed out" / disabled), so -either way- we'll have to choose the "Something else" option instead, and:
In the "free space", Create Partition, say 300 MB ext4 /boot - the installer may make that say /dev/sda7. We DO want to Format this one; that NON ENCRYPTED bootstrap partition is where our Kernel image etc. will go. (What I'm curious about is how this holds up security wise - isn't that a huge backdoor for a possible attack vector? I vaguely understand that UEFI Secure Boot is supposed to address that, but digging more into this will have to be for some other night/s...)
In the remaining "free space", Create Partition using all remaining space, and "Use as: physical volume for encryption". As soon as you do that, new options will be added to the window; one lets you add a password for the encryption for the partition. This time, you will notice that, at the top of the list, the newly created, encrypted partition is listed under /dev/mapper/sdaX_crypt. Select that newly created partition, click "Change..." button, and ext4 for /.
Note that, at least in Ubuntu v14.04, you should NOT have to change the EXISTING (from Windows) small e.g. /dev/sda2 partition (it's the one with the 'boot' flag in GParted) to have a Mount point: /boot/efi manually yourself - that partition should already automatically show up as type "efi" by itself, and NOT as a "fat32"- if it does (incl. offering check/uncheck to Format it), then for some reason you have clearly NOT booted the installer in EFI mode!!
As Device for boot loader installation we'll want to choose our EFI partition (e.g. /dev/sda2).
OK, go - Continue. Confirm the next Q from the installer - we do want to continue, without having selected any partition for use as swap space (or create one inside /dev/mapper/sdaX_crypt if you need swap).
Now let it do the install, wait... and Restart. Now you'll get a GRUB 2 Boot Selector (not the one from Windows that was factory installed anymore, that's just been wiped). Try Linux.. it should work - great!
Normally GRUB2 menu will also have a Windows entry, try it - works? It did not for me... but, All Hail Boot-Repair comes to the rescue, and fixes things up. If your Boot-Repair says "EFI | /boot detected. Please check the options.", but then in Advanced options everything on GRUB location, GRUB options, MBR options is grayed out, then double check that you are running it as sudo and that your initial Ubuntu installation WAS done with UEFI support; remember /sys/firmware/efi, you need to see that when you boot from the intial USB, not just now when you're set-up. (And DO REMEMBER to disable UEFI Secure Boot in the BIOS, like boot-repair recommends in a message at the end...)
K, done! I learnt a few things, and it was lot's of fun & maybe this post is useful to someone out there.
PS: Other tutorial's recommend using NeoSmart's EasyBCD instead; I had tried that before doing above, and somehow it didn't work, on my laptop. The idea in that approach is that instead of GRUB you use the Windows Boot Manager and hope that it can boot into Linux via a new Boot Configuration Data (BCD) entry for Ubuntu you add - but somehow I could not get that to work.