Bitlocker on data drive -> no POST (AB350 Gaming)

Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic

   I posted recently about enabling the hardware encryption (eDrive) on my Nvme OS drive, and I received a custom/beta BIOS from Asrock for my AB350 Gaming ITX that sorted out my issue, and I could then enable eDrive on my Nvme OS drive (Samsung 960 Evo) and proceed to use bitlocker with hardware encryption.

However, when I also enable eDrive and bitlocker on my data drive SSD, a Samsung 850 Evo Sata SSD which also supports eDrive, everything seems to work fine in windows and I can run the bitlocker test to confirm that the drive is indeed using hardware encryption - but whenever I restart, I just get a black screen. The fans speed up, the screen wakes up, but the PC never gets into POST so I cannot even enter the BIOS!

There is no power cycling, only a slight periodic variation of fan speeds for some reason (I guess the CPU fan, but have not investigated further).

The only solution I have found is to start the PC with the Sata power cable for the data drive unplugged, which allows the PC to post and boot normally from the OS drive. When in Windows, I plug the power cable back and the data drive appears back after a short while. Then everything works normally and I can read and copy files from it - until the next restart.

This is very strange, since a lot of people are using the 850 Evo as a hardware endrypted data drive - the problems people have been having have always been if using it as the OS drive. 

I find this both annoying and intriguing - in which way can an SSD prevent POST?
If anyone has ideas, I'm all ears!

Things I have tried, without any success:
- press reset button
- Use different unlocking methods for the data drive, both auto-unlock and password.
- Disable bitlocker on both drives, then only enable on data drive.
- Disable the "aggressive Sata power savings" in BIOS.
- All combinations of Secure Boot / CSM settings (although they need to be on and off respectively for eDrive, but one has to try)
- enable Sata hot swap
- SSD PSID revert, followed by a secure erase just to be sure, then enabled eDrive again

The setup:
OS: Windows 10 Pro 1803
Mobo: Asrock AB350 Gaming ITX, BIOs 4.70A
CPU: Ryzen 1600X (stock)
Ram: G.Skill 2*8 GB @3066
GPU: Evga 1070 Superclocked
PSU: Coolermaster V550S (550W)
SSD (OS): Samsung 960 Evo 250GB (latest firmware)
SSD (data): Samsung 850 Evo 1TB (latest firmware)

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
Squidder Members Profile Send Private Message Find Members Posts Add to Buddy List Newbie Joined: 22 Sep 2018 Status: Offline Points: 11	Post Options Post Reply Quote Squidder Report Post Thanks(0) Quote Reply Topic: Bitlocker on data drive -> no POST (AB350 Gaming) Posted: 01 Oct 2018 at 6:22am
	I posted recently about enabling the hardware encryption (eDrive) on my Nvme OS drive, and I received a custom/beta BIOS from Asrock for my AB350 Gaming ITX that sorted out my issue, and I could then enable eDrive on my Nvme OS drive (Samsung 960 Evo) and proceed to use bitlocker with hardware encryption. However, when I also enable eDrive and bitlocker on my data drive SSD, a Samsung 850 Evo Sata SSD which also supports eDrive, everything seems to work fine in windows and I can run the bitlocker test to confirm that the drive is indeed using hardware encryption - but whenever I restart, I just get a black screen. The fans speed up, the screen wakes up, but the PC never gets into POST so I cannot even enter the BIOS! There is no power cycling, only a slight periodic variation of fan speeds for some reason (I guess the CPU fan, but have not investigated further). The only solution I have found is to start the PC with the Sata power cable for the data drive unplugged, which allows the PC to post and boot normally from the OS drive. When in Windows, I plug the power cable back and the data drive appears back after a short while. Then everything works normally and I can read and copy files from it - until the next restart. This is very strange, since a lot of people are using the 850 Evo as a hardware endrypted data drive - the problems people have been having have always been if using it as the OS drive. I find this both annoying and intriguing - in which way can an SSD prevent POST? If anyone has ideas, I'm all ears! Things I have tried, without any success: - press reset button - Use different unlocking methods for the data drive, both auto-unlock and password. - Disable bitlocker on both drives, then only enable on data drive. - Disable the "aggressive Sata power savings" in BIOS. - All combinations of Secure Boot / CSM settings (although they need to be on and off respectively for eDrive, but one has to try) - enable Sata hot swap - SSD PSID revert, followed by a secure erase just to be sure, then enabled eDrive again The setup: OS: Windows 10 Pro 1803 Mobo: Asrock AB350 Gaming ITX, BIOs 4.70A CPU: Ryzen 1600X (stock) Ram: G.Skill 2*8 GB @3066 GPU: Evga 1070 Superclocked PSU: Coolermaster V550S (550W) SSD (OS): Samsung 960 Evo 250GB (latest firmware) SSD (data): Samsung 850 Evo 1TB (latest firmware)

tox1c90 Members Profile Send Private Message Find Members Posts Add to Buddy List Newbie Joined: 22 Jan 2016 Status: Offline Points: 4	Post Options Post Reply Quote tox1c90 Report Post Thanks(0) Quote Reply Posted: 04 Apr 2019 at 8:43pm
	I can confirm exactly the same story - only difference is I'm using an Asrock Z370 Pro4. I use Bitlocker eDrive hardware encryption on two Samsung SATA SSDs and one Crucial SATA SSD. Then I bought an Samsung 970 NVMe SSD and wanted to use this as an eDrive with the OS on it. So I asked Asrock for eDrive support on NVMe SSDs, and like you I received an UEFI beta update which was supposed to add this support. I flashed this UEFI and got black screen without successful POST, exactly as you are describing. No boot, no UEFI access, CMOS reset does not help and so on. Only possibility to get back into UEFI was to disconnect all SATA SSDs which have Bitlocker/eDrive hardware encryption enabled (that means ALL SATA SSDs in my case). I flashed back to the last official UEFI and then I could use eDrive on SATA SSDs again. I was hoping that they fix this problem until they release an official/final version of this UEFI update, but that was not the case. The latest official UEFI 3.30 for Z370 Pro4 is causing exactly the same problem. UEFI POST does CRASH as soon as any hardware encrypted, eDrive-enabled SATA SSD is connected! I talked to Asrock support about this, and this was the very unsatisfying answer: Hello, feedback from BIOS department: After checking and experimenting, we get below conclusion regarding hardwareencryption Bitlocker. If the system is under encrypted status, it cannot boot into Windows again when restart system. Only re-install OS or remove encrypted HDD and then able to boot properly. So, please decrypted hardware encryption before shut down or restart system. Then system is able to work normally. best regards, ASRock Support