EFI System Partition

From Gentoo Wiki
Jump to:navigation Jump to:search
Resources

The EFI system partition (ESP) is a FAT formatted partition containing the primary EFI boot loader(s) for installed operating systems.

Kernel

Advanced partition selection (CONFIG_PARTITION_ADVANCED) and EFI GUID Partition support (CONFIG_EFI_PARTITION) must be enabled:

KERNEL Enable support for GPT
-*- Enable the block layer --->
   Partition Types --->
      [*] Advanced partition selection
      [*] EFI GUID Partition support

ISO8859-1 codepage must be enabled too, in order to mount the FAT EFI partition:

KERNEL Enable ISO8859-1 codepage and support for VFAT
-*- File Systems --->
   DOS/FAT/EXFAT/NT Filesystems  --->
      <*> VFAT (Windows-95) fs support
      (437) Default codepage for FAT
      (iso8859-1) Default iocharset for FAT
   Native Language support --->
      [*] NLS ISO 8859-1  (Latin 1; Western European Languages)

Characteristics

For creation instructions see Handbook.

parted (sys-block/parted) will show it with the boot, esp flags:

root #parted /dev/sda print
Model: ATA SAMSUNG SSD SM84 (scsi)
Disk /dev/sda: 256GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: 
 
Number  Start   End     Size    File system  Name                          Flags
 1      1049kB  99.6MB  98.6MB  fat32        EFI System Partition          boot, esp

gdisk (sys-apps/gptfdisk) will show it with partition code EF00:

root #gdisk -l /dev/sda
GPT fdisk (gdisk) version 1.0.1
 
Partition table scan:
  MBR: protective
  BSD: not present
  APM: not present
  GPT: present
 
Found valid GPT with protective MBR; using GPT.
Disk /dev/sda: 500118192 sectors, 238.5 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 1B59C2C8-8795-4625-9718-4D636B005AC1
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 500118158
Partitions will be aligned on 2048-sector boundaries
Total free space is 2669 sectors (1.3 MiB)
 
Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048          194559   94.0 MiB    EF00  EFI System Partition

Its filesystem can be created using the mkfs.fat command:

root #mkfs.fat -F 32 /dev/sda1

Size considerations

Gentoo Handbook recommends to allocating 1 GiB for ESP, which is more than enough for any bootloader payloads like EFI stub kernels or Windows.

Mount point

Mounting the ESP to /boot/efi/, as was traditionally done, is not recommended. A nested setup complicates implementation of best-practice autofs-style mounts, as establishing the inner autofs will trigger the outer one. Mounting these partitions via autofs (and by extension keeping them unmounted whenever possible) is recommended due to the data integrity and security characteristics of VFAT file systems being effectively nonexistent.

Where bootloader support is available use /boot for the XBOOTLDR partition and /efi for the ESP. If it is not possible to do so, a monolithic ESP should be mounted at /boot; autofs-style mounts should still be used.

Note
systemd, when partitions are configured according to the Discoverable Partitions Specification, can automatically mount the ESP used for the current boot to /boot or /efi unless a different partition is mounted there [possibly via /etc/fstab] or the mount point directory is not empty. If both ESP and XBOOTLDR exist, the /efi mount point is used.

For systemd (if not using the GPT auto generator):

FILE /etc/fstabConfiguring the ESP mountpoint for systemd
UUID=56FE-81E0        /efi       vfat    defaults,noatime,uid=0,gid=0,umask=0077,x-systemd.automount,x-systemd.idle-timeout=600 0 2

For OpenRC, use AutoFS to mount on-demand:

root #emerge --ask net-fs/autofs

Setup a Direct AutoFS Mount for the ESP.

FILE /etc/autofs/auto.masterConfiguring autofs to read the 'boot' file
/- /etc/autofs/auto.boot --timeout=600,sync,nodev

Tell AutoFS to watch for access to the paths /boot and /efi and mount them with options from device.

FILE /etc/autofs/auto.bootConfiguring the ESP mountpoint
/boot    -fstype=vfat,uid=0,gid=0,umask=0077     UUID=AB12-CD34
/efi     -fstype=vfat,uid=0,gid=0,umask=0077     UUID=EF00-000A

AutoFS needs to be running to watch mountpoints:

root #rc-update add autofs default

To use the automounter before rebooting, start it manually:

root #/etc/init.d/autofs start

There is no need to add these partitions to /etc/fstab.

Standard layout

There is a standard layout for the ESP. Vendors and distributions are supposed to put their stuff into vendor specific directories.

user $tree -L 3 /efi
 /efi
 └── EFI
     ├── BOOT
     │   └── BOOTX64.EFI
     ├── Linux
     │   └── gentoo-x.y.z-dist.efi
     └── Microsoft
         ├── Boot
         └── Recovery

Here the Microsoft subtree - and also the Boot subtree[1] - was created by an earlier installation of Windows 10. The Boot subtree is the fallback directory. If UEFI can't find any vendor specific directories it will boot from here. In a multiboot environment with properly set up vendor specific subtrees the Boot subtree can be deleted.

UEFI boot items

Computers with UEFI usually provide a boot menu and a configuration tool for creating, sorting or deleting boot items. The content of the ESP is visible to these tools and creating a boot item is like choosing the medium from a given selection, then surfing through the ESP and selecting the item, e.g bzImage-4.9.76-r1-gentoo.efi.

Alternatively, efibootmgr can be used for generating the UEFI boot items.

See also

References