EFI stub

From Gentoo Wiki
(Redirected from EFI stub kernel)
Jump to:navigation Jump to:search
This page contains changes which are not marked for translation.


Resources
This article has some todo items:
  • CONFIG_PM_STD_PARTITION for hibernation

The (U)EFI firmware present in many computers functions as a boot manager, allowing systems to boot by the use of a compatible EFI bootloader. By making the Linux kernel itself such a bootloader, called EFI stub, such a configuration will boot without the need of a secondary bootloader. This article provides instructions on configuring and installing unsigned kernels in the EFI System Partition (ESP) of a computer running in EFI mode. This requires secure boot to be disabled.

Kernel configuration

In order to boot directly from UEFI, the kernel needs to know where to find the root (/) partition of the system to be booted. Enable

  • EFI runtime service support (CONFIG_EFI),
  • EFI stub support (CONFIG_EFI_STUB)
  • Built-in kernel command line (CONFIG_CMDLINE_BOOL)
  • and add the root partition path (example: /dev/sda2) or its PARTUUID to (CONFIG_CMDLINE).
KERNEL Enable EFI stub support
Processor type and features  --->
    [*] EFI runtime service support 
    [*]   EFI stub support
    [ ]     EFI mixed-mode support
    ...
    ...
    [*] Built-in kernel command line
    (root=/dev/sda2)

Using root=PARTUUID= might be preferable. To find out use blkid:

root #blkid | grep sda2
/dev/sda2: UUID="d1e0c1e0-3a40-42c5-8931-cfa2c7deae32" TYPE="ext4" PARTUUID="adf55784-15d9-4ca3-bb3f-56de0b35d88d"
KERNEL CONFIG_CMDLINE - alternative using PARTUUID (example: adf55784-15d9-4ca3-bb3f-56de0b35d88d)
Processor type and features  --->
    [*] Built-in kernel command line
    (root=PARTUUID=adf55784-15d9-4ca3-bb3f-56de0b35d88d)
Important
The partition's PARTUUID is distinct from the filesystem's UUID.
Note
Alternatively to setting the Built-in kernel command line, the root partition path can be set by the NVRAM (boot entry) (e.g. via efibootmgr) or by an additional EFI boot manager.
Note
For Distribution kernels (except gentoo-kernel-bin) the kernel settings go to savedconfig or /etc/kernel/config.d.

Installation

If an ESP does not exist, one needs to be created. See EFI System Partition. Still in the kernel directory, build the kernel and install the modules:

root #cd /usr/src/linux
root #make && make modules_install

Have the ESP (in this example /dev/sda1) mounted at /boot:

root #mount /dev/sda1 /boot

Copy or move the kernel image to the right place adding version number and the .efi suffix:

root #mkdir -p /boot/EFI/Gentoo
root #cp arch/x86/boot/bzImage /boot/EFI/Gentoo/bzImage-4.9.76-r1.efi

In the ESP it should then be listed like:

user $tree -L 3 /boot
 /boot
 └── EFI
     └── Gentoo
         └── bzImage-4.9.76-r1.efi

Alternatively the fallback directory /boot/EFI/Boot could be used additionally to or instead of /boot/EFI/Gentoo. Alternatively vmlinuz can be copied (or moved) instead of the bzImage.

Next, update the NVRAM creating a new boot entry using e.g. efibootmgr.

Microcode loading (Intel)

An efistub compatible method to load microcode without using an initramfs can be found in the Intel microcode article.

Optional: Initramfs

See the Generating the Initramfs and Using a Stub Kernel sections of the Early Userspace Mounting article.

Optional: Secure boot

There is a forums post and another wiki article explaining in detail how to sign the kernel and enable secure boot.

Troubleshooting

root #efibootmgr -c -L "Gentoo Linux" -l '\EFI\Gentoo\bootx64.efi' -u 'root=PARTUUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'
To create a boot entry with efibootmgr and hibernation on swap partition:
root #efibootmgr -c -L "Gentoo Linux" -l '\EFI\Gentoo\bootx64.efi' -u 'root=PARTUUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX resume=PARTUUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'

See also

External resources

Retrieved from "https://wiki.gentoo.org/index.php?title=EFI_stub&oldid=1175854"