EFI System Partition

The EFI system partition (ESP) is a FAT formatted partition containing the primary EFI boot loader(s) for installed operating systems.

Kernel

Advanced partition selection (CONFIG_PARTITION_ADVANCED) and EFI GUID Partition support (CONFIG_EFI_PARTITION) must be enabled:

-*- Enable the block layer --->
   Partition Types --->
      [*] Advanced partition selection
      [*] EFI GUID Partition support

ISO8859-1 codepage must be enabled too, in order to mount the FAT EFI partition:

-*- File Systems --->
   DOS/FAT/EXFAT/NT Filesystems  --->
      <*> VFAT (Windows-95) fs support
      (437) Default codepage for FAT
      (iso8859-1) Default iocharset for FAT
   Native Language support --->
      [*] NLS ISO 8859-1  (Latin 1; Western European Languages)

Characteristics

For creation instructions see Handbook.

parted (sys-block/parted) will show it with the boot, esp flags:

Model: ATA SAMSUNG SSD SM84 (scsi)
Disk /dev/sda: 256GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: 
 
Number  Start   End     Size    File system  Name                          Flags
 1      1049kB  99.6MB  98.6MB  fat32        EFI System Partition          boot, esp

gdisk (sys-apps/gptfdisk) will show it with partition code EF00:

GPT fdisk (gdisk) version 1.0.1
 
Partition table scan:
  MBR: protective
  BSD: not present
  APM: not present
  GPT: present
 
Found valid GPT with protective MBR; using GPT.
Disk /dev/sda: 500118192 sectors, 238.5 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 1B59C2C8-8795-4625-9718-4D636B005AC1
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 500118158
Partitions will be aligned on 2048-sector boundaries
Total free space is 2669 sectors (1.3 MiB)
 
Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048          194559   94.0 MiB    EF00  EFI System Partition

Its filesystem can be created using the mkfs.fat command:

Size considerations

Gentoo Handbook recommends to allocating 1 GiB for ESP, which is more than enough for any bootloader payloads like EFI stub kernels or Windows.

Optional: Mount point

An entry in /etc/fstab might be useful for manually mounting the ESP but is not needed for booting.

Optional: autofs

Mounting the ESP to /boot/efi/, as was traditionally done, is not recommended. A nested setup complicates implementation of best-practice autofs-style mounts, as establishing the inner autofs will trigger the outer one. Mounting these partitions via autofs (and by extension keeping them unmounted whenever possible) is recommended due to the data integrity and security characteristics of VFAT file systems being effectively nonexistent.

Where bootloader support is available use /boot for the XBOOTLDR partition and /efi for the ESP. If it is not possible to do so, a monolithic ESP should be mounted at /boot; autofs-style mounts should still be used.

For systemd (if not using the GPT auto generator):

UUID=56FE-81E0        /efi       vfat    defaults,noatime,uid=0,gid=0,umask=0077,x-systemd.automount,x-systemd.idle-timeout=600 0 2

For OpenRC, use AutoFS to mount on-demand:

Setup a Direct AutoFS Mount for the ESP.

/- /etc/autofs/auto.boot --timeout=600,sync,nodev

Tell AutoFS to watch for access to the paths /boot and /efi and mount them with options from device.

/boot    -fstype=vfat,uid=0,gid=0,umask=0077     UUID=AB12-CD34
/efi     -fstype=vfat,uid=0,gid=0,umask=0077     UUID=EF00-000A

AutoFS needs to be running to watch mountpoints:

To use the automounter before rebooting, start it manually:

There is no need to add these partitions to /etc/fstab.

Standard layout

There is a standard layout for the ESP. Vendors and distributions are supposed to put their stuff into vendor specific directories.

 /efi
 └── EFI
     ├── BOOT
     │   └── BOOTX64.EFI
     ├── Gentoo
     │   ├── grubx64.efi
     │   ├── initramfs-x.y.z.img
     │   ├── kernel-x.y.z.efi
     │   ├── mmx64.efi
     │   └── shimx64.efi
     ├── Linux
     │   └── gentoo-x.y.z.efi
     ├── Microsoft
     │   ├── Boot
     │   └── Recovery
     ├── refind
     │   └── refind_x64.efi
     └── systemd
         └── systemd-bootx64.efi

Here the Microsoft subtree - and also the Boot subtree^[1] - was created by an earlier installation of Windows 10. The Boot subtree is the fallback directory. If UEFI can't find any vendor specific directories it will boot from here. In a multiboot environment with properly set up vendor specific subtrees the Boot subtree can be deleted.

UEFI boot items

Computers with UEFI provide a boot menu for bootloaders on the ESP. This boot menu is a function of the firmware and is not shown by default. Moreover there is no standard of how to get to the boot menu, but the most common way is to hold (or continuously press) a key on UEFI firmware initialization (also POST, power-on self test). Most UEFI firmware vendors will show the boot menu when one of the function keys on the connected keyboard is pressed. The boot menu may also be available from within the firmware setup ("BIOS setup"), which is also accessible when pressing a predefined key. Most commonly Esc, Del, F1, F2, F10, F11 and F12, and on tablets also the Volume Up and Volume Down keys are used to either enter the firmware setup or display the boot menu.^[2] Please consult your system or mainboard manual for the exact keys and further details.

An installation tool will not only manage the bootloader and other required files on the ESP, it will also manage the addition of an "EFI boot entry". EFI boot entries, stored in NVRAM, are like the registration of the bootloader to the firmware. EFI will normally only list bootloaders with a boot entry in the boot menu, therefore it is not sufficient to only copy a bootloader or EFI executable to the ESP. Linux bootloaders will normally automatically add an EFI boot entry on installation of an (U)EFI bootloader, like e.g. GRUB with grub-install.

Alternatively, a configuration tool for creating, sorting and deleting boot items is often included on UEFI compatible operating systems. The contents of the ESP is visible to these tools and creating a boot item is like choosing the medium from a given selection, then surfing through the ESP and selecting the item, e.g bzImage-4.9.76-r1-gentoo.efi. On Linux, efibootmgr can be used for managing the UEFI boot items.

BootCurrent: 0001
Timeout: 0 seconds
BootOrder: 0001,0000,2001,2002,2003
Boot0000* Windows Boot Manager  HD(1,GPT,6d98f360-cb3e-4727-8fed-5ce0c040365d,0x800,0x1400000)/\EFI\Microsoft\Boot\bootmgfw.efiRC
Boot0001* Linux Boot Manager    HD(1,GPT,6d98f360-cb3e-4727-8fed-5ce0c040365d,0x800,0x1400000)/\EFI\systemd\systemd-bootx64.efi
Boot2001* EFI USB Device        RC
Boot2002* EFI DVD/CDROM RC
Boot2003* EFI Network   RC

In case a bootloader is deleted from the ESP, UEFI will normally delete the EFI boot entry as well on startup, and the bootloader will no longer be available from the boot menu, even when the file is afterwards restored, i.e. copied to the same path on the ESP.

One single exception, where no EFI boot entry is required, is the removable media boot path. On internal (fixed) media, such as the internal HDD or SDD, it is also used as the fallback boot path on most UEFI systems.

Removable media

EFI bootloaders on removable media are not configured as boot entries, so tools like efibootmgr are not required. Instead the computer firmware identifies removable boot options by looking for a predefined file name unique to the system architecture in use, in a predefined path.^[3]

Most (U)EFI implementations support the use of the removable media boot path as a fallback on internal drives.^[4] Even though this is against specification, most systems use it in case the configured EFI boot entries are not working (i.a. a fallback), e.g. in case the boot entries are defunct (like missing files), or the EFI variables (accessible on Linux using efivarfs) are lost, e.g. failure of the persistent store (like when the NVRAM is reset, cleared or becomes corrupted, which may occur when the "CMOS battery" fails). With a buggy (U)EFI it may even be the only usable bootloader on that system. Only one such fallback bootloader is possible on a specific system (i.e. architecture), due to the standardized boot path and file names.

To use the removable media boot path it is sufficient to copy the EFI bootloader to the required path and file name. Should the firmware make use of this fallback, this may also remove the ability to select between configured boot entries, meaning that boot options (as listed with efibootmgr) through (U)EFI will not work. Even though every EFI bootloader can be used as fallback, it may be advisable to use a boot manager that itself has the ability to select between boot options, such as GRUB or rEFInd. From the above example for x64 (amd64):

The boot manager included in systemd, systemd-boot (formally Gummiboot), will automatically install to the removable media boot path. When sys-apps/systemd with the boot USE flag is updated, it is necessary to run bootctl again in order to update both bootloader files.

See also

• Handbook:AMD64/Installation/Disks#What is the EFI System Partition (ESP)?
• UEFI — a firmware standard for boot ROM designed to provide a stable API for interacting with system hardware. On x86 it replaced the legacy BIOS.
• EFI stub — describes EFI stub kernels, i.e. kernels directly executable from UEFI.
• efibootmgr — a tool for managing UEFI boot entries.
• REFInd — a boot manager for UEFI platforms.

References