UEFI
UEFI, short for Unified Extensible Firmware Interface, is a firmware standard for boot ROM designed to provide a stable API for interacting with system hardware. On x86 it replaced the legacy BIOS.
It was developed by Intel as Extensible Firmware Interface, short EFI, for the Itanium architecture ("IA-64" or Intel Architecture 64-bit). Like Open Firmware it is designed to be an architecture independent platform available to different CPU instruction sets. It was ported to 32-bit x86 "IA-32" (also i386 and x86-32), 64-bit x86 "x86-64" (also x64, AMD64 and Intel 64), ARM, RISC-V, and LoongArch.
Any boot ROM that conforms to the UEFI specification is a UEFI ROM. There are multiple implementations, including the open source TianoCore EDK II which serves as the UEFI reference implementation.
Introduction
The UEFI architecture defines a system initialization process which differs from the classic BIOS one. The main difference happens after a successful self-check and device initialization - UEFI then reads selects one of its stored boot entries (see efibootmgr), determines the location of the corresponding EFI application (such as a regular bootloader or EFI stub) and launches it. These actions are performed instead of reading the Master Boot Record (MBR) of the first in the list of available devices (Boot Drive).
UEFI also brings support for features like:
- Secure Boot
- large disk partitions using GUID Partition Table (GPT)
- rich pre-OS boot environment
Kernel configuration
In order to support native (U)EFI, the kernel needs to be configured with EFI support.
Processor type and features --->
[*] EFI runtime service support (EFI=y)
[ ] EFI stub support (EFI_STUB=n)
[ ] EFI mixed-mode support (EFI_MIXED=n)
The EFI stub support is only required to boot the kernel directly as an EFI executable, as is the EFI mixed-mode support in case a 64-bit kernel is to be booted directly from a 32-bit EFI implementation.
In order to provide access to the EFI functions from a booted system, additional kernel features must be enabled.
File systems --->
Pseudo filesystems --->
<M/*> EFI Variable filesystem (EFIVAR_FS)
Device Drivers --->
Firmware Drivers --->
EFI (Extensible Firmware Interface) Support --->
<M/*> Register efivars backend for pstore (EFI_VARS_PSTORE)
[*] Disable using efivars as a pstore backend by default (EFI_VARS_PSTORE_DEFAULT_DISABLE)
<*> Export efi runtime maps to sysfs (EFI_RUNTIME_MAP)
[*] Reserve EFI Specific Purpose Memory (EFI_SOFT_RESERVE)
CONFIG_EFI_VARS was removed in 2023.[1]
Especially efivarfs must be loaded in order for efibootmgr to work. See efibootmgr for further details.
All (U)EFI functions can be disabled with the kernel parameter
efi=noruntime, or activated with efi=runtime. A kernel booted without EFI runtime functions will not be able to alter any EFI settings and variables, including the boot configuration.Alternatives
The open source hardware initializer ROM Coreboot can deploy UEFI, BIOS, and Open Firmware boot ROMs among others.
See Also
- BIOS — the standard firmware of IBM-PC-compatible computers until it was phased out in 2020.
- Coreboot — a free and opensource hardware initializing firmware which supports multiple boot ROM payloads.
- Open Firmware — an IEEE 1275-1994 standard Forth-based firmware popularized by PowerPC Macs which sees continued use with the OpenBIOS project.
External resources
- UEFI Specifications
- Unified Extensible Firmware Interface Forum
- coreboot — open source firmware that can deploy BIOS and UEFI (among others) as second stage payloads.
- GLaBIOS — A modern, scratch-built, open-source ROM BIOS for PC, XT, 8088 PCs.