Skip to content

[mkinitcpio] Create UEFI executables

Morten Linderud requested to merge github/fork/Foxboron/morten/efi-image into master

Missing stuff for this pull-request.

  • Do we want a new section in the manpages?
  • Is the flags okay enough?
  • Testing

Implement UEFI executable generation in mkinitcpio by utilizing UEFI stubs provided by systemd/gummiboot.

This allows us to create a unified boot image we can boot from UEFI with. These are practical for secure boot as we can sign initramfs, kernel cmdline and the kernel all at once. By utilizing the BOOT_LOADER_SPECIFICATION we can also drop new images into the correct patch and have systemd-boot/gummiboot pick up the images.

The code does several things and does a fair amount of guessing to figure out all the inputs needed.

We use /etc/kernel/cmdline to localize the kernel cmdline options we want for the image. This is inherited from the kernel-install hook system which might double as some form of standard.

We also do a dance to get the correct kernel image. We do a lookup into /lib/modules and /boot for both versioned and unversioned kernels (mainly Arch Linux).

There is an attempt to support both 32bit and 64bit lookup paths for the stub images, but only 64bit is tested.

Gummiboot is also not tested.

https://www.freedesktop.org/software/systemd/man/kernel-install.html

https://systemd.io/BOOT_LOADER_SPECIFICATION/#type-2-efi-unified-kernel-images

Signed-off-by: Morten Linderud morten@linderud.pw

Merge request reports