[Long] UEFI support
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hello all,
UEFI (often called EFI, which was the name of its previous version) is a
new firmware interface, which is expected to replace the BIOS on new
PCs, as at has already done so on Apple PCs. While modern operating
system do not rely much on firmware calls for normal operation, the boot
loader does.
Debian is concerned by this standard, because it has to be supported if
we want it to be usable on UEFI-based systems. And I think we should be
*very* concerned by it because, if I recall correctly, UEFI is a
requirement for the Windows 8 sticker program (“designed for Microsoft
Windows”), which means that we can expect that many branded PCs and
motherboards, if not most, will be UEFI-based.
In order not to see Debian become uninstallable (meaning, not
installable unless you are a guru) on most computers, I wonder if UEFI
support should not even be promoted as a release goal. But anyway, here
is a basic summary of how it works from a boot procedure point of view,
and what it means to support it.
UEFI boot procedure
===================
Boot manager
- ------------
First there is a boot /manager/, which is menu provided by the firmware
to select what to boot among the available systems, for instance:
1. CD/DVD
2. HDD1 - Microsoft Windows
3. HDD1 - Debian GNU/Linux
4. USB key
This is similar to the boot device selection menu that is provided by
most BIOSes, but it has been extended so that:
1. it offer a way to choose between several systems on the same device;
2. it can be configured (add, remove or reorder entries) from a running
operating system.
A bootable system
- -----------------
In practice, a bootable system means a bootloader. On hard disks and USB
keys, contrary to BIOS which simply loads it from a fixed location, the
UEFI boot manager will load it from a file.
To be usable from the boot manager, a bootloader file has to be placed
on a supported filesystem (in practice, that means a FAT) on a partition
with an GUID corresponding to the type called “EFI System Partition”.
When it comes to the boot manager menu, there are two cases. On fixed
devices (hard disks), an entry has to be added to the menu, by
interacting with the UEFI NVRAM from a running OS using a dedicated
program. There can be several bootloaders on a single EFI System
Partition. On removable devices, such a procedure would be irrelevant,
so the boot manager will simply look for a file names
/efi/boot/boot<arch>.efi, where <arch> == {ia32|ia64|x64|arm}. Thus
there can only be a single bootloader on a removable device's EFI System
Partition.
For optical media, I am not really sure: it may use ElTorito or load a
file /efi/boot/boot<arch>.efi from the ISO-9660 or UDF filesystem, so
this should be checked.
The bootloader
- --------------
The bootloader itself has nothing specific except that is runs on an
UEFI environment and should thus use UEFI calls rather than BIOS calls,
of course.
Supporting UEFI
===============
I am taking the point of view of a user trying to install an operating
system.
Starting the installer
- ----------------------
First we need to start the installer from a removable medium. This means
having a USB key image containing a GTP with one FAT-formatted EFI
System Partition containing a boot loader at /efi/boot/boot<arch>.efi,
and possibly another partition containing whatever it takes to run the
installer.
After that, most of the installation has nothing specific, except the
following two points.
Partitionning
- -------------
We are installing an operating system to a hard disk, which may or may
not already contain an EFI System Partition.
If there is one, that partition and the content of its filesystem should
be kept (formatting it could mean removing an existing bootloader, which
would be wrong™), and it should be used later to install our bootloader.
If ther is none, it should be created and used later to install our
bootloader.
Installing the bootloader
- -------------------------
The bootloader should be installed on the EFI System Partition, on a
path following the convention /efi/<vendor>/<whaterver>, for instance
/etc/debian/grubx64.efi.
It should then be added to the boot manager menu by doing the appopriate
calls, which probably means using the appriopriate dedicated tool.
Current status
==============
This is what I think we have for Debian.
Installer image
- ---------------
I do not think we have any UEFI-bootable installer images so far.
It would be possible to create hybrid BIOS/UEFI bootable images, but
that will probably be incompatible with hybrid USB/optical images as we
have them currently. Thanks to the /efi/boot/boot<arch>.efi convention,
it would also be possible to have multiarch images.
It is also worth noting that an amd64 PC will probably support x64 UEFI
only, so given that there is probably no UEFI-base x86 PCs, there is no
point in creating corresponding images.
Partitionning
- -------------
An EFI System Partition is basically a regular partition, with a
specific type (GUID) and a FAT filesystem (or perhaps an HFS+ one on
Apple PCs).
Partman currently has two things:
1. a “bootable” flag, which may correspond to the EFI System Partition
type;
2. an “EFI System Partition” filesystem, which may correspond to a FAT
filesystem but does not allow to choose a mount point.
Besides, according to a user report, Partman always format a partition
you set as EFI System Partition, which is bad™.
I am not sure of how it should be presented to the user, but the right
thing to do to get a working system without dropping the possible
existing ones would be to:
1. if there is already an EFI System Partition with a supported
filesystem, use it;
2. if there is none, create one and format it in FAT;
3. mount it under /boot/efi.
Bootloader
- ----------
I think we have three UEFI bootloader available for now: elilo, GRUB and
efilinux.
I only know GRUB because it is versatile enough to cover all my needs
(it supports BIOS, ElTorito, UEFI and PXE correctly enough for me).
Well, GRUB for UEFI can be installed as usual (grub-install /dev/sda) as
long as there is an EFI System Partition mounted on /boot/efi. It also
adds an entry to the boot manager menu if the program efibootmgr is
installed (and if it is running on a system which has been started with
UEFI, since the UEFI NVRAM is only available that way).
Anyway, the installer should detect that it has been launched from UEFI,
and try to install a bootloader such as grub-efi rather than grub-pc.
Or, if this is not possible, an explicit choice should be given to the
user.
Well, I think that was all. Thank you for reading, please comment and
let us see were that will lead us.
Some pointers for further reading:
UEFI <http://www.uefi.org/> (the spec is available but requires that you
provide your name and email address)
A blog article I wrote some time ago <http://tanguy.ortolo.eu/blog/article22/efi-boot>.
- --
,--.
: /` ) Tanguy Ortolo <xmpp:tanguy@ortolo.eu> <irc://irc.oftc.net/Tanguy>
| `-' Debian Developer
\_
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCgAGBQJPBwgTAAoJEOryzVHFAGgZeK0P/2nzANkw+FPTCFZCJgA0KlJo
30Npe9vrY5A24O46LwIdkESFnZ+07H80663nmItubx81bXYOxHAO7sKKmmi0TF4/
mayGlLs4xGEc44EhgTIbJqyTeWF6y7ZGl8E6I9g2F/C6tAIvQ0g0zcHzDl7JyLKw
DqiMCsRpD7uWD2qCW6SBw5mFtuM6ouLB96izvXa3R+Qs9moZTpkI6fzWvSIkZDty
4Zcgi2CCjpoq6iMguIUueW5/uOtCRYQLQSscresWid+xpWqY0xr+OsoYFl3p4fNo
BwkXVePGG0zlh0cJBX6/WVpk+Mg2trR82ZoCtlEWANgQddrr6kG6KzMbcdHUTVXR
AXpc6CyVwzwYUtuhW93q3zDs/7xvBGsXAQ6fNDCPQeojJsdpRp98xirWwFK29OVM
ijMG6lG2oYNPFlHmVLbR1aougYpmz0v6N7vGatnZmkQ4c3wmGRBGOzlOH9cXIl5f
+yTk2THy9J9EK3UxlQ74bS0iRXiPTKzLFm+Sg9sDqCNxB0COItF2zf6WKiNxY8DL
1UetoCyM3+gYgOjFHtgYja3UUpzFJCyo4xEBlILZjHo1E+RPVaz0FYk+9eb/Mio5
s2npGIltWGev8sr4hxTt4tPX2j4NOpgKfQa2EU7p6FOxwsz9u5+G2dK5+0NBnUi8
i65PL0IORhyqpdxoeapi
=goDY
-----END PGP SIGNATURE-----
Reply to: