Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/jirutka/efi-mkuki

EFI Unified Kernel Image Maker
https://github.com/jirutka/efi-mkuki

efistub linux secure-boot uefi uefi-boot

Last synced: 9 months ago
JSON representation

EFI Unified Kernel Image Maker

Awesome Lists containing this project

README 

          
= EFI Unified Kernel Image Maker

:proj-name: efi-mkuki

:gh-name: jirutka/{proj-name}

:version: 1.0.0



{proj-name} is a simple script for creating an https://systemd.io/BOOT_LOADER_SPECIFICATION/[EFI Unified Kernel Image] footnote:[It has been specified by the systemd (read as SystemDisaster) project, but you don’t have to use systemd-boot or any other systemd component to get the benefits of Unified Kernel Image.] -- a single EFI PE executable combining an EFI stub loader, a kernel image (vmlinuz), the kernel command line, and optionally an initramfs image, CPU microcode update, and a splash image.



Unified Kernel Image is basically an EFI application with all the components necessary for booting Linux directly from UEFI instead of relying on a bootloader.

This image can be easily signed for Secure Boot.



To learn more about Secure Boot and why signing just a kernel image (when you use initramfs) is not sufficient, I recomend reading https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot[Secure Boot on Arch Linux Wiki].



== Requirements



* http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html[POSIX-sh] compatible shell (e.g. Busybox ash, dash, ZSH, bash, …)

* `awk`, `cat`, `dd`, `grep`, `od`, `sed`, `tr` (BSD, Busybox or GNU)

* `objcopy` and `objdump` from https://www.gnu.org/software/binutils/[GNU binutils]

* EFI stub for your machine architecture from https://www.freedesktop.org/software/systemd/man/latest/systemd-stub.html[systemd-stub], https://github.com/puzzleos/stubby[Stubby bootloader] or similar



== Installation



=== On Alpine Linux



Install package https://pkgs.alpinelinux.org/packages?name={proj-name}[{proj-name}] on Alpine Linux v3.15 or later:



[source, sh, subs="+attributes"]

apk add {proj-name}



=== On Arch Linux



Install package https://aur.archlinux.org/packages/{proj-name}[{proj-name}] from AUR:



[source, sh, subs="+attributes"]

yay -S {proj-name}



Or use another AUR helper.



Please note that I’m _not_ maintainer of this package.



=== From Tarball



[source, sh, subs="+attributes"]

wget https://github.com/{gh-name}/archive/v{version}/{proj-name}-{version}.tar.gz

tar -xzf {proj-name}-{version}.tar.gz

cd {proj-name}-{version}

make install DESTDIR=/ prefix=/usr/local



...or just download the link:https://raw.githubusercontent.com/{gh-name}/master/{proj-name}[{proj-name}] script directly.



*NOTE*: {proj-name} expects EFI stubs in `/usr/lib/systemd/boot/efi`. This can be rewritten to another path via `EFISTUB_DIR` variable passed to `make install`.



== Usage



See the help section in link:{proj-name}#L3[{proj-name}] (or run `{proj-name} -h`).



== Resources



* https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot[Unified Extensible Firmware Interface/Secure Boot] on Arch Linux Wiki

* https://wiki.gentoo.org/wiki/User:Sakaki/Sakaki%27s_EFI_Install_Guide/Configuring_Secure_Boot[Sakaki’s EFI Install Guide/Configuring Secure Boot] on Gentoo Wiki



== License



This project is licensed under http://opensource.org/licenses/MIT/[MIT License].

For the full text of the license, see the link:LICENSE[LICENSE] file.