2020-05-19 18:20:18 +02:00
|
|
|
+++
|
|
|
|
title = "Single UEFI executable for kernel+initrd+cmdline"
|
|
|
|
date = 2015-02-25T15:55:16+00:00
|
2023-10-26 11:53:38 +02:00
|
|
|
[taxonomies]
|
|
|
|
tags = ["UEFI", "fedora", "SecureBoot"]
|
2020-05-19 18:20:18 +02:00
|
|
|
+++
|
|
|
|
|
|
|
|
Lately Kay Sievers and David Herrmann created a UEFI
|
|
|
|
[loader stub](http://cgit.freedesktop.org/gummiboot/tree/src/efi/stub.c), which starts a linux kernel
|
|
|
|
with an initrd and a kernel command line, which are COFF sections of the executable.
|
|
|
|
This enables us to create single UEFI executable with a standard distribution kernel,
|
|
|
|
a custom initrd and our own kernel command line attached.
|
|
|
|
|
|
|
|
<!-- more -->
|
|
|
|
|
|
|
|
Of course booting a linux kernel
|
|
|
|
directly from the UEFI has been possible before with the kernel EFI stub. But to add an initrd and
|
|
|
|
kernel command line, this had to be specified at kernel compile time.
|
|
|
|
|
|
|
|
To demonstrate this feature
|
|
|
|
and have a useful product, I created a shell script, which creates a "rescue" image on Fedora with
|
|
|
|
the rescue kernel and rescue initrd. The kernel command line "rd.auto" instructs dracut to assemble
|
|
|
|
all devices, while waiting 20 seconds for device appearance "rd.retry=20" and drop to a final shell
|
|
|
|
because "root=/dev/failme" is specified (which does not exist of course). Now in this shell you can
|
|
|
|
fsck your devices, mount them and repair your system.
|
|
|
|
|
|
|
|
The shell script can be downloaded and viewed on
|
|
|
|
[github](https://github.com/haraldh/mkrescue-uefi).
|
|
|
|
|
|
|
|
To run the script, you will need to install gummiboot >= 46 and binutils.
|
|
|
|
```console
|
|
|
|
# yum install gummiboot binutils
|
|
|
|
```
|
|
|
|
|
|
|
|
Run the script:
|
|
|
|
```console
|
|
|
|
# bash mkrescue-uefi.sh BOOTX64.EFI
|
|
|
|
```
|
|
|
|
|
|
|
|
Copy `BOOTX64.EFI` to e.g. a USB stick to `EFI/BOOT/BOOTX64.EFI` in the FAT boot partition
|
|
|
|
and point your BIOS to boot from the USB stick. Voilà!
|
|
|
|
|
|
|
|
A rescue USB stick with just one file! :-)
|