Skip to content

Simple UEFI boot loader with support for safely switching between current and updated partition sets

License

Notifications You must be signed in to change notification settings

siemens/efibootguard

EFI Boot Guard

A bootloader based on UEFI.

Provides the following functionality:

  • Arm a hardware watchdog prior to loading an OS
  • Provides a simple update mechanism with fail-safe algorithm

In addition, this project provides a UEFI stub and generator tool to create unified kernel images consisting of kernel, command line and, optionally, initrd and device trees.

Development

Mailing list: efibootguard-dev@googlegroups.com

Archive: https://www.mail-archive.com/efibootguard-dev@googlegroups.com/

For sending patches, please refer to the mailing list and CONTRIBUTING.md in the source tree.

Continuous integration:

  • GitHub Actions: CI
  • Coverity: [coverity]

Watchdog support

The following watchdog drivers are implemented (and are probed in this order):

  • WDAT (ACPI) watchdog
  • AMD FCH
  • Intel i6300esb
  • Intel Quark
  • Siemens SIMATIC IPC4x7E
  • Siemens SIMATIC BX-56A and BX-59A
  • Intel TCO
  • HPE ProLiant

Note that if no working watchdog is found, the boot process deliberately fails. That said, setting a watchdog timeout of 0 allows to boot nonetheless without a working watchdog, e.g., for testing purposes.

Configuration

efibootguard reads its configuration from an environment storage. Currently, the following environment backends are implemented:

  • Dual FAT Partition storage

See Installation And Usage for further information.

Further Documentation

About

Simple UEFI boot loader with support for safely switching between current and updated partition sets

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published