Deep Dive: UEFI

UEFI stands for Unified Extensible Firmware Interface and is the interface between the OS and the firmware.

Basically, UEFI is a replacement for the BIOS (although most UEFI firmware implementations still provide legacy support for BIOS services). Do you realize that BIOS has been around for more than 30 years?

There were various attempts to standardize a successor to the deteriorating BIOS. All of these standards failed. Then, in 1988, Intel started the "Intel Boot Initiative" for their Itanium processors; this was later rebranded to EFI. To further push the efforts for replacing the BIOS, Intel handed over the EFI spec to a newly founded organization, UEFI. The UEFI organisation, now, has many giants supporting this protocol: Intel, Microsoft, Apple, IBM, etc...

BIOS Pitfalls

One of the major pitfalls of the BIOS is the limitation in space. The BIOS can only access a maximum of only 1MB of memory! PC technology is advancing rapidly and the new hardware features introduced in the computer all require BIOS support. For example: remote security management, temperature and power monitoring, and processor extensions such as virtualisation and Turbo Boost. The BIOS was never designed to be continuously extended, so it's becoming increasingly difficult to accommodate every new hardware feature.

Another issue is speed. With the plethora of peripherals and controllers, the boot process takes more time because of this limited instruction space and lack of optimization.

Furthermore, the BIOS is physically unable to boot from hard disks bigger than 2TB. This is a problem in the MBR system used by the BIOS, since the partition table is limited to 2TB.

Advantages and New Features in UEFI

Boot from GPT Partitioning Scheme

In addition to the MBR, UEFI is also able to work with a new partitioning scheme called GUID Partition Table (GPT). GPT allows for an 8 ZiB maximum disk size. GPT is supported in 64-bit Windows Vista and later, 32-bit Windows 8 and later and in Linux by turning on CONFIG_EFI_PARTITION during kernel configuration1.

EFI System Partition

The EFI System Partition is often abbreviated as ESP. According to the UEFI specification, each UEFI bootable device needs to have this partition either in MBR or GPT scheme2. This partition needs to be a specific variant of the FAT32 file system which is maintained as part of the UEFI specification and independently from the original FAT specification. The ESP also provides space for a boot sector as part of the backward BIOS compatibility.

UEFI Booting

When a UEFI machine is booted, Operating System loaders can be easily detected by the UEFI by looking in a standardized file path depending on the computer architecture. The path is defined as <EFI_SYSTEM_PARTITION>/BOOT/BOOT<MACHINE_TYPE_SHORT_NAME>.EFI. For example, the file path to the loader on an x86-64 system is /efi/BOOT/BOOTX64.EFI.

Applications

UEFI is able to run standalone UEFI applications. These reside as files on the ESP. An example of standalone UEFI applications are: rEFInd, rEFIt, systemd-boot and Windows Boot Manager.

Graphics

UEFI 2.1 defines a "Human Interface Infrastructure" specification. This enables OEMs to design graphical user interfaces for pre-boot configuration. UEFI itself does not define a user interface.
GIGABYTE UEFI Graphical User Interface

Network Booting

The UEFI Specification includes support for PXE Booting. Protocols supported are: IPv4, IPv6, UDP, DHCP and TFTP. In UEFI 2.5, the specification also adds support for accessing boot images over HTTP.

Secure Boot

In UEFI 2.3.1 Errata C, a new spec for Secure boot was introduced. This helps securing the boot process by preventing the loading of drivers or OSes that are not signed with an acceptable digital signature.

When secure boot is enabled, it is initially placed in "setup" mode, which allows a public key known as the "Platform Key" (PK) to be written to the firmware. Once the key is written, secure boot enters "User" mode, where only drivers and loaders signed with the platform key can be loaded by the firmware.

Secure boot is supported by Windows 8 and higher, Windows Server 2012 and 2012 R2 and higher, and a number of Linux distributions including Fedora (since version 18), openSUSE (since version 12.3), and Ubuntu (since version 12.04.2).

Compatibility Support Module

The Compatibility Support Module (CSM) is a component of the UEFI firmware that provides legacy BIOS compatibility by emulating a BIOS environment, allowing legacy operating systems and some option ROMs that do not support UEFI to still be used.

UEFI Shell

UEFI provides a shell environment, which can be used to execute other UEFI applications, including UEFI boot loaders. Apart from that, commands available in the UEFI shell can be used for obtaining various other information about the system or the firmware, including getting the memory map (memmap), modifying boot manager variables (bcfg), running partitioning programs (diskpart), loading UEFI drivers, and editing text files (edit).

Source code for a UEFI shell can be downloaded from tianocore.org.

Additional Resources

Here's a list of some additional resources I found while researching this topic that go into more technical detail on how UEFI works:

  1. This option allows Linux to recognize and use GPT disks after the system firmware passes control over the system to Linux

  2. In case of Optical Disks the partition can be an El Torito volume.