]>
Commit | Line | Data |
---|---|---|
c3e270f4 | 1 | --- |
a0fadf66 | 2 | title: Boot Loader Specification |
4cdca0af | 3 | category: Booting |
b41a3f66 | 4 | layout: default |
0aff7b75 | 5 | SPDX-License-Identifier: LGPL-2.1-or-later |
c3e270f4 FB |
6 | --- |
7 | ||
c3c5eeca LP |
8 | # The Boot Loader Specification |
9 | ||
7bb36d2d ZJS |
10 | This document defines a set of file formats and naming conventions that allow |
11 | the boot loader configuration to be shared between multiple operating systems | |
12 | and boot loaders installed on one device. | |
13 | ||
14 | Operating systems cooperatively manage a boot loader configuration directory | |
15 | that contains drop-in files, making multi-boot scenarios easy to support. Boot | |
16 | menu items are defined via a simple format that can be understood by different | |
17 | boot loader implementations, operating systems, and userspace programs. The | |
18 | same scheme can be used to prepare OS media for cases where the firmware | |
19 | includes a boot loader. | |
20 | ||
21 | ## Target audience | |
22 | ||
23 | The target audience for this specification is: | |
c3c5eeca | 24 | |
49d5e4d0 | 25 | * Boot loader developers, to write a boot loader that directly reads its |
7bb36d2d | 26 | configuration from these files |
49d5e4d0 LP |
27 | * Firmware developers, to add generic boot loading support directly to the |
28 | firmware itself | |
7bb36d2d ZJS |
29 | * OS installer developers, to create appropriate partitions and set up the |
30 | initial drop-in directory | |
31 | * Distribution developers, to create appropriate configuration snippets when | |
32 | installing or updating kernel packages | |
33 | * UI developers, to implement user interfaces that list and select among the | |
34 | available boot options | |
c3c5eeca | 35 | |
7bb36d2d | 36 | ## The boot partition |
c3c5eeca | 37 | |
7bb36d2d ZJS |
38 | Everything described below is located on a file system that will be called |
39 | `$BOOT`. The boot loader or user-space programs reading the boot loader | |
40 | configuration should pick `$BOOT` according to the following rules: | |
c3c5eeca | 41 | |
7bb36d2d | 42 | * On disks with an MBR partition table: |
c3c5eeca | 43 | |
7bb36d2d | 44 | * A partition with the type ID of 0xEA shall be used as `$BOOT`. |
c3c5eeca | 45 | |
04c31af4 | 46 | * On disks with GPT (GUID Partition Table) |
7bb36d2d ZJS |
47 | |
48 | * If an Extended Boot Loader Partition (XBOOTLDR partition for short) — a | |
49 | partition with GPT type GUID of `bc13c2ff-59e6-4262-a352-b275fd6f7172` — | |
50 | is found, it should be used as `$BOOT`. | |
51 | ||
52 | * Otherwise, the EFI System Partition (ESP for short) — a partition with | |
53 | GPT type GUID of `c12a7328-f81f-11d2-ba4b-00a0c93ec93b` — should | |
49d5e4d0 | 54 | be used as `$BOOT`. |
7bb36d2d ZJS |
55 | |
56 | An installer for the operating system should use this logic when selecting or | |
57 | creating partitions: | |
58 | ||
59 | * If `$BOOT` is not found, a new suitably sized partition (let's say 500MB) | |
60 | should be created and used as `$BOOT`, matching the characteristics | |
61 | described above. On disks with GPT, just an ESP partition without a | |
62 | XBOOTLDR partition should be created. | |
63 | ||
64 | * If the OS is installed on a disk with GPT and the ESP partition is found | |
65 | but is too small, a new suitably sized (let's say 500MB) XBOOTLDR partition | |
66 | shall be created and used as `$BOOT`. | |
49d5e4d0 LP |
67 | |
68 | This placeholder file system shall be determined during _installation time_, | |
69 | and an fstab entry may be created. It should be mounted to either `/boot/` or | |
70 | `/efi/`. Additional locations like `/boot/efi/` (with `/boot/` being a separate | |
71 | file system) might be supported by implementations. This is not recommended | |
72 | because the mounting of `$BOOT` is then dependent on and requires the mounting | |
73 | of the intermediate file system. | |
74 | ||
7bb36d2d ZJS |
75 | **Note:** _`$BOOT` is **shared** among all OS installations of a system. |
76 | Instead of maintaining one `$BOOT` per installed OS (as `/boot/` was | |
77 | traditionally handled), all installed OSes use the same place for boot-time | |
78 | configuration._ | |
c3c5eeca | 79 | |
e178b335 LP |
80 | For systems where the firmware is able to read file systems directly, `$BOOT` |
81 | must be a file system readable by the firmware. For other systems and generic | |
7bb36d2d ZJS |
82 | installation and live media, `$BOOT` must be a VFAT (16 or 32) file system. |
83 | Applications accessing `$BOOT` should hence not assume that fancier file system | |
84 | features such as symlinks, hardlinks, access control or case sensitivity are | |
85 | supported. | |
86 | ||
87 | ## Boot loader entries | |
c3c5eeca | 88 | |
084a8029 | 89 | This specification defines two types of boot loader entries. The first type is |
7bb36d2d | 90 | text based, very simple, and suitable for a variety of firmware, architecture |
084a8029 | 91 | and image types ("Type #1"). The second type is specific to EFI, but allows |
b2454670 | 92 | single-file images that embed all metadata in the kernel binary itself, which |
084a8029 LP |
93 | is useful to cryptographically sign them as one file for the purpose of |
94 | SecureBoot ("Type #2"). | |
95 | ||
96 | Not all boot loader entries will apply to all systems. For example, Type #1 | |
97 | entries that use the `efi` key and all Type #2 entries only apply to EFI | |
98 | systems. Entries using the `architecture` key might specify an architecture that | |
99 | doesn't match the local one. Boot loaders should ignore all entries that don't | |
100 | match the local platform and what the boot loader can support, and hide them | |
101 | from the user. Only entries matching the feature set of boot loader and system | |
102 | shall be considered and displayed. This allows image builders to put together | |
103 | images that transparently support multiple different architectures. | |
104 | ||
8384ed93 LP |
105 | Note that the `$BOOT` partition is not supposed to be exclusive territory of |
106 | this specification. This specification only defines semantics of the `/loader/` | |
107 | directory inside the file system (see below), but it doesn't intend to define | |
108 | ownership of the whole file system exclusively. Boot loaders, firmware, and | |
7bb36d2d ZJS |
109 | other software implementing this specification may choose to place other files |
110 | and directories in the same file system. For example, boot loaders that | |
111 | implement this specification might install their own boot code on the same | |
112 | partition; on systems where `$BOOT` is the ESP this is a particularly common | |
8384ed93 LP |
113 | setup. Implementations of this specification must be able to operate correctly |
114 | if files or directories other than `/loader/` are found in the top level | |
115 | directory. Implementations that add their own files or directories to the file | |
116 | systems should use well-named directories, to make name collisions between | |
117 | multiple users of the file system unlikely. | |
118 | ||
084a8029 | 119 | ### Type #1 Boot Loader Specification Entries |
5be7bfbc | 120 | |
7bb36d2d | 121 | This specification defines two directories below `$BOOT`: |
5be7bfbc | 122 | |
49d5e4d0 LP |
123 | * `$BOOT/loader/` is the directory containing all files needed for Type #1 |
124 | entries | |
5be7bfbc | 125 | |
49d5e4d0 LP |
126 | * `$BOOT/loader/entries/` is the directory containing the drop-in |
127 | snippets. This directory contains one `.conf` file for each boot menu item. | |
128 | ||
129 | **Note:** _In all cases the `/loader/` directory should be located directly in | |
130 | the root of the file system. Specifically, if `$BOOT` is the ESP, then | |
131 | `/loader/` directory should be located directly in the root directory of the | |
132 | ESP, and not in the `/EFI/` subdirectory._ | |
5be7bfbc | 133 | |
d9067aba | 134 | Inside the `$BOOT/loader/entries/` directory each OS vendor may drop one or |
7bb36d2d | 135 | more configuration snippets with the suffix `.conf`, one for each boot menu |
d9067aba LP |
136 | item. The file name of the file is used for identification of the boot item but |
137 | shall never be presented to the user in the UI. The file name may be chosen | |
7bb36d2d ZJS |
138 | freely but should be unique enough to avoid clashes between OS installations. |
139 | More specifically, it is suggested to include the machine ID (`/etc/machine-id` | |
140 | or the D-Bus machine ID for OSes that lack `/etc/machine-id`), the kernel | |
141 | version (as returned by `uname -r`) and an OS identifier (the `ID=` field of | |
142 | `/etc/os-release`). | |
143 | ||
144 | Example: `$BOOT/loader/entries/6a9857a393724b7a981ebb5b8495b9ea-3.8.0-2.fc19.x86_64.conf`. | |
d9067aba LP |
145 | |
146 | In order to maximize compatibility with file system implementations and | |
147 | restricted boot loader environments, and to minimize conflicting character use | |
49d5e4d0 | 148 | with other programs, file names shall be chosen from a restricted character |
7bb36d2d ZJS |
149 | set: ASCII upper and lower case characters, digits, "+", "-", "_" and ".". |
150 | Also, the file names should have a length of at least one and at most 255 | |
151 | characters (including the file name suffix). | |
152 | ||
153 | These configuration snippets shall be UNIX-style text files (i.e. lines | |
154 | separated by a single newline character), in the UTF-8 encoding. The | |
155 | configuration snippets are loosely inspired by Grub1's configuration syntax. | |
156 | Lines beginning with "#" are used for comments and shall be ignored. The first | |
157 | word of a line is used as key and is separated by one or more spaces from the | |
158 | value. | |
159 | ||
160 | #### Type #1 Boot Loader Entry Keys | |
161 | ||
162 | The following keys are recognized: | |
163 | ||
164 | * `title` is a human-readable title for this menu item to be displayed in the | |
165 | boot menu. It is a good idea to initialize this from the `PRETTY_NAME=` of | |
166 | `/etc/os-release`. This name should be descriptive and does not have to be | |
167 | unique. If a boot loader discovers two entries with the same title it should | |
168 | show more than just the raw title in the UI, for example by appending the | |
169 | `version` field. This field is optional. | |
170 | ||
171 | Example: `title Fedora 18 (Spherical Cow)` | |
172 | ||
173 | * `version` is a human-readable version for this menu item. This is usually the | |
174 | kernel version and is intended for use by OSes to install multiple kernel | |
175 | versions with the same `title` field. This field shall be in a syntax that is | |
176 | useful for Debian-style version sorts, so that the boot loader UI can | |
177 | determine the newest version easily and show it first or preselect it | |
178 | automatically. This field is optional. | |
179 | ||
180 | Example: `version 3.7.2-201.fc18.x86_64` | |
181 | ||
182 | * `machine-id` is the machine ID of the OS. This can be used by boot loaders | |
183 | and applications to filter out boot entries, for example to show only a | |
184 | single newest kernel per OS, to group items by OS, or to filter out the | |
185 | currently booted OS when showing only other installed operating systems. | |
186 | This ID shall be formatted as 32 lower case hexadecimal characters | |
187 | (i.e. without any UUID formatting). This key is optional. | |
188 | ||
189 | Example: `machine-id 4098b3f648d74c13b1f04ccfba7798e8` | |
190 | ||
191 | * `sort-key` is a short string used for sorting entries on display. This should | |
192 | typically be initialized from the `IMAGE_ID=` or `ID=` fields of | |
193 | `/etc/os-release`, possibly with an additional suffix. This field is | |
194 | optional. If set, it is used as primary sorting key for the entries on | |
195 | display (lexicographically increasing). It does not have to be unique (and | |
196 | usually is not). If non-unique the the `machine-id` (lexicographically | |
197 | increasing) and `version` (lexicographically decreasing, i.e. newest version | |
198 | first) fields described above are used as secondary/ternary sorting keys. If | |
199 | this field is not set entries are typically sorted by the `.conf` file name | |
200 | of the entry. | |
201 | ||
202 | Example: `sort-key fedora` | |
203 | ||
204 | * `linux` is the Linux kernel to spawn and as a path relative to `$BOOT`. It | |
205 | is recommended that every distribution creates a machine id and version | |
206 | specific subdirectory below `$BOOT` and places its kernels and initial RAM | |
207 | disk images there. | |
208 | ||
209 | Example: `linux /6a9857a393724b7a981ebb5b8495b9ea/3.8.0-2.fc19.x86_64/linux` | |
210 | ||
211 | * `initrd` is the initrd to use when executing the kernel. This also | |
49d5e4d0 LP |
212 | shall be a path relative to `$BOOT`. This key is optional. This key may |
213 | appear more than once in which case all specified images are used, in the | |
7bb36d2d ZJS |
214 | order they are listed. |
215 | ||
216 | Example: `initrd 6a9857a393724b7a981ebb5b8495b9ea/3.8.0-2.fc19.x86_64/initrd` | |
217 | ||
49d5e4d0 LP |
218 | * `efi` refers to an arbitrary EFI program. This also takes a path relative to |
219 | `$BOOT`. If this key is set, and the system is not an EFI system this entry | |
220 | should be hidden. | |
7bb36d2d | 221 | |
49d5e4d0 LP |
222 | * `options` shall contain kernel parameters to pass to the Linux kernel to |
223 | spawn. This key is optional and may appear more than once in which case all | |
224 | specified parameters are used in the order they are listed. | |
7bb36d2d ZJS |
225 | |
226 | Example: `options root=UUID=6d3376e4-fc93-4509-95ec-a21d68011da2 quiet` | |
227 | ||
c3c5eeca | 228 | * `devicetree` refers to the binary device tree to use when executing the |
49d5e4d0 | 229 | kernel. This also shall be a path relative to `$BOOT`. This key is |
7bb36d2d ZJS |
230 | optional. |
231 | ||
232 | Example: `devicetree 6a9857a393724b7a981ebb5b8495b9ea/3.8.0-2.fc19.armv7hl/tegra20-paz00.dtb` | |
233 | ||
09ee387e | 234 | * `devicetree-overlay` refers to a list of device tree overlays that should be |
49d5e4d0 LP |
235 | applied by the boot loader. Multiple overlays are separated by spaces and |
236 | applied in the same order as they are listed. This key is optional but | |
7bb36d2d ZJS |
237 | depends on the `devicetree` key. |
238 | ||
239 | Example: `devicetree-overlay /6a9857a393724b7a981ebb5b8495b9ea/overlays/overlay_A.dtbo /6a9857a393724b7a981ebb5b8495b9ea/overlays/overlay_B.dtbo` | |
240 | ||
241 | * `architecture` refers to the architecture this entry is for. The argument | |
242 | should be an architecture identifier, using the architecture vocabulary | |
243 | defined by the EFI specification (i.e. `IA32`, `x64`, `IA64`, `ARM`, `AA64`, | |
244 | …). If specified and it does not match the local system architecture this | |
245 | entry should be hidden. The comparison should be done case-insensitively. | |
246 | ||
247 | Example: `architecture aa64` | |
49d5e4d0 LP |
248 | |
249 | Each configuration drop-in snippet must include at least a `linux` or an `efi` | |
7bb36d2d | 250 | key. Here is an example for a complete drop-in file: |
c3c5eeca | 251 | |
6e6b351b | 252 | # /boot/loader/entries/6a9857a393724b7a981ebb5b8495b9ea-3.8.0-2.fc19.x86_64.conf |
bdc4c7ac | 253 | title Fedora 19 (Rawhide) |
10119357 | 254 | sort-key fedora |
bdc4c7ac | 255 | machine-id 6a9857a393724b7a981ebb5b8495b9ea |
10119357 | 256 | version 3.8.0-2.fc19.x86_64 |
7bb36d2d | 257 | options root=UUID=6d3376e4-fc93-4509-95ec-a21d68011da2 quiet |
bdc4c7ac LP |
258 | architecture x64 |
259 | linux /6a9857a393724b7a981ebb5b8495b9ea/3.8.0-2.fc19.x86_64/linux | |
260 | initrd /6a9857a393724b7a981ebb5b8495b9ea/3.8.0-2.fc19.x86_64/initrd | |
c3c5eeca | 261 | |
e178b335 LP |
262 | On EFI systems all Linux kernel images should be EFI images. In order to |
263 | increase compatibility with EFI systems it is highly recommended only to | |
264 | install EFI kernel images, even on non-EFI systems, if that's applicable and | |
265 | supported on the specific architecture. | |
266 | ||
267 | Conversely, in order to increase compatibility it is recommended to install | |
268 | generic kernel images that make few assumptions about the firmware they run on, | |
269 | i.e. it is a good idea that both images shipped as UEFI PE images and those | |
270 | which are not don't make unnecessary assumption on the underlying firmware, | |
271 | i.e. don't hard depend on legacy BIOS calls or UEFI boot services. | |
c3c5eeca | 272 | |
49d5e4d0 LP |
273 | Note that these configuration snippets may only reference kernels (and EFI |
274 | programs) that reside on the same file system as the configuration snippets, | |
275 | i.e. everything referenced must be contained in the same file system. This is | |
276 | by design, as referencing other partitions or devices would require a | |
277 | non-trivial language for denoting device paths. If kernels/initrds are to be | |
278 | read from other partitions/disks the boot loader can do this in its own native | |
279 | configuration, using its own specific device path language, and this is out of | |
280 | focus for this specification. More specifically, on non-EFI systems | |
281 | configuration snippets following this specification cannot be used to spawn | |
282 | other operating systems (such as Windows). | |
c3c5eeca | 283 | |
7bb36d2d ZJS |
284 | ### Standard-conformance Marker File |
285 | ||
f6ad0282 | 286 | Unfortunately, there are implementations of boot loading infrastructure that |
7bb36d2d ZJS |
287 | are also using the `/loader/entries/` directory, but installing files that do |
288 | not follow this specification. In order to minimize confusion, a boot loader | |
289 | implementation may place the file `/loader/entries.srel` next to the | |
290 | `/loader/entries/` directory containing the ASCII string `type1` (followed by a | |
291 | UNIX newline). Tools that need to determine whether an existing directory | |
292 | implements the semantics described here may check for this file and contents: | |
293 | if it exists and contains the mentioned string, it shall assume a | |
294 | standards-compliant implementation is in place. If it exists but contains a | |
295 | different string it shall assume other semantics are implemented. If the file | |
296 | does not exist, no assumptions should be made. | |
f6ad0282 | 297 | |
084a8029 LP |
298 | ### Type #2 EFI Unified Kernel Images |
299 | ||
300 | A unified kernel image is a single EFI PE executable combining an EFI stub | |
301 | loader, a kernel image, an initramfs image, and the kernel command line. See | |
302 | the description of the `--uefi` option in | |
303 | [dracut(8)](http://man7.org/linux/man-pages/man8/dracut.8.html). Such unified | |
7bb36d2d | 304 | images are installed in the`$BOOT/EFI/Linux/` directory and must have the |
084a8029 LP |
305 | extension `.efi`. Support for images of this type is of course specific to |
306 | systems with EFI firmware. Ignore this section if you work on systems not | |
307 | supporting EFI. | |
5be7bfbc | 308 | |
d9067aba | 309 | Type #2 file names should be chosen from the same restricted character set as |
7bb36d2d ZJS |
310 | Type #1 described above (but with the file name suffix of `.efi` instead of |
311 | `.conf`). | |
d9067aba | 312 | |
084a8029 | 313 | Images of this type have the advantage that all metadata and payload that makes |
7bb36d2d | 314 | up the boot entry is contained in a single PE file that can be signed |
084a8029 | 315 | cryptographically as one for the purpose of EFI SecureBoot. |
5be7bfbc ZJS |
316 | |
317 | A valid unified kernel image must contain two PE sections: | |
318 | ||
7bb36d2d | 319 | * `.cmdline` section with the kernel command line, |
49d5e4d0 LP |
320 | * `.osrel` section with an embedded copy of the |
321 | [os-release](https://www.freedesktop.org/software/systemd/man/os-release.html) | |
7bb36d2d | 322 | file describing the image. |
889cb0ab | 323 | |
7bb36d2d ZJS |
324 | The `PRETTY_NAME=` and `VERSION_ID=` fields in the embedded `os-release` file |
325 | are used the same as `title` and `version` in the Type #1 entries. The | |
326 | `.cmdline` section is used instead of the `options` field. `linux` and `initrd` | |
327 | fields are not necessary, and there is no counterpart for the `machine-id` | |
328 | field. | |
5be7bfbc | 329 | |
084a8029 | 330 | On EFI, any such images shall be added to the list of valid boot entries. |
5be7bfbc ZJS |
331 | |
332 | ### Additional notes | |
333 | ||
49d5e4d0 LP |
334 | Note that these configurations snippets do not need to be the only |
335 | configuration source for a boot loader. It may extend this list of entries with | |
336 | additional items from other configuration files (for example its own native | |
337 | configuration files) or automatically detected other entries without explicit | |
338 | configuration. | |
5be7bfbc | 339 | |
49d5e4d0 LP |
340 | To make this explicitly clear: this specification is designed with "free" |
341 | operating systems in mind, starting Windows or macOS is out of focus with these | |
342 | configuration snippets, use boot-loader specific solutions for that. In the | |
343 | text above, if we say "OS" we hence imply "free", i.e. primarily Linux (though | |
344 | this could be easily be extended to the BSDs and whatnot). | |
c3c5eeca | 345 | |
49d5e4d0 LP |
346 | Note that all paths used in the configuration snippets use a Unix-style "/" as |
347 | path separator. This needs to be converted to an EFI-style "\\" separator in | |
348 | EFI boot loaders. | |
c3c5eeca LP |
349 | |
350 | ||
7bb36d2d | 351 | ## Locating boot entries |
c3c5eeca | 352 | |
7bb36d2d ZJS |
353 | A _boot loader_ locates `$BOOT`, then simply reads all files |
354 | `$BOOT/loader/entries/*.conf`, and populates its boot menu with this. On EFI, | |
355 | it then extends this with any unified kernel images found in | |
356 | `$BOOT/EFI/Linux/*.efi`. It may also add additional entries, for example a | |
357 | "Reboot into firmware" option. Optionally it may sort the menu based on the | |
358 | `sort-key`, `machine-id` and `version` fields, and possibly others. It uses the | |
359 | file name to identify specific items, for example in case it supports storing | |
360 | away default entry information somewhere. A boot loader should generally not | |
361 | modify these files. | |
084a8029 LP |
362 | |
363 | For "Boot Loader Specification Entries" (Type #1), the _kernel package | |
364 | installer_ installs the kernel and initrd images to `$BOOT` (it is recommended | |
365 | to place these files in a vendor and OS and installation specific directory) | |
366 | and then generates a configuration snippet for it, placing this in | |
7bb36d2d ZJS |
367 | `$BOOT/loader/entries/xyz.conf`, with "xyz" as concatenation of machine id and |
368 | version information (see above). The files created by a kernel package are tied | |
369 | to the kernel package and should be removed along with it. | |
084a8029 LP |
370 | |
371 | For "EFI Unified Kernel Images" (Type #2), the vendor or kernel package | |
7bb36d2d ZJS |
372 | installer should create the combined image and drop it into |
373 | `$BOOT/EFI/Linux/`. This file is also tied to the kernel package and should be | |
374 | removed along with it. | |
c3c5eeca | 375 | |
49d5e4d0 | 376 | A _UI application_ intended to show available boot options shall operate |
7bb36d2d ZJS |
377 | similarly to a boot loader, but might apply additional filters, for example by |
378 | filtering the booted OS via the machine ID, or by suppressing all but the | |
49d5e4d0 | 379 | newest kernel versions. |
c3c5eeca | 380 | |
49d5e4d0 | 381 | An _OS installer_ picks the right place for `$BOOT` as defined above (possibly |
7bb36d2d ZJS |
382 | creating a partition and file system for it) and creates the `/loader/entries/` |
383 | directory in it. It then installs an appropriate boot loader that can read | |
384 | these snippets. Finally, it installs one or more kernel packages. | |
385 | ||
386 | ||
387 | ## Additional discussion | |
388 | ||
389 | ### Why is there a need for this specification? | |
390 | ||
391 | This specification brings the following advantages: | |
392 | ||
393 | * Installation of new boot entries is more robust, as no explicit rewriting of | |
394 | configuration files is required. | |
395 | ||
396 | * It allows an out-of-the-box boot experience on any platform without the need | |
397 | of traditional firmware mechanisms (e.g. BIOS calls, UEFI Boot Services). | |
398 | ||
399 | * It improves dual-boot scenarios. Without cooperation, multiple Linux | |
400 | installations tend to fight over which boot loader becomes the primary one in | |
401 | possession of the MBR or the boot partition, and only that one installation | |
402 | can then update the boot loader configuration. Other Linux installs have to | |
403 | be manually configured to never touch the MBR and instead install a | |
404 | chain-loaded boot loader in their own partition headers. In this new scheme | |
405 | all installations share a loader directory and no manual configuration has to | |
406 | take place. All participants implicitly cooperate due to removal of name | |
407 | collisions and can install/remove their own boot menu entries without | |
408 | interfering with the entries of other installed operating systems. | |
409 | ||
410 | * Drop-in directories are now pretty ubiquitous on Linux as an easy way to | |
411 | extend configuration without having to edit, regenerate or manipulate | |
412 | configuration files. For the sake of uniformity, we should do the same for | |
413 | the boot menu. | |
414 | ||
415 | * Userspace code can sanely parse boot loader configuration which is essential | |
416 | with modern firmware which does not necessarily initialize USB keyboards | |
417 | during boot, which makes boot menus hard to reach for the user. If userspace | |
418 | code can parse the boot loader configuration too, UI can be written that | |
419 | select a boot menu item to boot into before rebooting the machine, thus not | |
420 | requiring interactivity during early boot. | |
421 | ||
422 | * To unify and thus simplify configuration of the various boot loaders, which | |
423 | makes configuration of the boot loading process easier for users, | |
424 | administrators, and developers alike. | |
425 | ||
426 | * For boot loaders with configuration _scripts_ such as grub2, adopting this | |
427 | spec allows for mostly static scripts that are generated only once at first | |
428 | installation, but then do not need to be updated anymore as that is done via | |
429 | drop-in files exclusively. | |
430 | ||
431 | ### Why not simply rely on the EFI boot menu logic? | |
c3c5eeca | 432 | |
7bb36d2d ZJS |
433 | EFI is not ubiquitous, especially not in embedded systems. But even on systems |
434 | with EFI, which provides a boot options logic that can offer similar | |
435 | functionality, this specfication is still needed for the following reasons: | |
c3c5eeca | 436 | |
7bb36d2d ZJS |
437 | * The various EFI implementations implement the boot order/boot item logic to |
438 | different levels. Some firmware implementations do not offer a boot menu at | |
439 | all and instead unconditionally follow the EFI boot order, booting the first | |
440 | item that is working. | |
441 | ||
442 | * If the firmware setup is used to reset data, usually all EFI boot entries | |
443 | are lost, making the system entirely unbootable, as the firmware setups | |
444 | generally do not offer a UI to define additional boot items. By placing the | |
445 | menu item information on disk, it is always available, even if the firmware | |
446 | configuration is lost. | |
447 | ||
448 | * Harddisk images should be movable between machines and be bootable without | |
449 | requiring firmare configuration. This also requires that the list | |
450 | of boot options is defined on disk, and not in EFI variables alone. | |
451 | ||
452 | * EFI is not universal yet (especially on non-x86 platforms), this | |
453 | specification is useful both for EFI and non-EFI boot loaders. | |
454 | ||
455 | * Many EFI systems disable USB support during early boot to optimize boot | |
456 | times, thus making keyboard input unavailable in the EFI menu. It is thus | |
457 | useful if the OS UI has a standardized way to discover available boot options | |
458 | which can be booted to. | |
459 | ||
460 | ### Out of Focus | |
c3c5eeca | 461 | |
7957e55d | 462 | There are a couple of items that are out of focus for this specification: |
c3c5eeca | 463 | |
49d5e4d0 LP |
464 | * If userspace can figure out the available boot options, then this is only |
465 | useful so much: we'd still need to come up with a way how userspace could | |
466 | communicate to the boot loader the default boot loader entry temporarily or | |
467 | persistently. Defining a common scheme for this is certainly a good idea, but | |
468 | out of focus for this specification. | |
7bb36d2d | 469 | |
49d5e4d0 LP |
470 | * This specification is just about "Free" Operating systems. Hooking in other |
471 | operating systems (like Windows and macOS) into the boot menu is a different | |
472 | story and should probably happen outside of this specification. For example, | |
473 | boot loaders might choose to detect other available OSes dynamically at | |
474 | runtime without explicit configuration (like `systemd-boot` does it), or via | |
475 | native configuration (for example via explicit Grub2 configuration generated | |
476 | once at installation). | |
7bb36d2d | 477 | |
49d5e4d0 LP |
478 | * This specification leaves undefined what to do about systems which are |
479 | upgraded from an OS that does not implement this specification. As the | |
480 | previous boot loader logic was largely handled by in distribution-specific | |
481 | ways we probably should leave the upgrade path (and whether there actually is | |
482 | one) to the distributions. The simplest solution might be to simply continue | |
483 | with the old scheme for old installations and use this new scheme only for | |
484 | new installations. | |
c3c5eeca LP |
485 | |
486 | ||
487 | ## Links | |
488 | ||
b0cda241 | 489 | [GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table)<br> |
5c90c67a BF |
490 | [Boot Loader Interface](BOOT_LOADER_INTERFACE.md)<br> |
491 | [Discoverable Partitions Specification](DISCOVERABLE_PARTITIONS.md)<br> | |
a43d2229 LP |
492 | [`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br> |
493 | [`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br> | |
494 | [`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html) |