This script combines a microcode image, an initrd image, a kernel image, and a cmdline file into a single EFI binary. The script checks for required files, calculates aligned offsets, updates the EFI binary, and ensures temporary files are cleaned up upon completion or exit.
- Linux environment
objdumpandobjcopyutilities (typically available in thebinutilspackage)- Required files:
-
EFI stub:
/usr/lib/systemd/boot/efi/linuxx64.efi.stub -
Cmdline:
/boot/cmdline -
Kernel image:
vmlinuz-linux -
Microcode image:
intel-ucode.imgoramd-ucode.img -
Initrd image:
booster-linux.imgorinitramfs-linux.img -
Change this constants to your own in uki-gen.sh:
-
KERNEL="/path/to/kernel"
UCODE="/path/to/microcode"
INITRD="/path/to/initrd"
CMDLINE="/path/to/cmdline"-
Ensure all required files are available: The script checks for the existence of required files and will exit with an error message if any are missing.
-
Run the script: Execute the script with appropriate permissions.
chmod +x uki-gen.sh
./uki-gen.sh- Output: The resulting EFI binary will be created at
/efi/EFI/Linux/linux.efiif does not exist create it:mkdir -p /efi/EFI/Linux
EFI_STUB: Path to the EFI stub (/usr/lib/systemd/boot/efi/linuxx64.efi.stub)COMBINED_INITRD: Path for the combined initrd image (/tmp/comb_initrd.img)CMDLINE: Path to the cmdline file (/boot/cmdline)KERNEL: Path to the kernel image (/boot/vmlinuz-linux)UCODE: Path to the microcode image (/boot/intel-ucode.img)INITRD: Path to the initrd image (/boot/booster-linux.img)OUTPUT_EFI: Path for the output EFI binary (/efi/EFI/Linux/linux.efi)
Checks if the specified files exist. If any file does not exist, the script exits with an error.
Calculates the aligned offset for a given base offset, size, and alignment value.
- Retrieves section alignment from the EFI stub.
- Calculates sizes for cmdline, initrd, and kernel files.
- Calculates aligned offsets for each section.
- Adds sections to the EFI stub and updates their virtual memory addresses.
Removes the temporary combined initrd image.
- File Existence Check: The script verifies the presence of all required files.
- Combine Microcode and Initrd: Combines the microcode and initrd images into a single file.
- Update EFI Binary: Updates the EFI binary with the combined initrd, kernel, and cmdline sections.
- Cleanup: Ensures temporary files are removed upon script completion or exit.
A trap is set to call the cleanup function on script exit, ensuring temporary files are always removed.
echo "rd.luks.uuid=$(cryptsetup luksUUID /dev/nvme0n1p2) root=UUID=$(blkid -s UUID -o value /dev/mapper/rootfs)" > /boot/cmdline
chmod +x uki-gen.sh
./uki-gen.sh
efibootmgr -c -d /dev/nvme0n1 -p 1 -l '\EFI\Linux\linux.efi' -u- Move
uki-gen.shto/urs/local/bin - Create pacman hook
/etc/pacman.d/hooks/update-uki.hook
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = linux
Target = intel-ucode
[Action]
Description = Update linux.efi after kernel or microcode upgrade
When = PostTransaction
Exec = /usr/local/bin/uki-gen.sh
- Replace Targets with your own kernel and microcode packagas. Names must be match with names which uses in your package manager.
- Ensure you have the necessary permissions to access and modify the specified files and directories.
- This script is designed to be run on systems that use systemd and have the appropriate files in place. Adjust paths and file names as needed for your specific environment.