Unified kernel image
If you use UEFI and only boot a single Linux kernel, you don't need a bootloader like systemd-boot or GRUB. Instead you can create a Unified Kernel Image and boot that directly. This article documents how.
Overview[edit | edit source]
Traditionally bootloaders provided the following features:
- The ability to select something to boot
- The ability to boot applications from a filesystem
Before UEFI these features were useful as BIOS machines could only specify a drive to boot from, not individual kernels or applications.
On UEFI systems using a bootloader with these features is redundant and wastes time.
With the help of an stub you can package everything needed to boot your Linux system in to a single UEFI application. This is called a 'Unified kernel image', defined in systemd's Boot Loader Specification.
There are currently two main stubs you can use to boot Linux:
- The kernel's EFI Boot Stub which is only useful for kernel developers
- systemd-stub which can be used to package pre-built components
Because systemd-stub can be used with existing components provided by your Linux distro, it's possible to create a script that builds a Unified Kernel Image yourself.
Upstream install guides[edit | edit source]
Here are install guides for projects that officially support unified kernel images:
- systemd's ukify tool
- ArchWiki's unified kernel image page
- Alpine Linux's UEFI Secure Boot page
- Gentoo's Unified kernel image page
Debian and Ubuntu install guide[edit | edit source]
Step 1: Copy and paste this file to 'install.sh' somewhere on your computer.
#!/bin/bash DISK=/dev/vda PART=2 apt install systemd-boot binutils efibootmgr cat /proc/cmdline > /boot/cmdline.txt mkdir -p /boot/efi/EFI/unified cat <<EOF >/etc/kernel/postinst.d/zz-unified #!/bin/bash test -e /boot/splash.bmp && SPLASH='--add-section .splash=/boot/splash.bmp --change-section-vma .splash=0x40000' exec objcopy \ --add-section .osrel=/usr/lib/os-release --change-section-vma .osrel=0x20000 \ --add-section .cmdline=/boot/cmdline.txt --change-section-vma .cmdline=0x30000 \ \$SPLASH \ --add-section .linux=/boot/vmlinuz --change-section-vma .linux=0x2000000 \ --add-section .initrd=/boot/initrd.img --change-section-vma .initrd=0x3000000 \ "/usr/lib/systemd/boot/efi/linuxx64.efi.stub" "/boot/efi/EFI/unified/bootx64.efi" EOF chmod +x /etc/kernel/postinst.d/zz-unified /etc/kernel/postinst.d/zz-unified efibootmgr -c -d $DISK -p $PART -L "Linux Unified" -l "\EFI\unified\bootx64.efi"
Step 2: Change DISK=/dev/vda
to the disk with your UEFI partition on it and PART=2
to the partition number. Typing lsblk
might help you find this.
Step 3: Run bash install.sh
as root in the directory containing the install.sh file.
Step 4: Reboot and enter UEFI setup. Run the new "Linux Unified" option and see if it works. If it does, set it to be the default option.
Step 5: Optionally, add a splash file in /boot/splash.bmp
and run /etc/kernel/postinst.d/zz-unified
. You may also want to add bgrt_disable
to the kernel arguments to hide your computer's UEFI logo.