Menu
homePrograms

UEFI - what is it? Download, installation, advantages, configuration features. UEFI Boot - what is it?

Most users have upgraded their computers: purchased new system units, motherboards or laptops in the last four years.

The remarkable thing about the new machines is that the outdated input/output system is no longer used, and an improved firmware called UEFI has taken its place.

It has a huge number of advantages over BIOS, which we will consider today.

Let’s look at it in more detail: we’ll find out what it is and why users don’t like it so much.

Evolution of system software

For more than two decades, BIOS has been used as low-level software used when starting a computer to test its hardware and transfer control of the hardware to the main one, which selects and launches the bootloader of the desired operating system.

With its help, users can manage a huge number of parameters of hardware components.

CMOS– an electronic element with independent power supply in the form of a battery, where the entire current computer configuration is stored.

BIOS appeared in the late 80s. Yes, it was regularly improved and updated, modified to meet the needs of users and developers, giving them the ability to control equipment operating modes and power supply, but everything comes to an end. Moreover, the input/output system is the component that has undergone the least changes in almost three decades in the field of information technology.

BIOS has a lot of disadvantages:

  • it does not support booting from hard drives larger than 2 TB– you bought a new 3 or 4 TB hard drive, but you won’t be able to install an operating system on it, this is a technological limitation of the master boot record (no one in the 80s even thought that HDDs could be of such incredible size);
  • BIOS operates in 16-bit mode(despite the fact that virtually all modern processors are 64 and 32 bit) using only 1024 KB of memory;
  • the process of simultaneous initialization of several devices is supported, but it is very undebugged and problematic, which reduces the speed of computer startup (each hardware component and interface is initialized separately);
  • BIOS is a paradise for pirates– it does not have any security mechanisms, which allows you to load any operating systems and drivers, including those with modified code and unsigned (unlicensed) ones.

The first version of UEFI was developed by Intel for Itanium, but was later ported to the IBM PC.

This is an independent operating system with a graphical interface, consisting of many modules and having unlimited access to the resources of hardware components.

Features of the new EFI with GUI:

  • its code is written entirely in , which allows you to increase performance during PC boot by leveraging the capabilities of 64-bit central processors;
  • the address space of the operating system is enough to support 8 * 10 18 bytes of disk space (this reserve will be enough for several decades), despite the fact that the entire volume of digital information is currently almost three orders of magnitude lower;
  • RAM addressing - theoretical calculations show that UEFI will allow you to install up to 16 exabytes of RAM (9 orders of magnitude more than in powerful modern PCs);
  • accelerated loading of the OS is carried out due to parallel initialization of hardware components and loading of drivers;
  • drivers are loaded into RAM before the operating system starts, and they are not platform-dependent;
  • instead of the old partitioning scheme, progressive GPT is used, but to use it you will have to ;
  • convenient and attractive graphical shell supports mouse control;
  • there are built-in utilities for diagnostics, configuration changes and firmware updates of hardware components;
  • support for macros in .nsh format;
  • modular architecture - allows you to load your own drivers or downloaded from the Internet;
  • One of the most significant and important changes (in particular for Microsoft) that UEFI brought is the presence of . It is designed to protect Bootloader from executing malicious code, to protect the operating system from viruses even before it is launched through the use of digital signatures.

Let's talk about the last function in more detail.

Secure Boot

The name of the technology translates as “secure boot” and is a protocol that is part of the EFI graphics specification.

Fig. 4 - Checking the Secure Boot operating mode via the command line in Windows 10

Specification UEFI(Unified Extensible Firmware Interface, Unified Extensible Firmware Interface, or Extensible Firmware Interface), formerly known as Extensible Firmware Interface (EFI), defines the interface between the operating system and the microcode(s) that control the hardware. In other words, UEFI is an interface that sits “on top” of the computer’s hardware components, which, in turn, operate on their own firmware (microcode).

In the name UEFI itself, the definition of “extensible interface” suggests that it is a modular system that can be functionally easily expanded and upgraded.

For more understanding, UEFI Compared to BIOS, this is, roughly speaking, a new type or the next generation of firmware, and it is no longer limited only to x86 personal computers (IBM PCs), but also claims to be an all-platform standard. However, unlike BIOS, UEFI is based on a fundamentally new code topology called “driver-based”.

  • The main purpose of EFI is to replace the aging (losing relevance) BIOS technology and the limitations associated with it.
  • The main goal of UEFI development is to standardize the interaction of the operating system with platform firmware during the boot process. In the classic BIOS, software interrupts and I/O ports were the main mechanism for interacting with hardware during the boot phase, but modern systems are able to provide more efficient I/O operations between hardware and software.
  • The main task of EFI is to correctly initialize the hardware and transfer control to the operating system loader. In this regard, the task is not very different from the task of a traditional BIOS, but the algorithms are fundamentally different.

UEFI can be safely called an independent miniature operating system, which is an interface between the main user operating system running on the computer and the hardware microcode.

Let's now take a short excursion into the history of personal computers in order to understand the reasons that led to attempts to replace the standard BIOS with something fundamentally new.

Good old BIOS

The basic principles of the functioning of the BIOS (basic input-output system) for personal computers were defined back in the late 70s of the last century. Over a fairly long period of time that has passed since then, the computer industry has developed rapidly, which led to the fact that at certain stages the BIOS capabilities were not enough, since the devices produced by manufacturers had new technologies on board, often incompatible with current BIOS versions. To avoid such problems, developers sometimes had to significantly modify the BIOS code, but a number of restrictions have remained unchanged to this day. And, if initially the BIOS architecture was quite simple, then over time it became more complex, adapting to more and more new technologies, therefore, at a certain point it began to resemble a pile of various kinds of outdated and poorly interacting code. The limitations that can still be found in BIOS code today are explained by the need to maintain compatibility with the basic functions necessary for the functioning of older software. All this has led to the fact that the BIOS has essentially become the most outdated component of modern PCs. At the moment, the BIOS does not meet the requirements of the latest equipment and has the following disadvantages:

  1. 16-bit code, real mode. The BIOS is written in assembly language and operates on 16-bit code in real mode of the processor with its inherent limitations, the most significant of which is the limitation of the memory address space of 1 Megabyte.
  2. Lack of access to 64-bit hardware. The BIOS is not capable of directly communicating with the 64-bit hardware that currently dominates the market.
  3. Lack of a uniform standard. There is no single specification for BIOS - each manufacturer offers its own implementation variations.
  4. Complexity of development. The problem is that for almost every new motherboard model, the manufacturer develops its own version of the BIOS, which implements the unique technical features of this device: interaction with chipset modules, peripheral equipment, etc. BIOS development can be divided into two stages. At the first stage, a basic version of the firmware is created, which implements those functions that do not depend on the specifics of the equipment. The developers of such code are well known, these are companies such as American Megatrends (AMIBIOS), Phoenix Technologies (+ the legendary Award Software (AwardBIOS) acquired by it) and some others. At the second stage, programmers from the motherboard manufacturer are involved in BIOS development. Here the basic assembly is modified to suit the specifics of each specific board model, its features are taken into account. After the motherboard enters the market, work on the firmware continues, updates are regularly released that fix errors, add support for new hardware (for example, processors) and sometimes even expand the functionality of the firmware.

All these, as well as some others, shortcomings of the traditional BIOS model led to the fact that a coalition of hardware and software manufacturers began working on the creation of the UEFI specification. Starting, according to my own observations, around 2010, the UEFI specification began to be massively introduced into all newly released motherboards from leading manufacturers, so at the moment it is almost impossible to find a new computer with a traditional BIOS. However, you shouldn’t be too upset about this, since many manufacturers maintain compatibility with the functionality of traditional BIOS in their motherboards. For example, support for traditional boot mode using MBR is a very important point. For this purpose, a UEFI BIOS emulation mode module was developed, which is called Compatibility Support Module (CSM). True, I believe that over time, fewer and fewer manufacturers will support this mode in their firmware.

Benefits of UEFI

Here I would like to define the advantages of the UEFI interface:

  1. Support for large storage media (disks). UEFI owes its support for large disks to a new partition table standard called GPT (GUID Partition Table). The traditional BIOS boot method used the Master Boot Record (MBR) boot sector, which contained a partition table that described the placement of disk partitions. Partition table entries in the MBR have one significant drawback: the number of the first sector of the beginning of the partition in LBA format (offset 08h from the beginning of the partition entry) has a width of only 4 bytes (32 bits), respectively, only 4 billion sectors can be addressed. And this, with the “classic” sector size of 512 bytes, is only ~2 terabytes of disk space. UEFI, using GPT, makes it possible to address disks up to 18 exabytes.
  2. Direct support for file systems and partition tables. UEFI has modules for supporting file systems and partition tables, that is, it can work with both partition tables and file systems directly. The specification implies support for the GPT partition table, FAT12, FAT16, FAT32 file systems on hard drives and the ISO9660 file system on CD/DVD drives. This saves us from having to write bootstrap code (similar to MBR), which will load bootloaders of various stages in a chain.
  3. No other traditional MBR restrictions. For example, you no longer need to squeeze bootstrap code into a tiny 512-byte sector. You can focus on writing a single loading module that will combine all the necessary stages.
  4. Platform-independent hardware drivers. UEFI has access to the computer's hardware through platform-independent drivers. The device manufacturer only needs to write one version of the driver for all platforms (x86, ARM, Itanium, Alpha), and this greatly simplifies development and speeds up the process of identifying errors. The UEFI specification describes the interaction of UEFI drivers with the operating system, thus, in the case when the OS does not have a driver, for example, a video card, but in UEFI it is present, loaded and functioning, the OS has the ability to output data to the monitor using standard UEFI interfaces.
  5. Support for TCP protocol stack: IPv4/IPv6. Allows you to use rich networking capabilities directly from the UEFI interface. Now you can develop various downloads using http/ftp protocols; a download immediately comes to mind indicating the URL where a regular EFI module or a full-fledged ISO image is located. It has become possible to bypass what has already become the only possible option, loading over the network using PXE/TFTP. Some, especially advanced implementations, may implement support for PXE over IPv6.
  6. Support for traditional BIOS model. UEFI does not require a classic BIOS, but many manufacturers embed BIOS emulation code to support older operating systems. This module is called the Compatibility Support Module (CSM). The CSM includes a 16-bit module (CSM16) implemented by the BIOS manufacturer and a layer that links the CSM16 to the instrumentation (interface and hardware). Compatibility implies support for booting via MBR and support at the code level for software interrupts (int 10h - video service, int 13h - disk service, int 15h - service functions, int 16h - keyboard service, int 18h - ROM-BASIC service, int 19h - bootstrap loader service). Therefore, those OS and software that needed the good old BIOS to work like air can easily work on machines with UEFI.
  7. Intuitive UEFI interface. The so-called “ease of control”. This is a rather controversial point; it is impossible to unequivocally classify it as a plus or a minus. It is alleged that BIOS management was not intuitive, presenting a poorly documented, ascetic text interface that only a computer-savvy user could understand. In contrast, many UEFI shells support a graphical interface and a mouse, which are simply not implemented in most BIOSes. However, if my memory serves me correctly, back in the 90s I observed attempts to implement mouse support in the BIOS from (I think) Phoenix. The interface itself can be graphical, in the opinion of some - more friendly and intuitive for the majority, but it can also be traditional, that is, similar to a classic text one, it all depends on the preferences of the developer and the positioning of the equipment. It is possible to support multiple languages.
  8. UEFI speed. It is claimed that the UEFI code runs faster than the traditional BIOS code (although it is written in C), due to the fact that it is written entirely from scratch, without the need to “drag” a train of outdated code to support various non-standard hardware and various logical anachronisms.
  9. OS loading speed. It is claimed that booting with UEFI is significantly faster. This is achieved by parallelizing the initialization of devices, as opposed to the BIOS, which initialized the equipment sequentially, as well as reducing startup time due to the absence of the need to search for the bootloader by enumerating all devices (the bootloader is specified in UEFI and called directly). I am inclined to believe it, since I cannot confirm or deny it at the moment. However, if you measure how much time it takes on my old machine on a Celeron 450/GA-G31M-ES2L with an SSD from the moment it is turned on until the authorization window for the optimized Windows XP appears, it will only be 23 seconds. This will probably not be enough for certain categories of devices.
  10. UEFI is a mini OS.
  11. You can, of course, call UEFI a miniature operating system, and this, in part, will be fair, but it would be more correct to consider it a virtual platform that provides interfaces to equipment. You can only work in the console, or you can write a full-fledged graphical interface. UEFI, if there are modules of the necessary functionality, can, for example, help understand problems loading the main OS, or perform other service functions. Additional software modules.
  12. Immediately before loading the operating system from the UEFI media, it allows you to launch your own UEFI modules and drivers for general purposes: for working with the network, disk (archiving/backup/antivirus), configuring parameters, testing equipment. Obviously, with the popularization of the standard, the list of UEFI applications will only expand. Nowadays you can even write a full-fledged game, develop your own console for service needs in the form of a separate UEFI module (example: shell.efi), an Internet browser, provide work with media data (watching movies, listening to music), and organize disk backups. UEFI contains a built-in download manager.
  13. That is, it implements its own OS code loader, which is very functional and can act as an analogue of the multi-loaders of several operating systems familiar to us from the not so distant past. In UEFI, when reading, a special EFI I/O block size is used, which allows reading 1 MB of data (in the BIOS the limit is 64 KB).
  14. Safety. Supposedly UEFI is protected from malicious code during the boot phase. It is alleged that the malicious code cannot load itself before the operating system boots, thereby taking over control. This is achieved both by signing everything in the firmware itself and by having a secure boot procedure called “Secure Boot”.
  15. Easy to scale functionality. UEFI firmware can be easily expanded - just insert a supported drive (for example, a USB flash drive). After this, you can connect additional drivers and UEFI applications from an external device. If you think about it, this opens up great opportunities for expanding functionality that could not be obtained using a traditional BIOS, since it was limited solely by the code hardwired into the ROM. In UEFI, you can “slip” the driver of a new piece of hardware directly at the UEFI operating stage, that is, before the operating system starts loading, and gain access to the functionality of this device.
  16. The UEFI code operates in 32/64-bit mode. With all the ensuing... advantages. To be completely honest, UEFI still uses real mode at the very beginning to perform some platform initialization tasks, but very quickly goes into protected/long mode.
  17. Support for alternative input means. UEFI provides support for alternative input media, such as virtual keyboards and touch displays. This is quite relevant in our era of various mobile gadgets.

Disadvantages of UEFI

And now I would like to highlight the disadvantages of UEFI technology:

  1. Increasing complexity of architecture. All the advantages of EFI are not so significant compared to its main disadvantage - the complication of the code structure. A significant increase in the volume of code and its logical complication do not in any way contribute to making development easier, quite the contrary. But before and in parallel with UEFI, there were open implementations as an alternative to the outdated BIOS model, for example OpenBIOS, which were rejected.
  2. Secure Boot.
  3. Here, operating system developers solved several problems at once: partly the problem of piracy, eliminating the bypass of activation by introducing activators into the boot stages, the problem of malicious code (viruses) of the boot stage, and the problem of outdated operating systems that remain popular, which users do not want to leave :) In fact, it turned out that in some especially smart devices, due to the presence of the “Secure Boot” option that cannot be disabled, it is often impossible to install any OS other than Windows version 8+ systems, since only the latter have certified bootloaders at the moment. Agree, it looks like a rather clumsy way of dealing with stingy users and competitors, although Microsoft itself strongly denies such a situation. In a word, the technology can cause a lot of inconvenience, but at least most vendors have this option (for now) disabled in the settings. Inability to install older operating systems (in some cases).
  4. It is not possible to install older systems without Compatibility Mode (CSM). Deviation from the standard. Each hardware component manufacturer modifies the UEFI at its own discretion, thereby creating additional difficulties for the user, essentially returning us to BIOS chaos? For example, on different devices, the boot manager can be implemented differently, and at the same time have quite significant deviations from the recommendations of the UEFI specification. In practice, sometimes I came across buggy UEFIs that ignored the NVRAM boot list parameters and simply loaded code from\EFI\Microsoft\Boot\bootmgfw.efi
  5. or EFI/BOOT/bootx64.efi . Or the boot manager in some implementations may contain a combined list of MBR and GPT devices, while in others there are different boot lists, which introduces some confusion. The UEFI standard provides for the presence of certain drivers that will intercept calls to the operating system, so DRM (Digital Restrictions Management, technical means of copyright protection) can be implemented. The essence of the algorithm is as follows: a person for whom everything works is offered, at his own expense, to install such software or equipment so that some of the functions in his working systems for reproducing digital content (computers, multimedia players, etc.) no longer work in the usual way. There are reasonable fears that the creation of UEFI is a veiled way of introducing functions unwanted for the end user into a PC.
  6. Possibility of introducing unwanted modules. It is impossible to guarantee that the operating system has 100% control of the computer if it boots using UEFI!

UEFI operation algorithm

During the development of UEFI, the developer, from the very beginning, established strict boundaries for each process involved in execution. The first three phases (SEC, PEI, DXE) prepare the platform for the OS bootloader, the fourth phase (BDS) directly loads the OS bootloader. Let's try to analyze the UEFI operating algorithm and take a closer look at all its phases.

  • SEC phase.
    • (Security, Safety). Security phase. Everything must be signed and verified otherwise it will not start!
    • Clearing CPU cache.
    • Running the main initialization procedure in ROM.
    • Switching to protected processor mode.
    • MTRR (Memory Type Range Registers) for BSP are initialized.
    • Run microcode patches for all installed processors.
    • Getting started with BSP/AP. BSP = Board Support Package. AP = Application Processor. Each core can be represented as a BSP + AP. IIPI (Init Inter-processor Interrupt) is sent to all APs, then SIPI (Start-up Inter-processor Interrupt).
  • Transfer of data and control to the PEI phase.
    • PEI phase.
    • (Pre-EFI Initialization, Pre-EFI Initialization). Prepare the platform (memory and discovered devices) for the main system initialization procedure in the DXE phase.
    • Transferring data from ROM to cache.
    • PEIM: Processor initialization modules are loaded and launched. (example: processor cache module, processor frequency selection module). Processors are initialized.
    • PEIM: Platform built-in interfaces are initialized (SMBus). MCH (Memory Controller Hub), ICH (I/O Controller Hub) are initialized.
    • PEIM: memory initialization. Initializing main memory and transferring data from the cache into it.
    • Checking mode S3. No - transfer of control to the DXE phase. Yes - restore the original state of the processor and all devices and switch to the OS.
  • DXE phase.
    • (Driver eXecution Environment, Driver loading environment). The loading of components in this phase is based on resources that were initialized in the PEI phase. Final initialization phase for all devices. Starting UEFI services: Boot Services, Runtime Services and DXE Services.
    • The DXE kernel is loaded. The DXE infrastructure is created: the necessary data structures and a handle database are created. Includes basic DXE interfaces. Launches a number of services: Boot Services, Runtime Services, DXE Services.
    • Starting DXE Manager. Using the Hand-off Block structure (HOB list) transferred from PEI, it determines the available Firmware Volume (FV, a structured database of DXE executable modules: drivers and applications) and searches for drivers in them, launches them, observing dependencies. At this moment, the remaining components are activated, several at the same time. The manager loads all available drivers from all available media.
    • Loading the SMM Init driver. Initiates a subphase. SMM (System management mode) is one of the privileged code execution modes of an x86 processor, in which the processor switches to an independent address space, saves the context of the current task, then executes the necessary code, then returns to main mode. Why do we need SMM? But because in this mode you can do anything you want with the system, regardless of the OS. The SMM code can be executed after the DXE phase has ended.
  • UEFI Boot Manager starts. This happens after all drivers have started. Control is transferred to the BDS phase.
    • Console devices are initialized, described by the environment variables ConOut (ConsoleOutHandle), ConIn (ConsoleInHandle), StdErr (StandardErrorHandle).
    • UEFI device drivers listed in the DriverOrder environment variable (containing Driver#### options in boot order) are loaded.
    • The UEFI application is loaded from the Boot#### boot device. Lists of devices are contained in the BootOrder environment variable in boot order.
    • If we were unable to do any of the above, then call the DXE manager to check that the dependencies of additional drivers have been provided since the last time the manager was called. After which control returns to the BDS phase again.

UEFI Boot Manager operation algorithm

The UEFI boot concept is significantly different from the BIOS boot concept. If you remember the BIOS, the bootstrap code int 19h (bootstrap loader) was responsible for loading there, the task of which was only to load the master boot record (MBR) from the boot device into memory and transfer control to it. In UEFI, everything is somewhat more interesting; it contains its own full-fledged built-in bootloader, which is called UEFI Boot Manager (UEFI Boot Manager or simply Boot Manager), which has much richer functionality.

UEFI Boot Manager is a standard generic UEFI module.

Boot Manager implements a fairly wide range of functions, which include loading UEFI images such as: UEFI first-stage OS loaders, UEFI drivers, UEFI applications. Booting can be done from any UEFI image located on any UEFI-supported file system located on any physical storage medium supported by the platform. UEFI Boot Manager has its own configuration, the parameters of which are located in the form of a number of variables in a common NVRAM (Non-volatile RAM).

EFI NVRAM is a shared memory area designed to store UEFI configuration parameters, available for use by firmware developers, hardware manufacturers, operating system developers, and users.

UEFI parameters are stored in NVRAM as variables, which are classically represented by the pair "parameter name" = "value". These variables contain a large number of parameters that relate to different functional parts of the UEFI, that is, in addition to the UEFI Boot Manager parameters, NVRAM stores many other UEFI parameters. However, in the context of this chapter we are only interested in variables related to the UEFI Boot Manager This is primarily the BootOrder variable, which points to boot descriptor variables named Boot#### Each Boot#### element is a pointer to a physical device and (optionally) can even describe a file that represents a UEFI image. , which should boot from this physical device.

All boot devices are described as a full path, that is, they contain a readable name of the boot file, so they can be added to the boot menu.

This is roughly how I imagine the algorithm for enumerating media during UEFI operation:

As we can see, UEFI Boot Manager parses BootOrder , that is, it loads the device path of each Boot#### element in the order specified in the BootOrder variable and tries to boot from the specified device. If there is an error, the boot manager moves on to the next element. In addition, a so-called download list is generated. This list is relevant for the UEFI settings interface and looks like the familiar standard boot menu. The UEFI Boot List is generated based on the BootOrder variable and is used to allow the user to make changes to the order and configuration of boot devices.
How is the BootOrder itself formed? And it’s very simple, for example, during the installation of the Windows operating system, the installer creates an ESP partition (if it does not exist) on the installation disk, formats this partition into the FAT file system, then places its boot loader (for Windows 7+ this is the file bootmgfw.efi) and some other files along the path \EFI\Microsoft\Boot\ . Once the OS installation is complete, the Windows installer creates a variable in the EFI NVRAM called Boot#### (where #### is a hexadecimal number) that references the Windows boot manager named bootmgfw.efi . Then, sets the BootOrder variable?

UEFI bootable media requirements

The UEFI specification, among other things, describes certain requirements for the rules for placing partitions and boot loaders on media. And for different classes of devices, as we will see later, they differ significantly.

Hard drive requirements

Every bootable hard drive must contain a special EFI System Partition (ESP). The ESP partition must adhere to the directory hierarchy (structure) predefined by the standard: the /EFI directory must be located at the root of the ESP partition. The /EFI folder, in turn, should contain subdirectories of operating system vendors, hardware manufacturers, general tools and drivers:

\EFI\<директория вендора ОС 1> <файл-загрузчик-ОС1>.efi\<директория вендора ОС 2> <файл-загрузчик-ОС2>.efi. . .<директория вендора ОС N> <файл-загрузчик-ОСN>.efi\<директория производителя оборудования (OEM)> .efi\<директория BIOS вендора> <приложение-BIOS-вендора>.efi\<директория вендора стороннего ПО> <стороннее-приложение>\

\<директория вендора ОС 1>

<файл-загрузчик-ОС1>.efi \BOOT BOOT(architecture_type).efi

\<директория вендора ОС 2>

.efi

Register of subdirectories.

Vendors whose directories are not described in the vendor subdirectory and who do not have their own subdirectories in the /EFI folder often place their bootloader as the "default bootloader". For example, for x64 systems along the path: /EFI/Boot/bootx64.efi.
The boot loader file is a typical UEFI application, has the PE32+ format and contains code for the initial stage of loading the operating system, that is, it begins the OS boot process. Its purpose is to prepare data structures, load the OS kernel into memory and transfer control to it.

The specification describes the /EFI/Boot subdirectory. This subdirectory is used as the “default” location, that is, in a situation when, for some reason, some bootloader is lost (not configured) in NVRAM. For such a case, this directory contains the so-called “default boot loader”, which has a standardized name BOOT (architecture_type).efi Some older UEFI implementations were bugged, they simply ignored the boot list in NVRAM and loaded directly modules or /EFI/BOOT/bootx64.efi . Other, no less “direct” UEFI options did not support the boot menu and also always loaded /EFI/Boot/bootx64.efi or/EFI/Microsoft/Boot/bootmgfw.efi

depending on your mysterious preferences.

UEFI does not run any code from the classic MBR, regardless of whether the sector is present on the media installed on the system or not. The exception is UEFI versions that implement “compatibility mode” support. As a result, for traditional (legacy) loading of operating systems compatible with the MBR markup standard, UEFI provides special modules that can be (at the discretion of the vendor) included in the firmware. You can find out whether your specific UEFI firmware supports “compatibility mode” by searching the UEFI interface for parameters such as Legacy, Legacy CSM, Launch CSM, CSM Boot, CSM OS, Launch CSM or CSM Support. It should be noted that in the vast majority of firmware this mode is present, which greatly simplifies the life of users who bought new laptops or motherboards, but have not changed their habits in using “old” operating systems from MS :)
It is logical to assume that if there is a CSM module, the firmware code when booting in traditional mode should be as close as possible to the similar functional features of traditional BIOS, simply emulating key technologies. Let's take a look at what the UEFI Compatibility Support Module (CSM) does when booting in legacy mode.
For now, I will give here only an abstract conditional loading algorithm in Legacy/Compatibility Support Module (CSM) mode:

  1. Is booting in legacy mode required? If not, then we go to the usual UEFI Boot chain.
  2. Load the Legacy Driver module.
  3. Load the Legacy BIOS module.
  4. Is support for traditional video BIOS functions required (implementation of int 10h interrupt functions)? Yes - we are loading.
  5. Is support for other traditional BIOS extensions (int 13h..) required? Yes - we are loading.
  6. Loading a traditional (legacy) OS? No - we go to normal UEFI boot.
  7. We form SMBIOS structures.
  8. We form Legacy Device structures.
  9. We form the int 15h interrupt structure, the BBS (BIOS Boot Specification) API structure.
  10. We generate ACPI RSD PTR.
  11. Upload a compatible SMM code.
  12. We load the code from the MBR and transfer control to it.

Multiboot in UEFI

From the very beginning of the mass distribution of personal computers, from time to time the task arose of deploying several operating systems on one PC, which could host one or more physical media. Not so long ago, the situation was significantly changed by the discovery of virtualization technology, but this did not completely eliminate the problem. In its classical sense, in relation to stations that boot using the traditional PC/AT BIOS method using the classic MBR markup, multiboot was a third-party code in the main boot sector (MBR), which loads the so-called boot manager (multibooter), which stores settings for each operating system installed on the computer and providing a menu for selecting how to boot a particular OS. If we talk about our time, that is, about multibooting in relation to media partitioned using GPT markup, then a lot has changed now. As we have already noted, UEFI can directly work with GPT disks, so the task of installing multiple operating systems is greatly simplified. Now all the functions of the multibooter are taken over by the built-in UEFI Boot Manager, the operating principles of which we described above. The OS installer only needs to do what it already does very well: place the bootloader on a special ESP partition in “its” directory hierarchy, after which this bootloader becomes “visible” in the UEFI settings. In addition to the OS installer, now the user himself, using the settings (graphical/text interface UEFI), can manually add a bootloader located on any physical media connected and visible to the system. All these bootloaders added in various ways become available through the Boot Menu, which the user can configure/call directly while UEFI is running, that is, at the initial stage of booting the PC. In other words, multibooting in UEFI is simply a matter of running UEFI applications (OS-specific bootloaders) located on mounted media on a special ESP partition in a directory hierarchy rooted at /EFI.

UEFI (Unified Extensible Firmware Interface) is a replacement for the outdated BIOS. This specification was invented by Intel for Itanium, then it was still called EFI (Extensible Firmware Interface), and then was ported to x86, x64 and ARM. It is strikingly different from BIOS both in the boot procedure itself and in the ways of interacting with the OS. If you bought a computer in 2010 or later, then most likely you have UEFI.
The main differences between UEFI and BIOS:
  • GPT (GUID Partition Table) support
GPT is a new partitioning method, replacing MBR. Unlike MBR, GPT supports disks larger than 2TB and an unlimited number of partitions, while MBR only supports 4 without crutches. UEFI supports FAT32 with GPT partitions by default. UEFI itself does not support MBR; support and booting from MBR is carried out by the CSM (Compatibility Support Module) extension.
  • Service support
There are two types of services in UEFI: boot services and runtime services. The former work only until the OS loads and provide interaction with graphic and text terminals, buses, block devices, etc., while runtime services can use the OS. One example of runtime services is variable service, which stores values ​​in NVRAM. Linux OS uses a variable service to store crash dumps, which can be retrieved after rebooting the computer.
  • Modular architecture
You can run your applications in UEFI. You can boot your drivers into UEFI. No, really! There is such a thing as UEFI Shell. Some manufacturers include it in their UEFI, but my laptop (Lenovo Thinkpad X220) does not have it. But you can simply download it from the Internet and put it on a flash drive or hard drive. There are also drivers for ReiserFS, ext2/3/4 and perhaps some others, I didn’t go too deep into it. You can download them from the UEFI Shell and walk through the expanses of your file system directly from UEFI.
UEFI also supports networking, so if you find a UEFI driver for your network card, or if it is included by the motherboard manufacturer, you can ping 8.8.8.8 from Shell.
In general, the UEFI specification provides for the interaction of UEFI drivers from the OS, i.e. If your OS does not have a driver for the network card, but it is loaded into UEFI, then the OS will be able to use the network card via UEFI, but I have not seen such implementations.
  • Built-in download manager
In general, UEFI does not require a bootloader if you want multiboot. You can add your own menu items, and they will appear in the UEFI boot menu, right next to the disks and flash drives. This is very convenient and allows you to boot Linux without a bootloader at all, but directly into the kernel. This way, you can install Windows and Linux without third-party bootloaders.
How does booting into UEFI work?
From a GPT partition with identifier EF00 and file system FAT32, by default the file \efi\boot\boot[architecture name].efi is loaded and launched, for example \efi\boot\bootx64.efi
Those. to, for example, create a bootable USB flash drive with Windows, you just need to mark the flash drive in GPT, create a FAT32 partition on it and simply copy all the files from the ISO image. There are no more boot sectors, forget about them.
Booting into UEFI is much faster, for example, booting my ArchLinux laptop from pressing the power button to a fully operational state is only 30 seconds. As far as I know, Windows 8 also has very good boot speed optimizations in UEFI mode.

Secure Boot

I've seen a lot of questions on the internet like:
“I heard that Microsoft is implementing Secure Boot in Windows 8. This technology prevents unauthorized code from executing, such as bootloaders, to protect the user from malware. And there's a campaign from the Free Software Foundation against Secure Boot, and a lot of people were against it. If I buy a computer with Windows 8, can I install Linux or another OS? Or does this technology only allow you to run Windows?”

Let's start with the fact that this technology was not invented by Microsoft, but it is included in the UEFI 2.2 specification. Having Secure Boot enabled does not mean that you will not be able to run an OS other than Windows. In fact, computers and laptops certified to run Windows 8 obliged have the ability to disable Secure Boot and the ability to manage keys, so there is nothing to worry about. Non-disabled Secure Boot is only available on ARM tablets with Windows preinstalled!

What does Secure Boot do? It protects against the execution of unsigned code not only at the boot stage, but also at the OS execution stage, for example, in both Windows and Linux, the signatures of drivers/kernel modules are checked, so malicious code cannot be executed in kernel mode. But this is only true if there is no physical access to the computer, because, in most cases, with physical access, the keys can be replaced with your own.

Secure Boot has 2 modes: Setup and User. The first mode is for configuration, from it you can replace PK (Platform Key, default from OEM), KEK (Key Exchange Keys), db (resolved key database) and dbx (revoked key database). There may not be a KEK, and everything can be signed by PK, but no one does that, it seems. PK is the main key with which KEK is signed, in turn, db and dbx are signed with keys from KEK (there may be several of them). In order to be able to run some signed .efi file from User mode, it must be signed with a key that is in db, and not in dbx.

For Linux there are 2 pre-loaders that support Secure Boot: Shim and PRELoader. They are similar, but there are small nuances.
Shim has 3 types of keys: Secure Boot keys (those in UEFI), Shim keys (which you can generate yourself and specify during compilation), and MOK (Machine Owner Key, stored in NVRAM). Shim does not use a UEFI boot mechanism, so a bootloader that does not support Shim and does not know anything about MOK will not be able to execute the code (thus gummiboot bootloader will not work). PRELoader, on the other hand, builds its authentication mechanisms into UEFI, and there are no problems.
Shim depends on MOK, i.e. binaries must be modified (signed) before they can be executed. PRELoader “remembers” the correct binaries, you tell it whether you trust them or not.
Both pre-bootloaders are available in compiled form with a valid signature from Microsoft, so it is not necessary to change the UEFI keys.

Secure Boot is designed to protect against bootkits and attacks like Evil Maid, and, in my opinion, it does this effectively.
Thank you for your attention!

Many of us are increasingly encountering the standard UEFI Boot, which replaced the classic BIOS. At the same time, many would like to know better about UEFI Boot, but somehow they still don’t find the time or desire for this. In this material, I will try to eliminate the “blank spot” in the readers’ knowledge and tell you in detail what UEFI Boot is, describe its features and functionality.

There was a time when all computers were equipped with a BIOS built into the motherboard, which was a set of microprograms for testing the performance of the equipment, provided an API and supported booting the system. It was traditionally used in IBM-compatible machines and for the time being it performed its functions reliably, limited to 16-bit processes and 1-MB addressing.

With the development of technology, the “good old” BIOS no longer meets modern requirements, it turned out to be insufficiently flexible and modern, and it was replaced by its successor - UEFI Boot, which supports almost all standards of modern equipment.

UEFI(Unified Extensible Firmware Interface) dates back to 2003, when Intel created a BIOS replacement for its 64-bit servers for Itanium microprocessors. At that time, this standard was called EFI (an abbreviation for Extensible Firmware Interface). Later, when it entered the Unified EFI Forum, this concept was named UEFI and continued its development as a unified IT industry standard, in the development of which the most famous computer hardware manufacturers take part.

It is known that UEFI Boot is, like its predecessor, a standard that is an interface connecting the operating system and firmware that perform low-level operation of connected equipment. Its purpose is to initialize the hardware and transfer control to the OS boot loader.

You can see what UEFI looks like and what it is in the video:

Advantages of UEFI over BIOS


Difference 1. Visual component

Many UEFI elements look like a traditional BIOS, but some have been changed beyond recognition. A more pleasing picture, convenient overclocking options, a convenient and accessible interface, and mouse support. The changes are undoubtedly pleasing to the eye.

Difference 2. 16 vs 32

While BIOS is limited to 16-bit processes and 1 megabyte memory addressing, UEFI has no such restrictions. It works in both 32 and 64-bit modes, allows you to work with significantly larger amounts of memory, and is little dependent on the computer architecture. The UEFI Boot specification provides drivers for system components regardless of what processor is used in your PC.

Difference 3. Working volumes

The MBR in the BIOS was limited to four main partitions on the disk, and the boot disks themselves had a maximum size of 2.2 terabytes. If previously this was quite enough, then the capabilities of today's drives already exceed the specified size. UEFI uses GUID partition markings, allowing booting from 9.4 ZB disks. For the uninitiated, I’ll explain that one zetabyte is 1024 times 1024 times 1024 gigabytes.

It is clear that this UEFI Boot allows you to work with a significantly larger size of boot options, it is not tied to any specific file system, and has fantastic network capabilities. The system boot loader can serve as an extension to UEFI, and the latter itself, if necessary, can itself perform the functions of a boot loader. At the same time, it is even possible to load the user’s own drivers into UEFI. Impressive, isn't it?

Difference 4. Extensions

UEFI supports both old extensions (for example, ACPI) and new ones based on EFI specifications with greater functionality (Asus Splashtop, etc.).

Difference 5. Easy control

Since most options are presented in the form of visual graphic symbols, working with them is simple and convenient. Try it and see for yourself.

Difference 6. Secure Boot

The UEFI standard has another advantage called Secure Boot– this is a special protection against the initialization of unsigned code, protecting the system from replacing the bootloader and launching unlicensed software. It was born in version UEFI 2.2, and is implemented in many modern computers. Despite its many advantages, users prefer to disable Secure Boot, since its disadvantages sometimes outweigh its advantages, especially when there is a need to boot the PC from a flash drive.

Conclusion

What is UEFI Boot? As you can see, the UEFI Boot specification has a number of serious advantages over its predecessor. A more convenient and accessible interface, improved operating speed, support for significantly larger amounts of memory and a system hard drive - this and much more makes UEFI the most effective and modern option. If you have a modern PC (circa 2011 onwards), maybe it's time to look into your UEFI and get to know it better.

BIOS is a well-known term among computer owners that has been used for many years. In the fall of 2017, Intel announced its plans to completely abandon BIOS on all of its platforms by 2020. Instead of BIOS it will now be used only UEFI, which may lead many to a logical question: why is UEFI better than BIOS and what is the difference between them?

BIOS chip on a Gigabyte motherboard.

UEFI and BIOS belong to the category of so-called “low-level” software, which starts even before the computer starts loading the operating system. UEFI is a more modern solution and it supports a large number of convenient features that are useful on modern computers. It often happens that manufacturers call UEFI on their computers with the traditional word “BIOS” so as not to confuse the user. Still, there is a big difference between UEFI and BIOS, and modern computers are mostly equipped with UEFI.

What is BIOS

BIOS is short for “ BasicInput-OutSystem" or " basic input/output system". It lives on a special chip inside the motherboard (pictured above) and does not depend on whether a hard drive is installed in the computer. When you turn on your computer, the first thing that turns on is the BIOS. This system is responsible for “waking up” the hardware components of your computer, checking their normal functioning, activating the bootloader and then starting the operating system.

BIOS as old as time.

The user can configure a large number of different parameters within the BIOS. Component configuration, system time, boot order, and so on. You can enter the BIOS using a special key when turning on the PC. It may be different for different computers. For example, Esc, F2, F10 or Delete. The manufacturer himself decides which one to choose. After changing the settings, all parameters are written to the motherboard itself.

The BIOS is also responsible for a process called POST – “ Power-OnSelf-Test or " power-on check". POST checks the suitability of the computer configuration and the health of the hardware components. If something goes wrong, a corresponding error is displayed on the screen or the computer begins to make a number of certain sounds (there is also the concept of POST codes, and some motherboards even have a corresponding display installed to display them). The intensity of these sounds depends on the type of error, and in order to decipher them, you need to refer to the manufacturer’s website or user manual.

After POST completes, the BIOS looks for the Master Boot Record (MBR) that is stored on the computer's storage media. Then the bootloader is initialized and the operating system starts. BIOS also often uses the term CMOS, which stands for " ComplementaryMetal-OxideSemiconductor" or " auxiliary metal oxide semiconductor". This is a designation for special memory that is powered by a battery built into the motherboard. The memory stores various BIOS settings and it is often recommended to remove the battery from the motherboard to reset the BIOS settings. In modern computers, CMOS has been replaced by flash memory (EEPROM).

Why is the BIOS outdated?

BIOS is a very old system that existed back in 1980 (and was developed even earlier), at the time of the launch of MS-DOS. Of course, over time, the BIOS has developed and improved, but the concept and basic principles of operation have remained the same. BIOS development is virtually zero when compared to the development of computers and technology in general.

Traditional BIOS has many serious limitations. For example, it can start the system only from a partition no larger than 2.1 TB (maximum 4 partitions) or less. In modern realities, users buy very capacious drives, the volume of which often exceeds 4 and even 8 TB. The BIOS will not be able to work with such media. This is due to the way the MBR works (the master boot record uses 32-bit elements). In addition, the BIOS operates in 16-bit mode (as it was developed back in the 70s) and has only 1 MB of addressable space for operation. The BIOS also has problems initializing a large number of components at once, which leads to a slow start of the computer.

The BIOS has been in need of replacement for a long period of time. Intel began developing EFI (Extensible Firmware Interface) back in 1998, and Apple switched to EFI in 2006, when the transition to Intel architecture took place. In 2007, Intel, AMD, Microsoft and various computer manufacturers approved the UEFI specification - " Unified Extensible Firmware Interface" or " unified extensible firmware interface". Windows gained UEFI support in Windows Vista SP1 and Windows 7. Today, almost all computers use UEFI instead of BIOS.

Why UEFI is better than BIOS

UEFI is installed instead of BIOS on various PCs that you can find in electronics stores. It should be noted right away that the user cannot switch from BIOS to UEFI on existing hardware. To do this, you need to purchase new hardware that supports UEFI. The vast majority of UEFI computers include BIOS emulation (often called Legacy BIOS) to allow the user to install and boot an older operating system that requires the BIOS to run. In other words, UEFI is backwards compatible.

A much more modern and user-friendly UEFI interface.

The new standard got rid of the unpleasant BIOS restrictions. A computer with UEFI can boot from drives larger than 2.2 TB. Theoretically, the maximum storage capacity for UEFI is 9.4 Tb (9.4 trillion gigabytes). That's a lot. The whole point is that UEFI uses the GPT scheme with 64-bit elements..

UEFI runs in 32 and 64 bit modes and also has more memory to work with. This, in turn, translates into faster processor load and ease of use. UEFI systems often have beautiful interfaces that support mouse input (in the screenshot above). There are also a number of other advantages. For example, UEFI supports Secure Boot. This is a special procedure that checks the operating system being loaded and makes sure that no malicious or third-party software will interfere during its loading. UEFI also has support for various network functions, which is useful when solving technical problems with your computer. In a traditional BIOS, the user must have physical access to the computer, whereas in UEFI there is a remote access option for configuration.

In general, UEFI is such a small operating system. It can be stored on the flash memory of the motherboard or it can be loaded from a hard/network drive. Different computers with different UEFIs have equally different interfaces and capabilities. It all depends on the preferences of your computer manufacturer.

UEFI was a big upgrade for modern computers, but the vast majority of users are unlikely to notice any significant difference. And many people are not interested in this question at all. Still, we must understand that the advent of UEFI instead of BIOS has become an extremely positive evolutionary change in the world of modern computers, even if all its charms and innovations remain hidden deep in the computer’s motherboard. Now the industry is still in a transition state from BIOS to UEFI, so all the delights of the new standard will be revealed in the near future. To speed up this process, Intel has decided to completely abandon BIOS until 2020, and that's a good thing.