A bootloader based on UEFI.
Provides the following functionality:
- Arm a hardware watchdog prior to loading an OS
- Provides a simple update mechanism with fail-safe algorithm
In addition, this project provides a UEFI stub and generator tool to create unified kernel images consisting of kernel, command line and, optionally, initrd and device trees.
Mailing list: efibootguard-dev@googlegroups.com
Archive: https://www.mail-archive.com/efibootguard-dev@googlegroups.com/
For sending patches, please refer to the mailing list and CONTRIBUTING.md in
the source tree.
Continuous integration:
- GitHub Actions:
- Coverity:
![[coverity]](https://img.shields.io/coverity/scan/13885.svg)
The following watchdog drivers are implemented (and are probed in this order):
- WDAT (ACPI) watchdog
- AMD FCH
- Intel i6300esb
- Intel Quark
- Siemens SIMATIC IPC4x7E
- Siemens SIMATIC BX-59A
- Intel TCO
- HPE ProLiant
Note that if no working watchdog is found, the boot process deliberately fails.
That said, setting a watchdog timeout of 0 allows to boot nonetheless without
a working watchdog, e.g., for testing purposes.
efibootguard reads its configuration from an environment storage. Currently,
the following environment backends are implemented:
- Dual FAT Partition storage
See Installation And Usage for further information.