Skip to content

puzzleos/stubby

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

94 Commits

.github/workflows

.github/workflows

 
 

doc

doc

 
 

test

test

 
 

tools

tools

 
 

.gitignore

.gitignore

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE.txt

LICENSE.txt

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

SECURITY.md

SECURITY.md

 
 

disk.c

disk.c

 
 

disk.h

disk.h

 
 

kcmdline.c

kcmdline.c

 
 

kcmdline.h

kcmdline.h

 
 

linux.c

linux.c

 
 

linux.h

linux.h

 
 

linux_efilib.c

linux_efilib.c

 
 

linux_efilib.h

linux_efilib.h

 
 

make.conf

make.conf

 
 

pe.c

pe.c

 
 

pe.h

pe.h

 
 

sbat.csv

sbat.csv

 
 

stra.c

stra.c

 
 

stra.h

stra.h

 
 

stub.c

stub.c

 
 

stubby-smash.1.sh

stubby-smash.1.sh

 
 

stubby-smash.2.sh

stubby-smash.2.sh

 
 

stubby_efi.h

stubby_efi.h

 
 

test-cmdline.c

test-cmdline.c

 
 

test-get-cmdline.c

test-get-cmdline.c

 
 

util.c

util.c

 
 

util.h

util.h

 
 

Repository files navigation

The Stubby UEFI Bootloader

The stubby bootloader is a simple UEFI stub that can be combined with a Linux Kernel, initrd, and kernel command line to create a single UEFI application that can be booted directly from UEFI or from the UEFI shim bootloader when running on a UEFI Secure Boot system.

The initial version of stubby was extracted from systemd under the LGPL v2.1+ license. The systemd source repository can be found at URL below.

Stubby Releases and Code Branches

The "main" branch is for stubby development and there are no guarantees regarding interface and/or application stability. The "stable-X" branches provide a interface stability promise within the branch; release tags will be created within the stable branches for users that wish to target a specific release.

The "stable-1" branch and all v1.y.z tags are for EFI binaries without a SBAT section.

The "stable-2" branch and all v2.y.z tags are for EFI binaries with a SBAT section.

Building and Using Stubby

As stubby is intentionally a small and simple tool it has a very limited number of dependencies. Beyond a functional compiler and make tool, you will need the gnu-efi tools/libraries installed on your build system; thankfully most Linux distributions package the gnu-efi project, but if you need to install it you can find it at the URL below.

If all of the dependencies are installed, you should be able to build stubby simply by running make. The build process can be configured via the "make.conf" file.

% make
cc -Wall ... -c -o util.o util.c
cc -Wall ... -c -o disk.o disk.c
cc -Wall ... -c -o pe.o pe.c
cc -Wall ... -c -o linux.o linux.c
cc -Wall ... -c -o stub.o stub.c
ld ... -o stubby.so -lefi -lgnuefi
objcopy -j .text -j .sdata -j .data -j .dynamic \
        -j .dynsym  -j .rel -j .rela -j .reloc \
        --target=efi-app-x86_64 stubby.so stubby.efi
% ls -l stubby.efi
-rwxr-xr-x 1 user users 56K Oct 30 13:48 stubby.efi*

Once you have successfully built stubby.efi you can combine it with your Linux Kernel, initrd, and command line using the included script as shown below:

% ./stubby-smash.2.sh  -h
usage: stubby-smash.2.sh -o <output>
         -k <kernel> -i <initrd> -c <cmdline> -s <SBAT>

  Combine the <kernel>, <initrd>, <cmdline>, and <SBAT> files
  into a single bootable EFI app in <output>.

The resulting output artifact is suitable for booting directly from UEFI and can optionally be signed using sbsign or pesign for use on a UEFI Secure Boot system.

Bug and Vulnerability Reporting

Problems with the project can be reported using the GitHub issue tracking system. Those who wish to privately report potential vulnerabilities should follow the directions in the SECURITY file.

About

UEFI bootloader stub

Topics

uefi bootloader secureboot

Resources

Readme

License

LGPL-2.1 license

Security policy

Security policy
Activity
Custom properties

Stars

11 stars

Watchers

6 watching

Forks

8 forks
Report repository

Releases 3

model-marmot Latest
Mar 18, 2024
+ 2 releases

Contributors 5

Languages