back | parent

HOWTO Emulate an EFI Shell in Qemu

If you're reading this, then you may want to read my tutorial on qemu first.

EFI and UEFI are firmware systems that manage, basically, the motherboard and expansion boards and physical devices right after you power on a computer but before the OS has loaded. In fact, it is the EFI that locates the OS to boot. Not all computers use EFI, of course; historically most computers used BIOS, and still others used Open Firmware.

At an old entry-level tech job I had, I was in an EFI shell daily, mostly to update ROM images or set boot parameters (if I recall correctly). There's not much that normal users can do in EFI; it's not an OS, it's an environment, and a platform upon which motherboard manufacturers can build up an interface so users can go in, BIOS-style, and set things like the system clock, or the boot order of devices, and so on. But it's still kind of fun to get into an EFI shell and poke around.

EFI itself was developed by Intel and what designed to be extensible but not necessarily Open. TianoCore is an Open Source version of EFI that acts and feels pretty much exactly like Intel's EFI, at least so far as I can tell.

To boot into an EFI shell in qemu, download the appropriate architecture of the OVMF package from sourceforge.net/apps/mediawiki/tianocore/index.php?title=OVMF

Unzip the downloaded file and copy OVMF.FD to bios.bin and CirrusLogic5446.rom to vgabios-cirrus.bin and place them in a folder. Let's call the folder EFI.

$ mkdir efi
$ mv OVMF.FD ./efi/bios.bin
$ mv Cirrus*rom ./efi/vgabios-cirrus.bin

And now launch qemu with a few new flags:

$ qemu-system-x86_64 -L ./efi -bios ./efi/bios.bin -m 1024 -cpu qemu64

Here's what we just did:

I have read, although not experienced, that newer versions of qemu might have issues with kvm, so you can use the -no-kvm flag to solve that if your virtual machine will not boot to the EFI shell.

Launch that and in no time you'll be sitting at an EFI prompt with no idea of what to do next.

Well, first of all, you can type ? to get a list of commands, but they'll fly by.

You could also download download.intel.com/support/motherboards/server/sb/efi_whitepaper.pdf and read up on EFI for some idea of how to navigate and what commands are available.

Here is an example, however, just to get you started.

A Simple EFI Example

So now let's make a drive and make it available to our virtual EFI environment.

First, on your Linux machine (ie, not the EFI virtual machine), create a file system somewhere. I just grab a thumbdrive and dd it into a file:

dd if=/dev/sdf of=efi.img bs=24M

That assumes, of course, that your thumbdrive is located at /dev/sdf. You would want to execute dmesg | tail to find out for sure where your system assigned your thumbdrive.

EFI only understands FAT16 or FAT32 so make sure the thumbdrive you copy (or the drive image you yourself create) is formatted as either of those. I like using a thumbdrive that I already have, because then actual files exist on the drive, which is a lot more interesting to look at in EFI.

Now launch qemu again, this time pointing to your file as the drive you want it to see:

qemu-system-x86_64 -L ./efi -bios ./efi/bios.bin -m 1024 -cpu qemu64 -drive file=./efi.img,if=ide

Meaning:

Launch qemu again, and at the EFI prompt, you can change directory into the drive:

> blk0:
blk0:\>

Notice that your prompt now changes to blk0:, indicating that you have changed location into the first block device.

You can get a listing of this new location with dir or ls.

blk0:\> dir
Directory of: blk0:\
05/06/13   11:23a   7,782   test.file
12/01/12   09:09a   34,786   book.xml

2 File(s) 42,568 bytes
0 Dir(s)

blk0:\>

And so on and so on. It's a shell; you get the idea.

So, try it out, and get a glimpse of how EFI works!