Ubuntu – How to produce an ISO image that boots only on UEFI

bootgrub2isouefi

I want to create an ISO image that boots ONLY on UEFI environments. I've managed to create images that boot on BIOS systems, but I can't figure out how to create an image that works only on UEFI.

I've read xorriso's manual, and fiddled a lot with its options, but had no luck.

I need that when such image gets flashed into a USB stick, it boots only on UEFI, and not in MBR-based BIOS.

Best Answer

A good guide is this Debian web page.

An image that boots only on UEFI can be created with xorriso like this:

xorriso -as mkisofs \
    -iso-level 3 \
    -r -V <ISO_LABEL> \
    -J -joliet-long \
    -append_partition 2 0xef <BOOT_IMG> \
    -partition_cyl_align all \
    -o <OUTPUT_IMAGE> \
    <ISO_DIRECTORY>

The UEFI_BOOT_IMAGE is an ESP ([U]EFI System Partition) image file. That means that it should be formatted as a FAT32 partition. You can generate it with:

BOOT_IMG_DATA=$(mktemp -d)
BOOT_IMG=$(mktemp -d)/efi.img

mkdir -p $(dirname $BOOT_IMG)

truncate -s 8M $BOOT_IMG
mkfs.vfat $BOOT_IMG
mount $BOOT_IMG $BOOT_IMG_DATA
mkdir -p $BOOT_IMG_DATA/efi/boot

grub-mkimage \
    -C xz \
    -O x86_64-efi \
    -p /boot/grub \
    -o $BOOT_IMG_DATA/efi/boot/bootx64.efi \
    boot linux search normal configfile \
    part_gpt btrfs ext2 fat iso9660 loopback \
    test keystatus gfxmenu regexp probe \
    efi_gop efi_uga all_video gfxterm font \
    echo read ls cat png jpeg halt reboot

umount $BOOT_IMG_DATA
rm -rf $BOOT_IMG_DATA

That will create the ESP image in $(mktemp -d)/efi.img, so you must replace the placeholder with the actual file path.


This answer was based on a coment by @ThomasSchmitt.