From 804d52374edcdff491ded1685fc0a6471c7a9086 Mon Sep 17 00:00:00 2001
From: Chris Irrgang <chris.irrgang@gmx.de>
Date: Fri, 31 Oct 2025 12:29:26 +0100
Subject: [PATCH] Switch to systemd-boot for raw-efi builds

Signed-off-by: Chris Irrgang <chris.irrgang@gmx.de>
---
 tools/mkimage-raw-efi/Dockerfile |  5 +--
 tools/mkimage-raw-efi/make-efi   | 52 +++++++++++++++++++-------------
 tools/systemd-boot/Dockerfile    | 26 ++++++++++++++++
 tools/systemd-boot/build.yml     |  5 +++
 4 files changed, 65 insertions(+), 23 deletions(-)
 create mode 100644 tools/systemd-boot/Dockerfile
 create mode 100644 tools/systemd-boot/build.yml

diff --git a/tools/mkimage-raw-efi/Dockerfile b/tools/mkimage-raw-efi/Dockerfile
index b91871e6d..50dd206ba 100644
--- a/tools/mkimage-raw-efi/Dockerfile
+++ b/tools/mkimage-raw-efi/Dockerfile
@@ -1,4 +1,4 @@
-FROM linuxkit/grub:4582464453cd3136c7e64d6ec747c4869d771af0 AS grub
+FROM linuxkit/systemd-boot:1e21eeea040fa7c55553e54d7d9f14d8ff75a24a AS systemd-boot
 
 FROM linuxkit/alpine:7f3944798557de5518a56e3437d7ed982701f224 AS mirror
 RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/
@@ -12,12 +12,13 @@ RUN apk add --no-cache --initdb -p /out \
   sfdisk \
   sgdisk \
   xfsprogs \
+  py3-pefile \
   && true
 RUN mv /out/etc/apk/repositories.upstream /out/etc/apk/repositories
 
 FROM scratch
 WORKDIR /
 COPY --from=mirror /out/ /
-COPY --from=grub /BOOT*.EFI /usr/local/share/
+COPY --from=systemd-boot . .
 COPY . .
 ENTRYPOINT [ "/make-efi" ]
diff --git a/tools/mkimage-raw-efi/make-efi b/tools/mkimage-raw-efi/make-efi
index 687875db0..4188a6508 100755
--- a/tools/mkimage-raw-efi/make-efi
+++ b/tools/mkimage-raw-efi/make-efi
@@ -14,14 +14,20 @@ ESP_FILE=$PWD/boot.img
 
 
 
-# get the GRUB2 boot file name
+# get the systemd boot file name
 ARCH=${TARGETARCH:-`uname -m`}
 case $ARCH in
 x86_64)
-  BOOTFILE=BOOTX64.EFI
+  BOOTFILE_SRC=/usr/lib/systemd/boot/efi/systemd-bootx64.efi
+  BOOTFILE_DST=BOOTX64.EFI
   ;;
 aarch64)
-  BOOTFILE=BOOTAA64.EFI
+  BOOTFILE_SRC=/usr/lib/systemd/boot/efi/systemd-bootaa64.efi
+  BOOTFILE_DST=BOOTAA64.EFI
+  ;;
+riscv64)
+  BOOTFILE_SRC=/usr/lib/systemd/boot/efi/systemd-bootriscv64.efi
+  BOOTFILE_DST=BOOTRISCV64.EFI
   ;;
 esac
 
@@ -39,22 +45,26 @@ INITRD="$(find . -name '*.img')"
 KERNEL="./kernel"
 CMDLINE_FILE="$(find . -name cmdline)"
 CMDLINE="$(cat $CMDLINE_FILE )"
+UKI_FILE="linuxkit.efi"
+
+# this is displayed as boot loader entry name
+OS_RELEASE="NAME=\"LinuxKit\""
 
 # PARTUUID for root
 PARTUUID=$(cat /proc/sys/kernel/random/uuid)
 
-cp /usr/local/share/$BOOTFILE .
+cp $BOOTFILE_SRC $BOOTFILE_DST
 
-mkdir -p EFI/BOOT
-cat >> EFI/BOOT/grub.cfg <<EOF
-set timeout=0
-set gfxpayload=text
-menuentry 'LinuxKit ISO Image' {
-	linux /kernel ${CMDLINE} text
-  initrd /initrd.img
-}
+cat >> loader/loader.conf <<EOF
+timeout 0
 EOF
 
+ukify build --linux=$KERNEL \
+            --initrd=$INITRD \
+            --cmdline="$CMDLINE text" \
+            --os-release=$OS_RELEASE \
+            --output=$UKI_FILE
+
 # FAT filesystem config
 FAT_SIZE=32
 SECTOR_SIZE=512
@@ -63,13 +73,12 @@ SECTORS_PER_CLUSTER=8
 RESERVED_SECTORS=32
 
 # calculate sizes
-KERNEL_FILE_SIZE=$(stat -c %s "$KERNEL")
-INITRD_FILE_SIZE=$(stat -c %s "$INITRD")
-EFI_FILE_SIZE=$(stat -c %s "$BOOTFILE")
-GRUB_FILE_SIZE=$(stat -c %s EFI/BOOT/grub.cfg)
+UKI_FILE_SIZE=$(stat -c %s "$UKI_FILE")
+EFI_FILE_SIZE=$(stat -c %s "$BOOTFILE_DST")
+SYSTEMD_BOOT_FILE_SIZE=$(stat -c %s loader/loader.conf)
 
 # this is the minimum size of our EFI System Partition
-ESP_DATA_SIZE=$(( $KERNEL_FILE_SIZE + $INITRD_FILE_SIZE + $EFI_FILE_SIZE + $GRUB_FILE_SIZE ))
+ESP_DATA_SIZE=$(( $UKI_FILE_SIZE + $EFI_FILE_SIZE + $SYSTEMD_BOOT_FILE_SIZE ))
 ESP_DATA_SECTORS=$(( $ESP_DATA_SIZE / $SECTOR_SIZE ))
 
 # File Allocation Table Sectors = (clusters + 2) * bytes per cluster / sector size
@@ -94,10 +103,11 @@ mkfs.vfat -v -F $FAT_SIZE -S $SECTOR_SIZE -s $SECTORS_PER_CLUSTER -R $RESERVED_S
 echo "mtools_skip_check=1" >> /etc/mtools.conf && \
 mmd -i $ESP_FILE ::/EFI
 mmd -i $ESP_FILE ::/EFI/BOOT
-mcopy -i $ESP_FILE $BOOTFILE ::/EFI/BOOT/
-mcopy -i $ESP_FILE EFI/BOOT/grub.cfg ::/EFI/BOOT/
-mcopy -i $ESP_FILE $KERNEL ::/
-mcopy -i $ESP_FILE $INITRD ::/
+mmd -i $ESP_FILE ::/EFI/Linux
+mmd -i $ESP_FILE ::/loader
+mcopy -i $ESP_FILE $BOOTFILE_DST ::/EFI/BOOT/
+mcopy -i $ESP_FILE $UKI_FILE ::/EFI/Linux/
+mcopy -i $ESP_FILE loader/loader.conf ::/loader
 
 
 # now make our actual filesystem image
diff --git a/tools/systemd-boot/Dockerfile b/tools/systemd-boot/Dockerfile
new file mode 100644
index 000000000..87fc0e229
--- /dev/null
+++ b/tools/systemd-boot/Dockerfile
@@ -0,0 +1,26 @@
+FROM --platform=linux/amd64 linuxkit/alpine:7f3944798557de5518a56e3437d7ed982701f224 AS alpine-amd64
+RUN apk add --no-cache systemd-boot systemd-efistub
+
+FROM --platform=linux/arm64 linuxkit/alpine:7f3944798557de5518a56e3437d7ed982701f224 AS alpine-arm64
+RUN apk add --no-cache systemd-boot systemd-efistub
+
+FROM --platform=linux/riscv64 linuxkit/alpine:7f3944798557de5518a56e3437d7ed982701f224 AS alpine-riscv64
+WORKDIR /work
+ADD https://github.com/systemd/systemd.git#v258.1 .
+RUN apk add --no-cache bash meson build-base coreutils gperf libcap-dev py3-jinja2 py3-elftools
+# patch for musl libc
+RUN find src/boot -type f -exec sed -i s/wchar_t/uint16_t/g {} \;
+RUN meson setup --reconfigure -Defi=true -Dbootloader=enabled builddir && meson compile -C builddir systemd-boot
+
+FROM scratch
+ENTRYPOINT []
+WORKDIR /
+COPY --from=alpine-amd64 /usr/lib/systemd/boot/efi/* /usr/lib/systemd/boot/efi/
+COPY --from=alpine-arm64 /usr/lib/systemd/boot/efi/* /usr/lib/systemd/boot/efi/
+
+COPY --from=alpine-riscv64 /work/builddir/src/boot/*.efi.stub /usr/lib/systemd/boot/efi/
+COPY --from=alpine-riscv64 /work/builddir/src/boot/*.elf.stub /usr/lib/systemd/boot/efi/
+COPY --from=alpine-riscv64 /work/builddir/src/boot/*.efi /usr/lib/systemd/boot/efi/
+
+# this is just a non-platform specific python file so we only need it once for all architectures
+COPY --from=alpine-riscv64 --chmod=755 /work/src/ukify/ukify.py /usr/sbin/ukify
diff --git a/tools/systemd-boot/build.yml b/tools/systemd-boot/build.yml
new file mode 100644
index 000000000..b3e5e13e1
--- /dev/null
+++ b/tools/systemd-boot/build.yml
@@ -0,0 +1,5 @@
+image: systemd-boot
+arches:
+  - arm64
+  - amd64
+  - riscv64