I have written my own UEFI Driver using EDK2 from tianocore. I want it to be run each time an OS loads. Do I need to modify the bootmgfw.efi? How to pass control to my BootCheck.efi and only after it executes load Windows?

One more question, how can I add a flag, which I can use in my driver? I need it to be set to 0 at first launch, and then 1 in subsequent boots.

I would appreciate a step by step guide or any useful information, thank you.

@Edit: If that's possible, I would prefer it to be installed using pendrive or disk.

1 Answer

UEFI Driver Writer's Guide states the following 3 methods to install UEFI drivers:

1. Integrated into the platform firmware FLASH image.

One would have to work with the platform manufacturer to do so. Platform manufacturers are usually your hardware OEMs (e.g. HP, Gigabyte, etc). During manufacturing, the OEM would package all UEFI drivers they want to install into a firmware image and flash it (i.e. save it into the flash chip on the motherboard). They would eventually close the chipset's manufacturing mode, thus preventing any 3rd party modifications to it. To update the firmware, one would need to create an update capsule and sign it with the OEM's private key. Some OEMs made the mistake of not closing the manufacturing mode, so one (including bootkits/rootkits) could leverage this to install their own UEFI drivers into the firmware. However that is a very complex task and most OEMs have corrected this issue, so it is not worthwhile to go down this path.

However doing so is much easier on a VMware image, so you can follow this guide if you're interested to try things out.

2. PCI Option ROM on a PCI add-in card.

I suppose you're not developing a PCI hardware device, so this option is also not applicable to you. Honestly I also have no idea how this works in detail.

3. A file in an EFI System Partition.

As mentioned in the Driver Writer's Guide, one needs to save the driver bin on an EFI System Partition and then update the Driver#### and DriverOrder UEFI variables.

To access the EFI System Partition in Windows, run cmd as admin and enter mountvol X: /S, replace X with whichever drive letter is unused on your computer. Note that access still requires admin privilege and you won't be able to see the mounted drive in Explorer. See edit history for a longer method using diskpart.

Now to update the Driver#### and DriverOrder UEFI variables, you can write either a UEFI application, or a Win32 application. Section '3.1.1 Boot Manager Programming' of the UEFI Specification Version 2.8 provides some background on how these variables are processed and section '3.1.3 Load Options' details the data structure and constants involved. For UEFI application, use SetVariable() (section '8.2 Variable Services' of the spec). For Win32, use SetFirmwareEnvironmentVariableA or SetFirmwareEnvironmentVariableExA.

For a Win32 sample, you can take a look at the dumpEfiVars project. It only reads the variables and doesn't write to them, but the code can be easily adapted to perform writing. You can also use the tool to dump the Boot#### and BootOrder variables of a test computer to get a sense of what Driver#### and DriverOrder should look like. Most computers would not have any 3rd party UEFI drivers installed on an EFI System Partition, so their Driver#### and DriverOrder variables would be empty.

P.S. This question feels more appropriate in stackoverflow rather than superuser. Also your question on a flag for your driver deserves a separate post.