[andyv]

UEFI is much like MS-DOS. It is capable of loading programs from the FAT filesystem into memory and running them. The entry point, EFIMain() is passed a couple of pointers that point to system tables that can be queried to find the address of various services. These include things like reading or writing from the system console, get the system memory map, reading/writing files or even things like reading and writing from network adapters. It's really pretty elaborate. An EFI program runs in 64-bit long mode, with paging set up as an identity map (logical address X maps to physical address X).

An EFI program can exit and return control to the EFI shell. A kernel, however, makes an EFI call to terminate EFI services. After that, it can only call a tiny set of certain EFI functions, but the kernel is considered to have control of the machine. At that point, it will relocate itself from where EFI loaded it to where it wants to live, initialize new page tables, switch to those table, and proceed with its regular initialization.

The Linux EFI stub is a bunch bytes at the start of the kernel image that make it a legal EFI program.