From owner-freebsd-current@freebsd.org Mon Mar 30 02:54:02 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9538126EC33 for ; Mon, 30 Mar 2020 02:54:02 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.pphosted.com", Issuer "Thawte RSA CA 2018" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48rH8n55YXz42GF for ; Mon, 30 Mar 2020 02:53:45 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 02U2r0NY016867; Sun, 29 Mar 2020 19:53:00 -0700 Received: from nam12-dm6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2168.outbound.protection.outlook.com [104.47.59.168]) by mx0a-00273201.pphosted.com with ESMTP id 3024hxj237-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 29 Mar 2020 19:53:00 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lBk0sVAigTt+gT33bL20w84ZWvqKlVMfBRTnOLz6r/UVOzLokWFVNhVTnVO+S5N42iZKwiQAkI2Ecj0s7HyBNiImdROvB727E+PiVn5Uj/am7pZg499gsKY4Ks+qjvG2gNwJOSZfkSVWCOScrgCKxFSrkBq/JjdNOgSzg1+xEJSEG4oTGQyyBUCvwPlq3KAxuAHj2quPIyadm41b9ocJJrsN2ORptkZU0yjjCwQ/94B/c1kLiTNkN4Rh4FRrbggsRP+7dJNjiDRRM+d7aW6n8NUYXLXuk4vnjnFQrch5iZ+BnsRavw1/7uW2WBxN+shRik2IoZFZr1gOxPQshS0h8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QlciV+0x0FZmCNlQ7d5xZa3wTWweOQBiYyO6zgbKw2w=; b=GCbRj0sbKj6DDvLVkYlCGtoD9lNHurjjnWb9o8cYoEfJYQ0HHKyjdLcomkpENGNRF//3ZpoytEM9Ik+9k8wYnoID5f86zOYsyBO4t9PLslVSbktEiQb865Q1JNxHUwE+Uaa2e9KLuSzgjrRPEVqnvP8X7OuEAfkig46Ssr6wb3HijWCLTElKkXVZPY6GJsd3A8cCJCrlUOLk02iWVf3my+H6PJg8uZT5h3PyjI25z5ncGMbFWecijtdH9yR74/Mw06XPe7I+1rOFYLOn/98OKMdV1lB+vnCd7pTWNjh8/KN7NhWX3/zylH2ZpeSZcLovWamcwbRHKrdNTTVw1yEcMg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip is 66.129.242.12) smtp.rcpttodomain=freebsd.org smtp.mailfrom=juniper.net; dmarc=fail (p=reject sp=reject pct=100) action=oreject header.from=juniper.net; dkim=none (message not signed); arc=none Received: from MWHPR03CA0004.namprd03.prod.outlook.com (2603:10b6:300:117::14) by BYAPR05MB4341.namprd05.prod.outlook.com (2603:10b6:a03::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2878.13; Mon, 30 Mar 2020 02:52:56 +0000 Received: from CO1NAM05FT053.eop-nam05.prod.protection.outlook.com (2603:10b6:300:117:cafe::9e) by MWHPR03CA0004.outlook.office365.com (2603:10b6:300:117::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2856.19 via Frontend Transport; Mon, 30 Mar 2020 02:52:56 +0000 Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.242.12 as permitted sender) Received: from P-EXFEND-EQX-01.jnpr.net (66.129.242.12) by CO1NAM05FT053.mail.protection.outlook.com (10.152.96.169) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2878.11 via Frontend Transport; Mon, 30 Mar 2020 02:52:55 +0000 Received: from P-EXBEND-EQX-01.jnpr.net (10.104.8.52) by P-EXFEND-EQX-01.jnpr.net (10.104.8.54) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 29 Mar 2020 19:52:39 -0700 Received: from P-EXBEND-EQX-01.jnpr.net (10.104.8.52) by P-EXBEND-EQX-01.jnpr.net (10.104.8.52) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 29 Mar 2020 19:52:38 -0700 Received: from p-mailhub01.juniper.net (10.104.20.6) by P-EXBEND-EQX-01.jnpr.net (10.104.8.52) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Sun, 29 Mar 2020 19:52:38 -0700 Received: from kaos.jnpr.net (kaos.jnpr.net [172.23.50.162]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id 02U2qatl011688; Sun, 29 Mar 2020 19:52:37 -0700 (envelope-from sjg@juniper.net) Received: by kaos.jnpr.net (Postfix, from userid 1377) id 9C2BA3D1F2; Sun, 29 Mar 2020 19:52:36 -0700 (PDT) Received: from kaos.jnpr.net (localhost [127.0.0.1]) by kaos.jnpr.net (Postfix) with ESMTP id 9AA213D1F1; Sun, 29 Mar 2020 19:52:36 -0700 (PDT) To: Rebecca Cran CC: , , , Subject: Re: When will the FreeBSD (u)EFI work? In-Reply-To: <40bacb99-d463-cbad-3ccf-b3ddd6856d10@bsdio.com> References: <318FDBAF-448F-4C55-A9A8-69D71A73E43B@me.com> <344e85545cfc47c9835fc5918e5b1dc1@udns.ultimatedns.net> <20200329211137.012a8fd62b58525b027bcfb6@dec.sakura.ne.jp> <40bacb99-d463-cbad-3ccf-b3ddd6856d10@bsdio.com> Comments: In-reply-to: Rebecca Cran message dated "Sun, 29 Mar 2020 17:18:04 -0600." From: "Simon J. Gerraty" X-Mailer: MH-E 8.6+git; nmh 1.7.1; GNU Emacs 26.3 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <81103.1585536756.1@kaos.jnpr.net> Date: Sun, 29 Mar 2020 19:52:36 -0700 Message-ID: <81961.1585536756@kaos.jnpr.net> X-EXCLAIMER-MD-CONFIG: e3cb0ff2-54e7-4646-8a04-0dae4ac7b136 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report: CIP:66.129.242.12; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:P-EXFEND-EQX-01.jnpr.net; PTR:InfoDomainNonexistent; CAT:NONE; SFTY:; SFS:(10019020)(4636009)(39860400002)(346002)(376002)(396003)(136003)(46966005)(82740400003)(7696005)(47076004)(81156014)(5660300002)(70206006)(6916009)(70586007)(4744005)(81166006)(8676002)(55016002)(8936002)(2906002)(86362001)(336012)(107886003)(4326008)(7126003)(186003)(26005)(26826003)(54906003)(478600001)(9686003)(316002)(356004)(6266002); DIR:OUT; SFP:1102; X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: de7e468d-9828-4e2c-29e3-08d7d45572a7 X-MS-TrafficTypeDiagnostic: BYAPR05MB4341: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6430; X-Forefront-PRVS: 0358535363 X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: yOHShKREUmiYOGvw3AuV2PG1XibwJuHzvM3NeYrgekJRdl79WSi5mtkNWXpLj73dYQ4EUFLDlEkgDaO/hhXRsYtQWrfSdrE08h8QKzu1Y1/4T2bySxYADuJyJfzLn9ReEfqk58JE1dQ9+myHrcRntovMiBAxYHoEWYhW1qS0VM33H7iVG0T6uvckRX8SJu60KR9xzOqyeFP5R/lckrnxsmnOlPg+wBo2CiLXnJcyA8QK87poKNp5tPvxvoECq44FqIL6BuPY4G1XATCZBUjpqUe4XuqAdrmAVC/pf8rsfXujjNINzm1NjzjoWJ0nRXDSCKe4z4/9Fi4EIDWyfbFDbdRf24Q/+QhizZL2Neato3+ChgLri86hXbDhALajWiR0rIXr0v6DDJq2+qfbBDz8sX1hesPg6MFKQbNcTZ1yEVxSKBCnw9tmj5wZ36tyMZRiJM+8gfKcK+EB6y1jAMf2VfXix6AmVyS+AzWGPjxRdcLtuvlAGPk6zkm7E9YwMzReUhSgruZVjHRbX8sDqCPHsQ== X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Mar 2020 02:52:55.6031 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: de7e468d-9828-4e2c-29e3-08d7d45572a7 X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.242.12]; Helo=[P-EXFEND-EQX-01.jnpr.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB4341 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.645 definitions=2020-03-29_10:2020-03-27, 2020-03-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 malwarescore=0 impostorscore=0 priorityscore=1501 adultscore=0 mlxlogscore=627 spamscore=0 clxscore=1011 suspectscore=0 lowpriorityscore=0 bulkscore=0 mlxscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2003300025 X-Rspamd-Queue-Id: 48rH8n55YXz42GF X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.78 / 15.00]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[juniper.net:s=PPS1017,juniper.net:s=selector1]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:208.84.65.16]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; IP_SCORE(-1.68)[ip: (-3.94), ipnet: 208.84.65.0/24(-1.97), asn: 26211(-2.43), country: US(-0.05)]; RCPT_COUNT_FIVE(0.00)[5]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[juniper.net:+]; DMARC_POLICY_ALLOW(-0.50)[juniper.net,reject]; RCVD_IN_DNSWL_LOW(-0.10)[16.65.84.208.list.dnswl.org : 127.0.3.1]; SUBJECT_ENDS_QUESTION(1.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:26211, ipnet:208.84.65.0/24, country:US]; ARC_ALLOW(-1.00)[i=1]; RCVD_COUNT_SEVEN(0.00)[11]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Mar 2020 02:54:03 -0000 Rebecca Cran wrote: > That's another thing: we should be installing loader.efi as > \efi\boot\bootx64.efi (as well as \boot\freebsd\loader.efi) since it's > entirely possible to lose the Boot Manager entry and end up with an > unbootable system as a result. Unfortunately people have had bad > experiences with other operating systems overwriting bootx64.efi and > don't believe we should do that. FWIW I use loader.efi from head, installed as /efi/boot/bootx64.efi and it works just fine, by simply defining PATH_BOOTABLE_TOKEN to something that marks our (junos) bootable filesystems, no other change is needed. >From secure boot point of view, that's perfect. bootx64.efi has to be signed specially for the BIOS, and it verifies everything else, so the same ESP content "just works" with stable/11,12,...