Date: Sun, 29 Mar 2020 20:02:36 -0700 From: "Simon J. Gerraty" <sjg@juniper.net> To: Nathan Whitehorn <nwhitehorn@freebsd.org> Cc: Kyle Evans <kevans@freebsd.org>, Rebecca Cran <rebecca@bsdio.com>, Tomoaki AOKI <junchoon@dec.sakura.ne.jp>, FreeBSD Current <freebsd-current@freebsd.org>, <bsd-lists@bsdforge.com>, <sjg@juniper.net> Subject: Re: When will the FreeBSD (u)EFI work? Message-ID: <16728.1585537356@kaos.jnpr.net> In-Reply-To: <675a41c7-46c1-f548-b285-e5ede55db76a@freebsd.org> References: <318FDBAF-448F-4C55-A9A8-69D71A73E43B@me.com> <344e85545cfc47c9835fc5918e5b1dc1@udns.ultimatedns.net> <20200329211137.012a8fd62b58525b027bcfb6@dec.sakura.ne.jp> <40bacb99-d463-cbad-3ccf-b3ddd6856d10@bsdio.com> <CACNAnaF-5ZD-9Cu%2BBrNtWE-LCZsbhzoW=CwcLVZ-JGMM1QdVkQ@mail.gmail.com> <675a41c7-46c1-f548-b285-e5ede55db76a@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Nathan Whitehorn <nwhitehorn@freebsd.org> wrote: > It's basically this that has been the problem: we need a way to manage > updates of the EFI loader in this situation, which we don't currently > have. The ESP needs to be mounted at a standard point, > installworld/freebsd-update/etc. need to know to replace files there, we > need to fall back cleanly on older systems, etc. The original (failed -- Actually if you are doing secure boot, the *last* thing you want is to update /efi/boot with an unsigned update. So I would think it should be done as a unique operation - do you don't do it accidentally. At least that's how I'm handling it for embedded devices.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?16728.1585537356>