From nobody Tue Aug 16 11:10:15 2022 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M6T2k05lxz4YnNV for ; Tue, 16 Aug 2022 11:10:22 +0000 (UTC) (envelope-from tsoome@me.com) Received: from pv50p00im-ztbu10021601.me.com (pv50p00im-ztbu10021601.me.com [17.58.6.57]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4M6T2j1VvMz45BV for ; Tue, 16 Aug 2022 11:10:21 +0000 (UTC) (envelope-from tsoome@me.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=me.com; s=1a1hai; t=1660648219; bh=DAp+LtXepJVNt5H3QiGqjUdpoGZm/RgVVOAKH9bsTyQ=; h=Content-Type:Mime-Version:Subject:From:Date:Message-Id:To; b=RsgUgZyVuFpcWOKiSeyV8vInaUl9b2kA1CQF/cMwTvoO4cvjSvpZlzRd4SWVIO98m cZm57XCRFnp+h0AgoDi3/s4leHAl07JaS1YTKW8eSpgKDwzd2xW5Qx4q+8UlIiFgrc HUmgnKYukvgmU+2vf33oRy3tTpGBY//TDvx+kpIOm/ZPVVbeX3QvKKJWFxhdh0g49v WBgMsEtxInJwFgS/QnCIHgluzTD9JoQjgPbOXoOnzIwPLFtCKh3N/TTdzE1tYp8tLZ CbudTuibniwyudkGrr6qR/JljfMQPWGCgYNM7HetJ5TiIYMyhaTqvKTL+ryQLX3TCN FoEDNz4Gb6JBg== Received: from smtpclient.apple (pv50p00im-dlb-asmtp-mailmevip.me.com [17.56.9.10]) by pv50p00im-ztbu10021601.me.com (Postfix) with ESMTPSA id 52FC1804FA; Tue, 16 Aug 2022 11:10:18 +0000 (UTC) Content-Type: text/plain; charset=utf-8 List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\)) Subject: Re: 24.3. Updating Bootcode From: Toomas Soome In-Reply-To: Date: Tue, 16 Aug 2022 14:10:15 +0300 Cc: FreeBSD CURRENT Content-Transfer-Encoding: quoted-printable Message-Id: <62B26DE1-0E26-40BA-8647-E591E9ACEB7A@me.com> References: To: Nuno Teixeira X-Mailer: Apple Mail (2.3696.120.41.1.1) X-Proofpoint-ORIG-GUID: KNOySkxaJhx1RJOJDDa2mHq2Yf8-kZdj X-Proofpoint-GUID: KNOySkxaJhx1RJOJDDa2mHq2Yf8-kZdj X-Proofpoint-Virus-Version: =?UTF-8?Q?vendor=3Dfsecure_engine=3D1.1.170-22c6f66c430a71ce266a39bfe25bc?= =?UTF-8?Q?2903e8d5c8f:6.0.138,18.0.572,17.11.64.514.0000000_definitions?= =?UTF-8?Q?=3D2020-02-14=5F11:2020-02-14=5F02,2020-02-14=5F11,2022-02-23?= =?UTF-8?Q?=5F01_signatures=3D0?= X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 spamscore=0 bulkscore=0 mlxscore=0 phishscore=0 suspectscore=0 malwarescore=0 adultscore=0 clxscore=1011 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2206140000 definitions=main-2208160042 X-Rspamd-Queue-Id: 4M6T2j1VvMz45BV X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=me.com header.s=1a1hai header.b=RsgUgZyV; dmarc=pass (policy=quarantine) header.from=me.com; spf=pass (mx1.freebsd.org: domain of tsoome@me.com designates 17.58.6.57 as permitted sender) smtp.mailfrom=tsoome@me.com X-Spamd-Result: default: False [-3.60 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[me.com,quarantine]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip4:17.58.0.0/16]; R_DKIM_ALLOW(-0.20)[me.com:s=1a1hai]; RCVD_IN_DNSWL_LOW(-0.10)[17.58.6.57:from]; MIME_GOOD(-0.10)[text/plain]; FREEFALL_USER(0.00)[tsoome]; FROM_HAS_DN(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[17.58.6.57:from]; ARC_NA(0.00)[]; ASN(0.00)[asn:714, ipnet:17.58.0.0/20, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DKIM_TRACE(0.00)[me.com:+]; TO_DN_ALL(0.00)[]; FREEMAIL_FROM(0.00)[me.com]; DWL_DNSWL_NONE(0.00)[me.com:dkim]; RCPT_COUNT_TWO(0.00)[2]; MIME_TRACE(0.00)[0:+]; FROM_EQ_ENVFROM(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FREEMAIL_ENVFROM(0.00)[me.com]; RCVD_TLS_ALL(0.00)[] X-ThisMailContainsUnwantedMimeParts: N > On 16. Aug 2022, at 12:49, Nuno Teixeira wrote: >=20 > Hello all, >=20 > With so much discussion about updating boot, I feel confused about the = correct procedure of doing it. >=20 > Like being said there are a "24.3. Updating Bootcode" in Handbook = (WIP) that points to some important manuals. >=20 > There are 3 places where boot loader are: >=20 > ESP (EFI System Partition): > 1 - (/boot/efi)/efi/boot/bootXXX.efi (default location) > 2 - (/boot/efi)/efi/freebsd/loader.efi (FreeBSD reserved area) > Operating System: > 3 - /boot/loader.efi >=20 > For what I've read we should: > - backup: `cp /boot/efi/efi/boot/bootXXX.efi = /boot/efi/efi/boot/bootXXX.efi.bkp` > - update: `cp /boot/loader.efi /boot/efi/efi/boot/bootXXX.efi` >=20 > In this example we have a /boot/efi mount by the system, "/dev/XXXpN = on /boot/efi (msdosfs, local)". >=20 > What about (/boot/efi)/efi/freebsd/loader.efi (reserved area)? Is = necessary to backup and update it too? >=20 Hi! I guess we need to expain a bit. EFI System Partition (ESP from now on, = for mountpoint), can store both EFI boot programs and EFI = applications (diagnostics, firmware update etc). This is the reason, the = ESP size is not specified in UEFI specification. EFI Boot program may be stored on default path = /efi/boot/bootx64.efi (amd64), /efi/boot/bootia32.efi (i386 = 32-bit), /efi/boot/bootaarch64.efi for AARCH64 etc. It is default = for case there is no UEFI Boot Manager set up for this media (like = installation media on usb stick or cdrom, but also most systems support = it with hdd). Default path obviously does not cope with multi boot setups. For better OS support, the UEFI specification (UEFI 2.8A Feb 14, page = 499) is suggesting to use structure like: /efi//=E2=80=A6 And to use this suggestion, it means the UEFI Boot Manager needs to be = configured (see efibootmgr(8)). Therefore, once you have set up OS specific setup, there is no use for = default (/efi/boot/=E2=80=A6) and you need to update one or = another, but not both. hope this helps, toomas