From nobody Tue Aug 16 17:15:19 2022 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M6d834yqLz4Yw4p for ; Tue, 16 Aug 2022 17:15:31 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-vs1-xe36.google.com (mail-vs1-xe36.google.com [IPv6:2607:f8b0:4864:20::e36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M6d824Lh3z3nPC for ; Tue, 16 Aug 2022 17:15:30 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-vs1-xe36.google.com with SMTP id c3so10763177vsc.6 for ; Tue, 16 Aug 2022 10:15:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=EdnSJoiz73QOgfUpshAInckcxUq0DdAbXJSJu4WG+2k=; b=SX2FOqzVLrfG5Wpogwu6/FWcCJOKZSmdG/Ll7HBSZFCIYnhQ3eh4ksYScaK9+z1TqE SR3wgm26S205QgJDQy0S7wV1Qb+x5cdiLokddGowK3TnkbD1aW04e7LgqNVf7WzD3HT6 Ft5jniu8V4+1u4aehpMuNGqObUqB12wJmJFnJTFL2gdkNOGTXpfFGoS19KVFtWuOf4rQ 3txLbCWy4UPIsZfZrG7Ap6pwTj06EqtP/EpS3H+zk+GbP88YWR3h0t0sPDLSTgMGdO39 LtGhMilQ5QTxB26PpTPMyy1Hr3JZNNqhK+5uFP+7l+FUbzG1pe9TBQLPEoX7O1PpiHHc txrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=EdnSJoiz73QOgfUpshAInckcxUq0DdAbXJSJu4WG+2k=; b=F2G/IiuJpz+XOgdLJ5dFgxpHxAFCIBZqv+diBMFSQERu/CbZFkXsFgcf27+dE0P9rO MQ+ziN7d/G2gqyo0G3+tPg18NMkvTpK/kbKSX1NkiZmClCVeZ1IKh40GsJS+tjmk9bNF F10TQjDMPep01YbmXZkL47HQ7eYHZaGM2KBYSKsbo6BgbF9jOKBPT9PyPlNak+0lyiaO MJdtFkCM424ONb5v8DKN4n0lJqzpiCDZU7K7ZDcj2axtsI2k57aTGZQsODg5R6E2npdu CXytDahuQLHwrG3KQ+OjYF/iheOHgw7ClL7XBD+hZZik5S+tezcHqUbWhwWdcTZFcJBM pk5Q== X-Gm-Message-State: ACgBeo15dvLgumMas1XRlp3FTPyWcVpVITb+3joHBVL4g4sbebX6yBwa 5vTXQrsId5eZMCCmdck14Co2SBmlr92FqEpLr39YMV1MGk4= X-Google-Smtp-Source: AA6agR5vuMyQVdwlSb8yNl14VKxEDroHM92iOVVV3NlQi2sqnpy369387fkXMKs2N2ULmJmqofodPztRHCaFuir5G6M= X-Received: by 2002:a67:b208:0:b0:357:e999:441c with SMTP id b8-20020a67b208000000b00357e999441cmr8419430vsf.67.1660670129831; Tue, 16 Aug 2022 10:15:29 -0700 (PDT) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Warner Losh Date: Tue, 16 Aug 2022 11:15:19 -0600 Message-ID: Subject: Re: 24.3. Updating Bootcode To: Nuno Teixeira Cc: FreeBSD CURRENT Content-Type: multipart/alternative; boundary="0000000000002da73d05e65ee574" X-Rspamd-Queue-Id: 4M6d824Lh3z3nPC X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=bsdimp-com.20210112.gappssmtp.com header.s=20210112 header.b=SX2FOqzV; dmarc=none; spf=none (mx1.freebsd.org: domain of wlosh@bsdimp.com has no SPF policy when checking 2607:f8b0:4864:20::e36) smtp.mailfrom=wlosh@bsdimp.com X-Spamd-Result: default: False [-3.00 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-0.999]; FORGED_SENDER(0.30)[imp@bsdimp.com,wlosh@bsdimp.com]; R_DKIM_ALLOW(-0.20)[bsdimp-com.20210112.gappssmtp.com:s=20210112]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; ARC_NA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; R_SPF_NA(0.00)[no SPF record]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::e36:from]; DKIM_TRACE(0.00)[bsdimp-com.20210112.gappssmtp.com:+]; FROM_NEQ_ENVFROM(0.00)[imp@bsdimp.com,wlosh@bsdimp.com]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; DMARC_NA(0.00)[bsdimp.com]; TO_DN_ALL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-ThisMailContainsUnwantedMimeParts: N --0000000000002da73d05e65ee574 Content-Type: text/plain; charset="UTF-8" On Tue, Aug 16, 2022 at 3:49 AM Nuno Teixeira wrote: > Hello all, > > With so much discussion about updating boot, I feel confused about the > correct procedure of doing it. > > Like being said there are a "24.3. Updating Bootcode" in Handbook (WIP) > that points to some important manuals. > > There are 3 places where boot loader are: > > ESP (EFI System Partition): > 1 - (/boot/efi)/efi/boot/bootXXX.efi (default location) > Default for the boot loader, that is. By default we don't install here anymore (though as a workaround for broken BIOSes or those that don't properly save EFI env vars or that change help to be helpful, we'll park a copy here, this usually isn't updated). > 2 - (/boot/efi)/efi/freebsd/loader.efi (FreeBSD reserved area) > This is what the boot usually uses on working systems. > Operating System: > 3 - /boot/loader.efi > This is only used when chain loaded from a legacy system that installed boot1.efi, or in some cases from a 'special needs' system that loads it from gptboot.efi. > For what I've read we should: > - backup: `cp /boot/efi/efi/boot/bootXXX.efi > /boot/efi/efi/boot/bootXXX.efi.bkp` > I'd recommend bootXXX-old.efi (or bootXXX-bkp.efi) since you'll be able to run it from the EFI shell if you are lucky enough to have one. The shell won't run the .bkp file. > - update: `cp /boot/loader.efi /boot/efi/efi/boot/bootXXX.efi` > Yes and no. You should likely update both this one and the one in efi/freebsd as well since the latter is more typically used (though your system may be one of the sadly-too-sizable number of systems that ignore the env vars and use the default removable media file). > In this example we have a /boot/efi mount by the system, "/dev/XXXpN on > /boot/efi (msdosfs, local)". > Yes. > What about (/boot/efi)/efi/freebsd/loader.efi (reserved area)? Is > necessary to backup and update it too? > It's the primary thing that gets used most of the time. I'd certainly back it up and update it. Warner --0000000000002da73d05e65ee574 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Tue, Aug 16, 2022 at 3:49 AM Nuno = Teixeira <eduardo@freebsd.org= > wrote:
Hello all,

With so much discussi= on about updating boot, I feel confused about the correct procedure of doin= g it.

Like being said there are a "24.3. Upda= ting Bootcode" in Handbook (WIP) that points to some important manuals= .

There are 3 places where boot loader are:
=C2=A0ESP (EFI System Partition):
1 - (/boot/efi)/efi= /boot/bootXXX.efi (default location)

Default=C2=A0for the boot loader, that is. By default we don't in= stall here anymore (though as a workaround
for broken BIOSes or t= hose that don't properly save EFI env vars or that change help to be he= lpful,
we'll park a copy here, this usually isn't updated= ).
=C2=A0
=
2 - (/boot/efi)/efi/freebsd/loader.efi (FreeBSD reser= ved area)

This is what the boot= usually uses on working systems.
=C2=A0
Operating System:
3 - /boot/loader.efi

This is only used when chain loaded from a legacy system that installed b= oot1.efi, or in some cases
from a 'special needs' system = that loads it from gptboot.efi.
=C2=A0
For what I've read w= e should:
=C2=A0- backup: `cp /boot/efi/efi/boot/bootXXX.efi /boo= t/efi/efi/boot/bootXXX.efi.bkp`

I'd recommend bootXXX-old.efi (or bootXXX-bkp.efi) since you'll be= able to run it from the EFI shell
if you are lucky enough=C2=A0t= o have one. The shell won't run the .bkp file.
=C2=A0
=C2= =A0- update: `cp /boot/loader.efi /boot/efi/efi/boot/bootXXX.efi`

Yes and no. You should likely update bot= h this one and the one in efi/freebsd as well since the latter
is= more typically used (though your system may be one of the sadly-too-sizabl= e number of systems
that ignore the env vars and use the default = removable media file).
=C2=A0
In this example we have a /boot/e= fi mount by the system, "/dev/XXXpN on /boot/efi (msdosfs, local)"= ;.

Yes.
=C2=A0
<= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex">
What= about (/boot/efi)/efi/freebsd/loader.efi (reserved area)? Is necessary to = backup and update it too?

It= 9;s the primary thing that gets used most of the time. I'd certainly ba= ck it up and update it.

Warner=C2=A0
--0000000000002da73d05e65ee574--