From owner-freebsd-arch@freebsd.org Tue Mar 26 02:08:15 2019 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5E3E81557FED for ; Tue, 26 Mar 2019 02:08:15 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 9B3E36C37B for ; Tue, 26 Mar 2019 02:08:14 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mailman.ysv.freebsd.org (Postfix) id 5F1A51557FE3; Tue, 26 Mar 2019 02:08:14 +0000 (UTC) Delivered-To: arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3AEDC1557FE2 for ; Tue, 26 Mar 2019 02:08:14 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-qt1-x844.google.com (mail-qt1-x844.google.com [IPv6:2607:f8b0:4864:20::844]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CC31B6C379 for ; Tue, 26 Mar 2019 02:08:13 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-qt1-x844.google.com with SMTP id v32so12811869qtc.10 for ; Mon, 25 Mar 2019 19:08:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZnlBkrnu7i/35TUdewrxFDbP3xlajBNaP8swvQIpO0E=; b=qYcig7+12MxIMCGSYnRiYVW0vQyikfIZNGzzDKGxzn99WunkxIZvTSpQbczq/GcwyH K0eHIIVmWAtsRrWTIb+1v+wxzgoTg/b3/WuPlTmc05bffLdbseguAUM8Wbkq57BzlCRP Of8MQamvQ8Lb2VvnGO2tKtlAaScXFjdWG4l8/E/fnBTZifzDjbdUkVZR3k4PbonIQY8Z EvIwpnva4eUFN4uDA+3pns4qYQw8M1l97kdM2mcj3jEI5DTCDMrXRqLOlAf9y5louoiF Mn4CqkuTOY3uzFItmKztSrO9V0ofEkQqAQv47gtq1i3moH+9axBjqLqqRBZPUb43/MYz 4/5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZnlBkrnu7i/35TUdewrxFDbP3xlajBNaP8swvQIpO0E=; b=fcE4PNdTI+UPlL46jEztPoj+k9W2fL9uuCdcfjgbuUgUo6V+MbIP9uTm7aZkN9DU0r FQj3Ch3gxrRxRM3e23BpXzDdpSCajGJ8WmD3WY6O7gybrQN0FVe178z7xX9K7YKeHwXP tLp1NI/YnelcxeOE4z3APz72X2O3TjaxgfdTaX5YUsRO6OcR9ytN1DMggHe6ahHgRxrF n98+GTe5WkLur5E7WUMSGwDSF1kuSrFCu3xn5Hn9kYiHBqFblEDWF6jzEpB/pq7PdGcs NwcfY9ABbvzgleZYCX+uemTO7RiJO0Pu2liDPPkgIfsVrue6BwH4oj/8z81Bg8eaeebV KmBA== X-Gm-Message-State: APjAAAV++WtB5aQavbaDru+/xd2jW+aP/1tEoypBtp6IAuuoFInvtRX8 APbZuQcQBHafW3vip1jofA/xLmaw2Tl/iIQio2hflQ== X-Google-Smtp-Source: APXvYqyVEaSk++sDoCSkhPCKOxxRrOp+SCmm8Kv1ru3m3j14kJQesDmrzkFHL4JK+HlyRB0od1mFH07SKZHRN76nUU8= X-Received: by 2002:ac8:28d0:: with SMTP id j16mr23881750qtj.15.1553566093181; Mon, 25 Mar 2019 19:08:13 -0700 (PDT) MIME-Version: 1.0 References: <20190324090103.GO1923@kib.kiev.ua> <201903250926.x2P9QgYK078736@gndrsh.dnsmgr.net> <2c1aef87-5408-7736-9039-7fc6a1214102@FreeBSD.org> In-Reply-To: From: Warner Losh Date: Mon, 25 Mar 2019 20:08:01 -0600 Message-ID: Subject: Re: Adding a new efi-update-loader script: need help understanding Makefile.inc1 for "make installworld" To: Rebecca Cran Cc: John Baldwin , Konstantin Belousov , "freebsd-arch@freebsd.org" , "Rodney W. Grimes" , FreeBSD Hackers X-Rspamd-Queue-Id: CC31B6C379 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.96 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.96)[-0.963,0]; REPLY(-4.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Mar 2019 02:08:15 -0000 On Mon, Mar 25, 2019, 6:40 PM Rebecca Cran wrote: > On 3/25/19 2:41 PM, Warner Losh wrote: > > > > > Let's step back and do a complete design doc. I've started writing one up > > and will post it when I'm done. > > > It's probably worth at least taking a look at what Linux has done to > support UEFI, Secure Boot, and its Default Boot Behavior > (https://blog.uncooperative.org/blog/2014/02/06/the-efi-system-partition/) > > to see if there's anything we can learn, or leverage. Also, the shim > (https://github.com/rhboot/shim) is BSD licensed, so we could use it if > we wanted. > We started moving away from boot1.efi because it was duplicating all the features of loader.efi, but without the interactive features. Different filesystems, crypto, boot order details, etc. It was a pita to maintain two similar things with different enough details :( this starts to move back to that, and I'm not sure that is a good idea. It seemed like the right choice, but maybe we could consider taking another look at that... when it first arrived, boot1.efi could easily fit the install once and forget forever. As the features grew, that assumption changed. This is why I'm putting together a design doc. There is no easy button here. I thought it was no brainer yes to drop it and just use loader.efi, but as things get more complicated I've become less sure... Warner > -- > > Rebecca Cran > >