Date: Sun, 29 Mar 2020 20:44:29 -0700 From: "Simon J. Gerraty" <sjg@juniper.net> To: Warner Losh <imp@bsdimp.com> Cc: Rebecca Cran <rebecca@bsdio.com>, Nathan Whitehorn <nwhitehorn@freebsd.org>, Kyle Evans <kevans@freebsd.org>, Tomoaki AOKI <junchoon@dec.sakura.ne.jp>, FreeBSD Current <FreeBSD-current@freebsd.org>, Chris H <bsd-lists@bsdforge.com>, <sjg@juniper.net> Subject: Re: When will the FreeBSD (u)EFI work? Message-ID: <89419.1585539869@kaos.jnpr.net> In-Reply-To: <CANCZdfquXe_zb71kSJ6k8DtOn-UuJwJa803d9ZyGK-RZDpB8oA@mail.gmail.com> References: <18df34fe-6256-6e68-ead5-481e83a501fe@freebsd.org> <4C050E22-E571-47ED-87A1-FE1BAC69A073@bsdio.com> <CANCZdfquXe_zb71kSJ6k8DtOn-UuJwJa803d9ZyGK-RZDpB8oA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh <imp@bsdimp.com> wrote: > True, but as we move from boot1.efi to loader.efi, the need will > grow... Even if we keep boot1.efi, loader.efi will be needed for > interesting secure systems, so we can't cop-out like we have in the > past. Sigh, that would force me to have to add verification to boot1.efi ;-) Personally I'm quite happy with installing loader.efi as bootx64.efi to avoid that. I treat it as a separately published component, independent of the loaders used on non-uefi platforms. So the fact that I have to build it from head, matters little. The loader should be largely independent of the rest of the system, and was until lua came along. Eg we can successfully verify and load a stable/6 based system using loader built from stable/11. For at least some platforms we cannot use lua, as it takes up headroom we need for verifying modules.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?89419.1585539869>