From owner-freebsd-hackers@freebsd.org  Tue Mar 26 02:08:14 2019
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 386BB1557FE0
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Tue, 26 Mar 2019 02:08:14 +0000 (UTC)
 (envelope-from wlosh@bsdimp.com)
Received: from mail-qt1-x841.google.com (mail-qt1-x841.google.com
 [IPv6:2607:f8b0:4864:20::841])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id CAA8E6C377
 for <freebsd-hackers@freebsd.org>; Tue, 26 Mar 2019 02:08:13 +0000 (UTC)
 (envelope-from wlosh@bsdimp.com)
Received: by mail-qt1-x841.google.com with SMTP id k2so12879217qtm.1
 for <freebsd-hackers@freebsd.org>; Mon, 25 Mar 2019 19:08:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=bsdimp-com.20150623.gappssmtp.com; s=20150623;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=ZnlBkrnu7i/35TUdewrxFDbP3xlajBNaP8swvQIpO0E=;
 b=qYcig7+12MxIMCGSYnRiYVW0vQyikfIZNGzzDKGxzn99WunkxIZvTSpQbczq/GcwyH
 K0eHIIVmWAtsRrWTIb+1v+wxzgoTg/b3/WuPlTmc05bffLdbseguAUM8Wbkq57BzlCRP
 Of8MQamvQ8Lb2VvnGO2tKtlAaScXFjdWG4l8/E/fnBTZifzDjbdUkVZR3k4PbonIQY8Z
 EvIwpnva4eUFN4uDA+3pns4qYQw8M1l97kdM2mcj3jEI5DTCDMrXRqLOlAf9y5louoiF
 Mn4CqkuTOY3uzFItmKztSrO9V0ofEkQqAQv47gtq1i3moH+9axBjqLqqRBZPUb43/MYz
 4/5A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=ZnlBkrnu7i/35TUdewrxFDbP3xlajBNaP8swvQIpO0E=;
 b=Xq/pUTH/gXoGXM6NrSxnfmXmzp1MfwT3LBTiNQhOrqz2vRBKXg7dRGZ5bXMTTkzq/6
 4BY1dMdVNU/TxtEpVCuBNz69SajWZxTQ2XtE84JQuXh7Xye5H2Y+wMp0jskCViVCmryz
 KOgYcYEUT8b7uQDJMV+cgkRqFJAYfaCf5PcDwpuAFOfe+yzxVn99rVlNg1m6q0Ptqlvj
 Y+rrotGtQXa781AHCzgEbI8w54v7/CMnSk3+DvURHR8mirgBtE4A2hzaTNyjJzifImjK
 rcRdIwTm8B3V+EUA6XrKXY6qAgPPSbWWoaWNeMehV/429o4VF0wDOEx2utRmG6FR1xjo
 O6XA==
X-Gm-Message-State: APjAAAXXyUHkO8wyIdFQ1+rq0Tw+rnAT5/Q2iv35TL25sJjphhinM57p
 SXKp5PYGoivIiW5yXP9py7+oHqpsdk189JWj19A/nA==
X-Google-Smtp-Source: APXvYqyVEaSk++sDoCSkhPCKOxxRrOp+SCmm8Kv1ru3m3j14kJQesDmrzkFHL4JK+HlyRB0od1mFH07SKZHRN76nUU8=
X-Received: by 2002:ac8:28d0:: with SMTP id j16mr23881750qtj.15.1553566093181; 
 Mon, 25 Mar 2019 19:08:13 -0700 (PDT)
MIME-Version: 1.0
References: <20190324090103.GO1923@kib.kiev.ua>
 <201903250926.x2P9QgYK078736@gndrsh.dnsmgr.net>
 <CANCZdfqpyf+PNMjQG2KQLY_a2a8_2Syu0_kTanc4ARmB97JTMg@mail.gmail.com>
 <2c1aef87-5408-7736-9039-7fc6a1214102@FreeBSD.org>
 <CANCZdfrcO2vgD=t76kmgZW0w9At41wg9iyJyEma1THTaH+kD1g@mail.gmail.com>
 <ffdde530-b6e7-c455-2b60-9f490eac8cf3@FreeBSD.org>
 <CANCZdfpAhOLJZTsLZcM330GSkA460u3MCgWb5GwEfvX5cVSzAg@mail.gmail.com>
 <af6a6173-80fe-2adb-1c4b-fe7209d9fa13@bluestop.org>
In-Reply-To: <af6a6173-80fe-2adb-1c4b-fe7209d9fa13@bluestop.org>
From: Warner Losh <imp@bsdimp.com>
Date: Mon, 25 Mar 2019 20:08:01 -0600
Message-ID: <CANCZdfqYPT595Goo2QVZw-7-OcytgCfu5GbbYtaLFi5X8Erk4A@mail.gmail.com>
Subject: Re: Adding a new efi-update-loader script: need help understanding
 Makefile.inc1 for "make installworld"
To: Rebecca Cran <rebecca@bluestop.org>
Cc: John Baldwin <jhb@freebsd.org>, Konstantin Belousov <kostikbel@gmail.com>, 
 "freebsd-arch@freebsd.org" <arch@freebsd.org>,
 "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>, 
 FreeBSD Hackers <freebsd-hackers@freebsd.org>
X-Rspamd-Queue-Id: CAA8E6C377
X-Spamd-Bar: ------
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-6.96 / 15.00];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.96)[-0.963,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[]
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Mar 2019 02:08:14 -0000

On Mon, Mar 25, 2019, 6:40 PM Rebecca Cran <rebecca@bluestop.org> wrote:

> On 3/25/19 2:41 PM, Warner Losh wrote:
>
> >
> > Let's step back and do a complete design doc. I've started writing one up
> > and will post it when I'm done.
>
>
> It's probably worth at least taking a look at what Linux has done to
> support UEFI, Secure Boot, and its Default Boot Behavior
> (https://blog.uncooperative.org/blog/2014/02/06/the-efi-system-partition/)
>
> to see if there's anything we can learn, or leverage. Also, the shim
> (https://github.com/rhboot/shim) is BSD licensed, so we could use it if
> we wanted.
>


We started moving away from boot1.efi because it was duplicating all the
features of loader.efi, but without the interactive features.  Different
filesystems, crypto, boot order details, etc. It was a pita to maintain two
similar things with different enough details :(

this starts to move back to that, and I'm not sure that is a good idea.  It
seemed like the right choice, but maybe we could consider taking another
look at that... when it first arrived, boot1.efi could easily fit the
install once and forget forever. As the features grew, that assumption
changed.

This is why I'm putting together a design doc. There is no easy button
here. I thought it was no brainer yes to drop it and just use loader.efi,
but as things get more complicated I've become less sure...

Warner


> --
>
> Rebecca Cran
>
>