From owner-freebsd-arch@freebsd.org Wed Oct 18 14:42:39 2017 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74884E3AD51 for ; Wed, 18 Oct 2017 14:42:39 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from c.mail.sonic.net (c.mail.sonic.net [64.142.111.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6139780328 for ; Wed, 18 Oct 2017 14:42:39 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from zeppelin.tachypleus.net (75-101-50-44.static.sonic.net [75.101.50.44]) (authenticated bits=0) by c.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id v9IERqel028912 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for ; Wed, 18 Oct 2017 07:27:53 -0700 Subject: Re: boot1.efi future To: freebsd-arch@freebsd.org References: From: Nathan Whitehorn Message-ID: <20c83f27-42d3-fd4d-1e4f-adf1b74857ee@freebsd.org> Date: Wed, 18 Oct 2017 07:27:52 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Sonic-CAuth: UmFuZG9tSVYE62LvjPseNKHN61T4EF2EXccaXXpfvpZWSqNoQZND2I2YjMraKOaAhPJf56tM5SVCk+A3MFMdz1P+RGcMzUspxPqrNpAsX4k= X-Sonic-ID: C;dix+hhC05xGN2oKfRUfeDw== M;5JXnhhC05xGN2oKfRUfeDw== X-Spam-Flag: No X-Sonic-Spam-Details: 0.0/5.0 by cerberusd X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Oct 2017 14:42:39 -0000 On 10/17/17 16:18, Warner Losh wrote: > I'd like to remove boot1.efi. It's no longer relevant. It was a useful hack > to get us going, but now it's becoming more of a liability than a win. > > There's a lot of work that has been put into it so it can understand every > filesystem. However, in doing so boot1.efi has morphed into a loader.efi > without the scripting interpreter. Let's just kill boot1.efi and load the > full-featured loader directly. > > boot1.efi used to have a role to play. It was a tiny, rarely changing bit > of glue in the UEFI world. It is now none of those things. It has become > rather large and bloated, and there's work to make it even more so. > > My proposal is to fix the one bug in loader.efi that would preclude its use > as a primary boot loader (it sometimes guesses wrong for currdev and > loaddev). Once we've done that, we'll use it where we use boot1.efi today. > It would also simplify the load process and make it easier to implement the > full EFI Boot Manager protocol from the UEFI specifications. It should also > make secure boot easier to bring to market. > > This dovetails nicely into some of the other changes on-tap for FreeBSD 12. > efibootmgr is coming soon (I'm reviewing the code from a coworker now). > There's plans to move the FreeBSD boot loader to > \efi\FreeBSD\loader-$ARCH.efi when that goes in, since we'll be able to > point the LoadOptions to that. There's plans to make the installer create > the EFI partition rather than just dd the efifat file we're doing today. > Plus, there's work underway to move all the boot block installation stuff > to a new script (install-boot) as well as efforts to make images for any > bootable system (spin). > > There's lots of details to get right before we can make the final switch, > but I think it's in the interest of the project to do so. > > Comments? As the guy who wrote boot1.efi in the first place, I think this is a great idea. boot1.efi exists to make the boot flow on EFI more like non-EFI so that loader can live in /boot on filesystems (UFS, ZFS) that EFI doesn't understand, thus preventing the need for a bunch of special logic in make installworld. It has seriously outlived its usefulness. Thanks for doing this! -Nathan