When will the FreeBSD (u)EFI work?

Warner Losh imp at bsdimp.com
Mon Mar 30 06:02:31 UTC 2020

On Sun, Mar 29, 2020 at 9:44 PM Simon J. Gerraty <sjg at juniper.net> wrote:

> Warner Losh <imp at bsdimp.com> wrote:
> > True, but as we move from boot1.efi to loader.efi, the need will
> > grow...  Even if we keep boot1.efi, loader.efi will be needed for
> > interesting secure systems, so we can't cop-out like we have in the
> > past.
> Sigh, that would force me to have to add verification to boot1.efi ;-)
> Personally I'm quite happy with installing loader.efi as bootx64.efi
> to avoid that.

Yea. That's why we really want to move in this direction....

> I treat it as a separately published component, independent of the
> loaders used on non-uefi platforms.  So the fact that I have to build it
> from head, matters little.
> The loader should be largely independent of the rest of the system, and
> was until lua came along.  Eg we can successfully verify and load a
> stable/6 based system using loader built from stable/11.
> For at least some platforms we cannot use lua, as it takes up headroom
> we need for verifying modules.

I think the Forth loader can still load old kernel binaries, at least back
to the ELF cut-over, though the Forth words have changed a bit over time,
so there may be some issues there...


More information about the freebsd-current mailing list