From owner-freebsd-hackers@freebsd.org Mon Mar 25 00:55:49 2019 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9B08B154B473; Mon, 25 Mar 2019 00:55:49 +0000 (UTC) (envelope-from rebecca@bluestop.org) Received: from muon.bluestop.org (muon.bluestop.org [65.103.231.193]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3807370264; Mon, 25 Mar 2019 00:55:49 +0000 (UTC) (envelope-from rebecca@bluestop.org) Received: from muon.bluestop.org (localhost [127.0.0.1]) by muon.bluestop.org (Postfix) with ESMTP id 15CAFC0AB1; Sun, 24 Mar 2019 18:56:52 -0600 (MDT) Received: from muon.bluestop.org ([127.0.0.1]) by muon.bluestop.org (muon.bluestop.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 6kJd_QahdH8S; Sun, 24 Mar 2019 18:56:51 -0600 (MDT) Received: from photon.int.bluestop.org (unknown [65.103.231.197]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by muon.bluestop.org (Postfix) with ESMTPSA; Sun, 24 Mar 2019 18:56:51 -0600 (MDT) Subject: Re: Adding a new efi-update-loader script: need help understanding Makefile.inc1 for "make installworld" To: Konstantin Belousov Cc: FreeBSD Hackers , arch@freebsd.org References: <642fed43-0535-9ae3-6f01-a943650cd511@bluestop.org> <20190324090103.GO1923@kib.kiev.ua> <20190325000241.GS1923@kib.kiev.ua> From: Rebecca Cran Message-ID: <6badde15-d8f4-c4ea-2061-0d3c80c6e82a@bluestop.org> Date: Sun, 24 Mar 2019 18:55:47 -0600 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3 MIME-Version: 1.0 In-Reply-To: <20190325000241.GS1923@kib.kiev.ua> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-Rspamd-Queue-Id: 3807370264 X-Spamd-Bar: ------ X-Spamd-Result: default: False [-6.98 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.984,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Mar 2019 00:55:49 -0000 On 3/24/19 6:02 PM, Konstantin Belousov wrote: > > Having efi_update_loader alone would be fine, but I doubt that this > script can do much except in situations where a lot of pre-assumptions > are true. I believe that despite all the efforts put into efibootmgr > and installer, it is hard/impossible to make the script not dangerous, > except if the whole configuration was created by our installer. It currently does nothing except if there is one or more partitions of type 'efi' that contain a \efi\boot\boot${arch}.efi or \efi\freebsd\loader.efi that contain strings from the FreeBSD boot1.efi or loader.efi. Perhaps that's too much guessing, and we should only ever update /boot/msdos or /boot/efi or wherever we decide to mount it. -- Rebecca Cran