On Sun, Mar 29, 2020 at 9:44 PM Simon J. Gerraty <sjg_at_juniper.net> wrote: > Warner Losh <imp_at_bsdimp.com> wrote: > > True, but as we move from boot1.efi to loader.efi, the need will > > grow... Even if we keep boot1.efi, loader.efi will be needed for > > interesting secure systems, so we can't cop-out like we have in the > > past. > > Sigh, that would force me to have to add verification to boot1.efi ;-) > > Personally I'm quite happy with installing loader.efi as bootx64.efi > to avoid that. > Yea. That's why we really want to move in this direction.... > I treat it as a separately published component, independent of the > loaders used on non-uefi platforms. So the fact that I have to build it > from head, matters little. > > The loader should be largely independent of the rest of the system, and > was until lua came along. Eg we can successfully verify and load a > stable/6 based system using loader built from stable/11. > For at least some platforms we cannot use lua, as it takes up headroom > we need for verifying modules. > I think the Forth loader can still load old kernel binaries, at least back to the ELF cut-over, though the Forth words have changed a bit over time, so there may be some issues there... WarnerReceived on Mon Mar 30 2020 - 04:02:31 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:23 UTC