From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HTML_MESSAGE,MAILING_LIST_MULTI,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 19718 invoked from network); 3 Jan 2024 05:11:06 -0000 Received: from minnie.tuhs.org (50.116.15.146) by inbox.vuxu.org with ESMTPUTF8; 3 Jan 2024 05:11:06 -0000 Received: from minnie.tuhs.org (localhost [IPv6:::1]) by minnie.tuhs.org (Postfix) with ESMTP id 0D41D43E76; Wed, 3 Jan 2024 15:11:01 +1000 (AEST) Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) by minnie.tuhs.org (Postfix) with ESMTPS id A1BB343E6C for ; Wed, 3 Jan 2024 15:10:53 +1000 (AEST) Received: by mail-ed1-x531.google.com with SMTP id 4fb4d7f45d1cf-55642663ac4so2188038a12.1 for ; Tue, 02 Jan 2024 21:10:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20230601.gappssmtp.com; s=20230601; t=1704258652; x=1704863452; darn=tuhs.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=DzkyxynbCygjD2DfVJh7w/lFlfHmIVHiZ3P3FEXMefw=; b=SchSA9C7TOOIGE6CmceW1wo9W/2fdi3ZbMLFVF60hlYG5DpowhwsRmUkOOY0kqe3pE 0eHzxF+ot9LMSs3enHDUEvYPIZvTZ5TEEmnI1MBXSWoaH+tXKJaFRov7fnsxpW4p6q7N n0O2gSA+SZSB43PLeHGEt2sZj5WHwaEsBT2P4g3MKnorTJZPVirb7p9G4wfVUhMtJ0kI 9xjzK7XJyXmr6tmX14hMyq2ay7o555P3GiyjeX4I4E9xKeKoUjqvKEeiWlcp5VAmYZlY r+5+SEPqVQil4CwLVxC33RiIVD0qWfFbVfZnrtr1WLvWfZ06BqePIGjWzaTucbM+9Nw4 9dhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704258652; x=1704863452; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=DzkyxynbCygjD2DfVJh7w/lFlfHmIVHiZ3P3FEXMefw=; b=FfR1fcDuhqISSMOHSpECB6AfqwbPcWyDfp+XK9NzxC4nJQ5eN3Yt0AlNhDaqjS0Pkg BL4fpwzYpRLKAZENCM6UvFVOfSJtvjymmCPpWWwFMoc8+1z1Bqhjb04isgYuH9JTthse 9SCNoRATzBwfIZ5OvLAGuNQ9akVOb0yXM9/I3xgTFbf41vPTTd+pbSQhSviB5lHmpVev vKrm/U7K66MvQe9IgF9MRve4eV5KIcAzZdxW4uqjDLUBorhuogWh5RP5ffVkl3WyeODu t78DcHXJZjmz6vbsKR3it9smsA6lVoLNNowDAX58wttJwCB9LeYovHQkyfJrAVztRHcZ rC2A== X-Gm-Message-State: AOJu0YwlMF7+cW5TYQvhtInxaYdRAPFeRXZjdfy74SH5lzIWKRvacado 72p6fEBaRVbQxGgZ1qz8T5lVHq2qN/AfEcZyNHr9R1i0MA5JOXTNozjTKRklfJzd/w== X-Google-Smtp-Source: AGHT+IEwuuOTqabHkNJMCwJUooMxkdnvkAdVssDksnR9YLYz0twlvCpav+1jKkb8lil41uXbW70r36N9PMgMkjTZmgI= X-Received: by 2002:a17:906:dfe6:b0:a0e:1f04:e659 with SMTP id lc6-20020a170906dfe600b00a0e1f04e659mr8158147ejc.9.1704258651840; Tue, 02 Jan 2024 21:10:51 -0800 (PST) MIME-Version: 1.0 References: <6470c59f-a1e5-418f-803d-76bcd761f530@tnetconsulting.net> <20231231224649.h45pogxycgkgs673@illithid> <20231231230615.GE19322@mcvoy.com> <20240103033345.GA108362@mit.edu> <20240103043036.GB108362@mit.edu> In-Reply-To: <20240103043036.GB108362@mit.edu> From: Warner Losh Date: Tue, 2 Jan 2024 22:10:40 -0700 Message-ID: To: "Theodore Ts'o" Content-Type: multipart/alternative; boundary="0000000000008c70bc060e03a308" Message-ID-Hash: LXPB734VDA4GDSY773Q4DMQNCYSCH3ZI X-Message-ID-Hash: LXPB734VDA4GDSY773Q4DMQNCYSCH3ZI X-MailFrom: wlosh@bsdimp.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: The Unix Heritage Society X-Mailman-Version: 3.3.6b1 Precedence: list Subject: [TUHS] Re: Question about BSD disklabel history List-Id: The Unix Heritage Society mailing list Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --0000000000008c70bc060e03a308 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Jan 2, 2024 at 9:30=E2=80=AFPM Theodore Ts'o wrote: > On Tue, Jan 02, 2024 at 08:57:34PM -0700, Warner Losh wrote: > > > > Indeed. I got to deal with all of that, and more. I have finished writi= ng > > LinuxBoot support for FreeBSD. The normal kexec-tools, u-root, etc aren= 't > > sufficient for FreeBSD because FreeBSD's kernel expects the boot loader > > to setup a number of meta-data items that go with the kernel that inclu= de > > all the information about the system that the kernel simply can't get > once > > you've entered long mode... > > > > Even with LinuxBoot, you are booting with UEFI, albeit with a much smal= l > > much smaller UEFI. > > Yeah, one of the older names of LinuxBoot was NERF (Non-Extensible > Reduced Firmware). I love the secondary meaning for nerf from gaming too: "to reconfigure (an existing character or weapon), making it less powerful.= " > I was confusing LinuxBoot with coreboot, which is > used on all ChromeOS devices after 2012, and which completely doesn't > use any magic binary blobs supplied by the mainbord vendor. The > tradeoff is that coreboot only supports a very restricted set of > hardware, since it has to do all of the things that are "normally" > done by the vendor's binary blobs to initialize the hardware devices, > etc. This only works if you have very tight control over hardware, > and you have enough influence that you can lean on the mainboard > vendors to allow the low-level programming details of their devices to > be released in open source code which that can be independently > verified and digitally signed by the OS vendor (such as Google in the > case of ChromeOS). > I think that some of the open laptops might have a binary blob or two buried deep in their coreboot implementation. But it is far more open system than EDK2 is... Most of the open parts of EDK2 are what are nerfed by LinuxBoot. The private hidden ones are all that remain, alas. So if you are large enough, you can get all the sources. If not, then you have to put up with the binary blob, or not run on some computers. :(. There's also a rewrite of coreboot in Rust called 'oreboot' which is coreboot without the 'C', since they want it to be even safer. Many hyper-scale cloud companies will tend to use coreboot or related > software instead of UEFI. A public/published example of this is > Facebook's Open Compute Project. > Yes. It was a concerted effort of all these stakeholders that got the Linux kernel so it could tolerate such an early handoff. > It *is* nice not to have to deal with UEFI at all, if you're lucky > enough to be able to use hardware where it's not necessary.... Of > course you won't be able to run Windows on those systems, but some > would consider that a feature. :-) > Yea... There's several experimental attempts at booting windows on at least the UEFI-remnant machines. And it's (a) too F'ing weird and (b) to far afield to get into here... https://www.osfc.io/2019/talks/booting-windows-on-linuxboot/ has all the horrors of one such attempt. I think this is the 'create an exec handler in Linux that can run .efi programs and emulate UEFI' version... Warner --0000000000008c70bc060e03a308 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


=
On Tue, Jan 2, 2024 at 9:30=E2=80=AFP= M Theodore Ts'o <tytso@mit.edu&= gt; wrote:
On Tu= e, Jan 02, 2024 at 08:57:34PM -0700, Warner Losh wrote:
>
> Indeed. I got to deal with all of that, and more. I have finished writ= ing
> LinuxBoot support for FreeBSD. The normal kexec-tools, u-root, etc are= n't
> sufficient for FreeBSD because FreeBSD's kernel expects the boot l= oader
> to setup a number of meta-data items that go with the kernel that incl= ude
> all the information about the system that the kernel simply can't = get once
> you've entered long mode...
>
> Even with LinuxBoot, you are booting with UEFI, albeit with a much sma= ll
> much smaller UEFI.

Yeah, one of the older names of LinuxBoot was NERF (Non-Extensible
Reduced Firmware).

I love the secondary mea= ning=C2=A0for nerf from gaming too:
"to reconfigure (an exis= ting character or weapon), making it less powerful."
=C2= =A0
I was confusing= LinuxBoot with coreboot, which is
used on all ChromeOS devices after 2012, and which completely doesn't use any magic binary blobs supplied by the mainbord vendor.=C2=A0 The
tradeoff is that coreboot only supports a very restricted set of
hardware, since it has to do all of the things that are "normally"= ;
done by the vendor's binary blobs to initialize the hardware devices, etc.=C2=A0 This only works if you have very tight control over hardware, and you have enough influence that you can lean on the mainboard
vendors to allow the low-level programming details of their devices to
be released in open source code which that can be independently
verified and digitally signed by the OS vendor (such as Google in the
case of ChromeOS).

I think that some of= the open laptops might have a binary blob or two
buried=C2=A0dee= p in their coreboot implementation. But it is far more open
syste= m than EDK2 is... Most of the open parts of EDK2 are what are nerfed
<= div>by LinuxBoot. The private hidden ones are all that remain, alas.
<= div>
So if you are large enough, you can get all the sources.= If not, then you
have to put up with the binary blob, or not run= on some computers. :(.=C2=A0

There's also a r= ewrite of coreboot in Rust called 'oreboot' which is coreboot
without the 'C', since they want it to be even safer.

Many hype= r-scale cloud companies will tend to use coreboot or related
software instead of UEFI.=C2=A0 A public/published example of this is
Facebook's Open Compute Project.

Ye= s. It was a concerted effort of all these stakeholders that got the
Linux kernel so it could tolerate such an early handoff.
=C2= =A0
It *is* nice not to have to deal with UEFI at all, if you're lucky
enough to be able to use hardware where it's not necessary....=C2=A0 Of=
course you won't be able to run Windows on those systems, but some
would consider that a feature.=C2=A0 :-)

Yea... There's several experimental attempts at booting windows on
at least the UEFI-remnant machines. And it's (a) too F'ing = weird and
(b) to far afield to get into here...=C2=A0
<= br>


=
Warner=C2=A0
--0000000000008c70bc060e03a308--