Warner Losh
2017-08-11 04:03:57 UTC
Greetings,
I've been circulating a document (the latest version you can find here
https://docs.google.com/document/d/1aK9IqF-60JPEbUeSAUAkYjF2W_8EnmczFs6RqCT90Jg/edit?usp=sharing
)
I'm opening it up for general comments now. I intend to turn this into a
full spec, including the bits in the UEFI standard that I reference by
pointer, and move to implementation soon once any issues are resolved.
Warner
FreeBSD UEFI boot protocol
This document outlines the enhancements to the UEFI Boot Manager Protocol,
as outlined in Version 2.6 of the UEFI spec, chapter 3. It assumes that you
are familiar with that chapter and though a comprehensive doc with our
additions folded into it would be good, it hasn’t been produced.
Current Algorithm
Boot1.efi currently searches for /boot/loader.efi using a fairly
complicated algorithm.
First, we look for any ZFS pool that has a /boot/loader.efi on it,
consistent with its boot environment settings. If we find that, we use it.
Second, we search all of the partitions on the device that we booted
boot1.efi off of for a UFS partition that has a /boot/loader.efi we can
load. If we find that, we use it.
Third, we search all other devices for a partition that is UFS formatted
and has a /boot/loader.efi we can load.
There’s some problems with this algorithm. It’s not possible to specify a
partition to boot from. We boot from the first /boot/loader.efi that’s
found, even if multiple partitions on a drive have one. Second, it’s very
non-deterministic. The second step was added to add some determinism to the
process so if you plugged in a FreeBSD 11.0R release USB stick and
rebooted, you would reboot to the installed system and not the USB
installer. It doesn’t use the ad-hoc method for identifying which FreeBSD
partition to boot off of that we use for BIOS boots since in the UEFI
runtime environment it’s tricky to get the attribute flags of a partition.
Finally, it doesn’t use the standard UEFI boot manager protocol.
Proposed Algorithm
First, the FreeBSD UEFI Boot Loader UUID shall be
cfee69ad-a0de-47a9-93a8-f63106f8ae99 (below as FreeBSD:). The UEFI defined
global variable UUID (EFI_GLOBAL_VARIABLE) is
8BE4DF61-93CA-11d2-AA-0D-00-E0-98-03-2B-8C (below as UEFI:)
Boot1.efi will find what to use with the following algorithm:
1.
If the UEFI boot manager passes an optional parameter to boot1.efi, then
parse it as if it were a EFI Device Path to find the next stage boot loader
to use. If we can use that boot loader, we’re done. Otherwise, ignore it.
2.
Get the value of UEFI:BootCurrent. This will be a 4 digit hex number
XXXX. If FreeBSD:BootLoaderXXXX exists, and specifies a file we can load,
use it. This is in the form of a EFI device path (binary). If it is a File
path that’s ZFS:yyyy, then boot from the Boot environment for ZFS pool
yyyy. If :yyyy is omitted, use the first ZFS pool you find.
3.
If a ZFS pool exists with a bootable environment, boot it.
4.
If a partition with a known filesystem exists on the same device as
boot1.efi was loaded from, and it contains /boot/loader.efi, use it.
5.
Set FreeBSD:BootFailedXXXX to the reason for the failure and return
Failure to UEFI (so UEFI goes to the next item in the list)
If FreeBSD:BootArgumentsXXXX exists, parse it like ASCII text and pass it
to the boot loader found in steps 1-4 above. Otherwise pass nothing.
If the FreeBSD:Update variable is set, the rc system will update the boot
order so that UEFI:BootCurrent is at the start of UEFI:BootOrder. This is
currently done in /etc/rc.d/gptupdate. I propose a /etc/rc.d/efiupdate to
do this, and to report all the BootFailedXXXX variables ala gptupdate.
Discussion of points raised on IRC:
FreeBSD currently implements a ‘boot once’ option that’s similar to
‘BootNext’ but happens only once. In UEFI, BootNext almost implements this.
The BIOS loads that option, then deletes the BootNext env variable. Unless
the OS does something the make it permanent, this is the same as FreeBSD’s
boot once (because the order then reverts to BootOrder). I think that
BootFailed needs to be implemented with the extra protocol outlined in step
5.
Open Issues:
Allan Jude has raised some issues about ZFS. ZFS has it’s own way to deal
with all this and he’s curious how this fits into that. EFI doesn’t know
about ZFS, so at most we can only define what happens when boot1.efi takes
over. In that case, I proposed to him that we do what we do now, and
selection of what ZFS thing can be done either as I proposed, or via the
zfsbootcfg process if nothing further than ZFS is specified (or
automatically selected).
How does loader.efi fit for people that load it directly?
Do we want to enable / disable the automatic looking for boot locations
separately from what to boot being explicitly specified or not? I’m leaning
against.
Can nextboot -k foo be implemented with this? My first notion is that it
would FreeBSD:KernelXXXX to specify the kernel and FreeBSD:NextKernelXXXX
which would load that kernel and then unset FreeBSD:NextKernelXXXX. Ditto
for FreeBSD:KernelFlagsXXXX and FreeBSD:NextKernelFlagsXXXX. nextboot(8)
would set all these. Maybe FreeBSD:LoaderXXXX and FreeBSD:NextLoaderXXXX
too...
I've been circulating a document (the latest version you can find here
https://docs.google.com/document/d/1aK9IqF-60JPEbUeSAUAkYjF2W_8EnmczFs6RqCT90Jg/edit?usp=sharing
)
I'm opening it up for general comments now. I intend to turn this into a
full spec, including the bits in the UEFI standard that I reference by
pointer, and move to implementation soon once any issues are resolved.
Warner
FreeBSD UEFI boot protocol
This document outlines the enhancements to the UEFI Boot Manager Protocol,
as outlined in Version 2.6 of the UEFI spec, chapter 3. It assumes that you
are familiar with that chapter and though a comprehensive doc with our
additions folded into it would be good, it hasn’t been produced.
Current Algorithm
Boot1.efi currently searches for /boot/loader.efi using a fairly
complicated algorithm.
First, we look for any ZFS pool that has a /boot/loader.efi on it,
consistent with its boot environment settings. If we find that, we use it.
Second, we search all of the partitions on the device that we booted
boot1.efi off of for a UFS partition that has a /boot/loader.efi we can
load. If we find that, we use it.
Third, we search all other devices for a partition that is UFS formatted
and has a /boot/loader.efi we can load.
There’s some problems with this algorithm. It’s not possible to specify a
partition to boot from. We boot from the first /boot/loader.efi that’s
found, even if multiple partitions on a drive have one. Second, it’s very
non-deterministic. The second step was added to add some determinism to the
process so if you plugged in a FreeBSD 11.0R release USB stick and
rebooted, you would reboot to the installed system and not the USB
installer. It doesn’t use the ad-hoc method for identifying which FreeBSD
partition to boot off of that we use for BIOS boots since in the UEFI
runtime environment it’s tricky to get the attribute flags of a partition.
Finally, it doesn’t use the standard UEFI boot manager protocol.
Proposed Algorithm
First, the FreeBSD UEFI Boot Loader UUID shall be
cfee69ad-a0de-47a9-93a8-f63106f8ae99 (below as FreeBSD:). The UEFI defined
global variable UUID (EFI_GLOBAL_VARIABLE) is
8BE4DF61-93CA-11d2-AA-0D-00-E0-98-03-2B-8C (below as UEFI:)
Boot1.efi will find what to use with the following algorithm:
1.
If the UEFI boot manager passes an optional parameter to boot1.efi, then
parse it as if it were a EFI Device Path to find the next stage boot loader
to use. If we can use that boot loader, we’re done. Otherwise, ignore it.
2.
Get the value of UEFI:BootCurrent. This will be a 4 digit hex number
XXXX. If FreeBSD:BootLoaderXXXX exists, and specifies a file we can load,
use it. This is in the form of a EFI device path (binary). If it is a File
path that’s ZFS:yyyy, then boot from the Boot environment for ZFS pool
yyyy. If :yyyy is omitted, use the first ZFS pool you find.
3.
If a ZFS pool exists with a bootable environment, boot it.
4.
If a partition with a known filesystem exists on the same device as
boot1.efi was loaded from, and it contains /boot/loader.efi, use it.
5.
Set FreeBSD:BootFailedXXXX to the reason for the failure and return
Failure to UEFI (so UEFI goes to the next item in the list)
If FreeBSD:BootArgumentsXXXX exists, parse it like ASCII text and pass it
to the boot loader found in steps 1-4 above. Otherwise pass nothing.
If the FreeBSD:Update variable is set, the rc system will update the boot
order so that UEFI:BootCurrent is at the start of UEFI:BootOrder. This is
currently done in /etc/rc.d/gptupdate. I propose a /etc/rc.d/efiupdate to
do this, and to report all the BootFailedXXXX variables ala gptupdate.
Discussion of points raised on IRC:
FreeBSD currently implements a ‘boot once’ option that’s similar to
‘BootNext’ but happens only once. In UEFI, BootNext almost implements this.
The BIOS loads that option, then deletes the BootNext env variable. Unless
the OS does something the make it permanent, this is the same as FreeBSD’s
boot once (because the order then reverts to BootOrder). I think that
BootFailed needs to be implemented with the extra protocol outlined in step
5.
Open Issues:
Allan Jude has raised some issues about ZFS. ZFS has it’s own way to deal
with all this and he’s curious how this fits into that. EFI doesn’t know
about ZFS, so at most we can only define what happens when boot1.efi takes
over. In that case, I proposed to him that we do what we do now, and
selection of what ZFS thing can be done either as I proposed, or via the
zfsbootcfg process if nothing further than ZFS is specified (or
automatically selected).
How does loader.efi fit for people that load it directly?
Do we want to enable / disable the automatic looking for boot locations
separately from what to boot being explicitly specified or not? I’m leaning
against.
Can nextboot -k foo be implemented with this? My first notion is that it
would FreeBSD:KernelXXXX to specify the kernel and FreeBSD:NextKernelXXXX
which would load that kernel and then unset FreeBSD:NextKernelXXXX. Ditto
for FreeBSD:KernelFlagsXXXX and FreeBSD:NextKernelFlagsXXXX. nextboot(8)
would set all these. Maybe FreeBSD:LoaderXXXX and FreeBSD:NextLoaderXXXX
too...