Re: 24.3. Updating Bootcode

From: Warner Losh <imp_at_bsdimp.com>
Date: Tue, 16 Aug 2022 17:18:52 UTC
On Tue, Aug 16, 2022 at 6:01 AM Nuno Teixeira <eduardo@freebsd.org> wrote:

> Hi Toomas,
>
> For better OS support, the UEFI specification (UEFI 2.8A Feb 14, page 499)
>> is suggesting to use structure like:
>>
>> <ESP>/efi/<OS>/…
>>
>> And to use this suggestion, it means the UEFI Boot Manager needs to be
>> configured (see efibootmgr(8)).
>>
>> Therefore, once you have set up OS specific setup, there is no use for
>> default (<ESP>/efi/boot/…) and you need to update one or another, but not
>> both.
>>
>
> FreeBSD have <ESP>/efi/freebsd/... but it's not configured in efibootmgr:
>

The current default installer will do this, but older upgraded systems
don't do this by default. Likely you are looking at an older
system and/or one of the 'bad actors' that reset this stuff between boots.


> efibootmgr -v:
> ---
> BootOrder  : 0004, 0000, 2002, 2003, 2001
> Boot0004* Windows Boot Manager
> HD(1,GPT,8c497825-1db2-41f8-8924-85dfd0bb7283,0x800,0x82000)/File(\EFI\Microsoft\Boot\bootmgfw.efi)
>                                    da0p1:/EFI/Microsoft/Boot/bootmgfw.efi
> (null)
> +Boot0000* EFI Hard Drive (SAMSUNG MZVLB1T0HBLR-000L2)
> PciRoot(0x0)/Pci(0x1d,0x0)/Pci(0x0,0x0)/NVMe(0x1,39-f9-b8-01-81-38-25-00)/HD(1,GPT,73acd1b2-de41-11eb-8156-002b67dfc673,0x28,0x82000)
>  Boot2002* EFI DVD/CDROM
>  Boot2003* EFI Network
>  Boot2001* EFI USB Device
> ---
> so boot is definitely using <ESP>/efi/boot/bootx64.efi @Boot0000
>

In your case, that's true. The "EFI Hard Drive" is a default entry the UEFI
BIOS created for you.


> I think I can create a new boot:
> ---
> efibootmgr -a -c -l /boot/efi/efi/freebsd/loader.efi -L FreeBSD-14
> (and make it active)
> efibootmgr -a -b NNNN
> ---
> and create other for loader.efi.old in case of problems.
>

Yes.


> In this case I will need only update <ESP>/efi/freebsd/loader.efi.
>
> Q: for what has been said in mailing, boot is compiled in /usr/src/stand,
> isn't a good idea that when it install new boot it backup old boot like
> /boot/kernel -> /boot/kernel.old?
>

Yes. In fact that's what's done, but only for the BIOS version. We should
do the same for efi but don't seem to do so currently. But that's likely
tied up behind issues of installing things automatically into the ESP on
'installworld'.

Warner