FreeBSD UEFI status update

FreeBSD’s quarterly status update is out.

There’s two entries on UEFI, excerpted below:

EFI Refactoring and GELI Support: The EFI bootloader has undergone considerable refactoring to make more use of the EFI API. The filesystem code in boot1 has been eliminated, and a single codebase for filesystems now serves both boot1 and loader. This codebase is organized around the EFI driver model and it should be possible to export any filesystem implementation as a standalone EFI driver without too much effort. Both boot1 and loader have been refactored to utilize the EFI_SIMPLE_FILE_SYSTEM interface. In the loader, this is accomplished with a dummy filesystem driver that is just a translation layer between the loader filesystem interface and EFI_SIMPLE_FILE_SYSTEM. A reverse translation layer allows the existing filesystem drivers to function as EFI drivers. The EFI refactoring by itself exists in a branch on github. Additionally, GELI support has been added using the EFI refactoring. This allows booting from a GELI-encrypted filesystem. Note that the EFI system partition, which contains boot1, must be a plaintext msdosfs partition. This patch adds an intake buffer to the crypto framework, which allows injection of keys directly into a loaded kernel, without the need to pass them through arguments or environment variables. This patch only uses the intake buffer for EFI GELI support, as legacy BIOS GELI support still uses environment variables. EFI GELI support depends on the efize branch. These patches have been tested and used and should be able to handle use by early adopters. Note that the LOADER_PATH variable has been changed to /boot/loader.tst, to facilitate safe testing.

loader.efi has been updated to use an event timer to implement its internal time function. This is needed, as many UEFI implementations do not handle the GetTime runtime service method. This means that loader.efi will now correctly count down before automatically booting.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s