FS#34191 - [gummiboot] Avoiding unconditional execution of setup on install/upgrade
Attached to Project:
Arch Linux
Opened by Gerardo Exequiel Pozzi (djgera) - Thursday, 07 March 2013, 02:00 GMT
Last edited by Tobias Powalowski (tpowa) - Friday, 04 September 2015, 17:45 GMT
Opened by Gerardo Exequiel Pozzi (djgera) - Thursday, 07 March 2013, 02:00 GMT
Last edited by Tobias Powalowski (tpowa) - Friday, 04 September 2015, 17:45 GMT
|
Details
Description:
I think the step of installing gummiboot during package installation should not be done, leaving to the user such job manually, like with syslinux/grub. Maybe can be done, but should be conditionally, testing for presence of some file, like is done with syslinux, in our custom script. I guess that this can causes issues (since it sets efivars) when installing gummiboot on chroot, for other usages like preparing live-isos. Additional info: gummiboot-24-1 |
This task depends upon
The only possible negative side effect (that i'm aware of at least) of calling "gummiboot install" is that gummiboot will change the boot-order and insert itself with the highest priority (when using "update" instead it will use the lowest priority). If anyone can think of a use-case where this poses a problem so that it is not the correct default for package install, we should discuss how to work around it (but the change should be made upstream to the gummiboot installer, possibly as a new "package-install" verb).
The reason I hesitate to follow syslinux is that it would be nice if we were able to avoid having to require any user action to set up the boot loader: just mount the ESP at /mnt/boot before calling pacstrap, and everything will "just work". This still requires some work to get the kernels installed correctly, but that should happen soon.
https://bbs.archlinux.org/viewtopic.php?pid=1240322#p1240322
I imagine another scenario where EFI firmware implementation gets crazy because of touching efivars. For example, I heard about efibootmgr bricks some Macs, who knows, firmware level is an esoteric world :P
Log story short: I would classify gummiboot as pretty dangerous to use atm. Maybe call it with "--no-variables". Right now a lot of EFI implementations seem to be very buggy.
@Gerardo: Ok, after thinking about it I agree that we should not make gummiboot the default boot loader on install. I do think, however, that it would make sense to set up the EFI and set gummiboot as the lowest priority. I'll take that upstream.
To make an analogy with systemd a systemd service: After installing a daemon, it can be started manually, or pulled in as a dependency but manual action is needed to start it by default. Similarly, after installing gummiboot, it should be possible to start gummiboot from the boot menu manually, and if no other boot loader is installed gummiboot should be used. However, to be used by default the admin should take manual action.
For now (in testing), I simply disabled the "gummiboot install" action. We can revisit adding "gummiboot install-fallback" or something along those lines after it gets added upstream (assuming it does).
@Pierre: there are lots of issues with the kernels implementation of EFI variables in 3.8. If you are using 3.8.2, that explains the "No such file or directory", the mounting of efivarfs simply fails on that kernel. As to the hang, that is likely due to using gummiboot (/sys/firmware/efi/efivars) and efibootmgr (/sys/firmware/efi/vars) without rebooting inbetween. Yeah, this is retarded, but the kernel has these two ways of accessing the efi variables and does not keep them in sync (if I understand it correctly).
Not really much we can do about that though... Except maybe disabling /sys/firmware/efi/vars, but that would break efibootmgr unless that is updated to the new interface.
I did not know about the conflicting API in the kernel and that efibootmgr and gummiboot use different ones, but that makes things worse.
Here is the only thing that got logged: http://paste.xinu.at/RzveFF/ It printed way more on the console, but that was never written into the journal.
I guess the general Take-Home-Message here is to be careful if you deal with UEFI, not just gummiboot. So there is probably not much we can do at the packaging level.
`mkdir -p /boot/EFI/gummiboot`
cause it pollutes my /boot and i want only one copy of uefi bootloader at /boot/efi/boot/bootx64.efi (eg. i do it manually)
`/usr/bin/gummiboot update`
cause it pollutes efi variables (where possible) and in case of qemu+ovmf not even needed nor working (the variables are not stored or read, dunno). and according to man page, `gummiboot update` would overwrite /boot/efi/boot/bootx64.efi without questions and maybe i installed gummiboot just to read its man page.
Maybe that could give you a hint ?
Thanks