Re: The future of legacy BIOS support in Fedora.

2020-07-13 Thread John M. Harris Jr
On Monday, July 13, 2020 7:52:51 AM MST Przemek Klosowski via devel wrote: > On 7/10/20 5:22 PM, John M. Harris Jr wrote: > >> Android, actually, is trying to get it right by a) being a platform so > >> that common security updates are available from the platform owner, and > >> can be applied to

Re: The future of legacy BIOS support in Fedora.

2020-07-13 Thread Przemek Klosowski via devel
On 7/10/20 5:22 PM, John M. Harris Jr wrote: Android, actually, is trying to get it right by a) being a platform so that common security updates are available from the platform owner, and can be applied to everyone's system and b) having a secure remote update method. The problem with

Re: The future of legacy BIOS support in Fedora.

2020-07-11 Thread Solomon Peachy
On Sun, Jul 12, 2020 at 03:35:05AM +1000, Philip Rhoades wrote: > > Marginal costs are still costs. They add up _very_ quickly. > > > > If they can save $0.01 by eliminating a physical button, over a > > million-unit production run that's a cool $1 million of potantial > > profit. > Really?

Re: The future of legacy BIOS support in Fedora.

2020-07-11 Thread Philip Rhoades
Solomon, On 2020-07-11 21:41, Solomon Peachy wrote: On Sat, Jul 11, 2020 at 10:03:47AM +0200, Nicolas Mailhot via devel wrote: The marginal cost of a button is completely marginal, on devices that already include other buttons, on a assembly line that already builds a ton of such things.

Re: The future of legacy BIOS support in Fedora.

2020-07-11 Thread Solomon Peachy
On Sat, Jul 11, 2020 at 10:03:47AM +0200, Nicolas Mailhot via devel wrote: > The marginal cost of a button is completely marginal, on devices that > already include other buttons, on a assembly line that already builds a > ton of such things. Marginal costs are still costs. They add up _very_

Re: The future of legacy BIOS support in Fedora.

2020-07-11 Thread Nico Kadel-Garcia
On Tue, Jul 7, 2020 at 6:17 AM Gerd Hoffmann wrote: > > On Mon, Jul 06, 2020 at 01:26:31PM -0700, John M. Harris Jr wrote: > > I guess that shows how unfamiliar I am with UEFI boot Fedora. You would > > encrypt /boot to ensure that your boot images have not been tampered with, > > Well, if that

Re: The future of legacy BIOS support in Fedora.

2020-07-11 Thread Nicolas Mailhot via devel
Le vendredi 10 juillet 2020 à 08:55 -0400, Przemek Klosowski a écrit : > > The marginal cost of a digital key has got to be smaller than the > marginal cost of the button The marginal cost of a button is completely marginal, on devices that already include other buttons, on a assembly line that

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread John M. Harris Jr
On Friday, July 10, 2020 5:05:51 AM MST Nicolas Mailhot via devel wrote: > Le vendredi 10 juillet 2020 à 07:51 -0400, Solomon Peachy a écrit : > > > On Fri, Jul 10, 2020 at 01:37:14PM +0200, Nicolas Mailhot via devel > > wrote: > > > > > If you remove end users from the loop there is zero zip

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread John M. Harris Jr
On Friday, July 10, 2020 4:12:42 AM MST Przemek Klosowski via devel wrote: > On 7/10/20 5:06 AM, Nicolas Mailhot wrote: > > > The problem IOT side is not the security of the > > software update chain. The problem is that manufacturers skimp on > > software updates in the first place > > > Yes,

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Przemek Klosowski via devel
On 7/10/20 8:25 AM, Nicolas Mailhot wrote: Le vendredi 10 juillet 2020 à 08:00 -0400, Przemek Klosowski a écrit : Not quite---as I said in next sentence that you didn't include in your quote, secure boot also tries to prevent unauthorized modifications, That does not work either, because if

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Nicolas Mailhot via devel
Le vendredi 10 juillet 2020 à 08:00 -0400, Przemek Klosowski a écrit : > > > Not quite---as I said in next sentence that you didn't include in > your quote, secure boot also tries to prevent unauthorized > modifications, That does not work either, because if your system is remotely exploitable,

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Nicolas Mailhot via devel
Le vendredi 10 juillet 2020 à 07:51 -0400, Solomon Peachy a écrit : > On Fri, Jul 10, 2020 at 01:37:14PM +0200, Nicolas Mailhot via devel > wrote: > > If you remove end users from the loop there is zero zip nada need > > for > > secure boot in the first place. The sole function of secure boot > >

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Przemek Klosowski via devel
On 7/10/20 7:37 AM, Nicolas Mailhot wrote: Le vendredi 10 juillet 2020 à 07:12 -0400, Przemek Klosowski via devel a écrit : My point is that however the updates are being produced, they need a secure remote update method. It's not realistic to expect end users to be in the loop If you remove

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Solomon Peachy
On Fri, Jul 10, 2020 at 01:37:14PM +0200, Nicolas Mailhot via devel wrote: > If you remove end users from the loop there is zero zip nada need for > secure boot in the first place. The sole function of secure boot and > DRPM is to prevent end users, present in the update loop, from doing > things

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Solomon Peachy
On Fri, Jul 10, 2020 at 07:18:06AM -0400, Neal Gompa wrote: > I don't know this for sure, but from what I've heard, that last point > (user management of keys) is no longer a requirement, as is being able > to disable Secure Boot. Some of my friends have reported getting > laptops from some big

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Dominik 'Rathann' Mierzejewski
Hello, Faye. On Saturday, 04 July 2020 at 00:42, Faye C. wrote: [...] > Because of the way Windows 10 is, UEFI is the only thing that is > accepted (no Legacy Boot). If I try any other OS on UEFI my laptop > can't find the disc image. It somehow seems to be designed only for > Windows 10. Legacy

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Nicolas Mailhot via devel
Le vendredi 10 juillet 2020 à 07:12 -0400, Przemek Klosowski via devel a écrit : > > My point is that however the updates are being produced, they need a > secure remote update method. It's not realistic to expect end users > to be in the loop If you remove end users from the loop there is zero

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Neal Gompa
On Thu, Jul 9, 2020 at 5:20 PM Chris Adams wrote: > > Once upon a time, nick...@gmail.com said: > > To be honest, I don't know. Do all UEFI secure boot implementations > > allow you to add your own keys to the list of trusted keys? > > I believe that the Microsoft OEM Windows x86_64 distribution

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Przemek Klosowski via devel
On 7/10/20 5:06 AM, Nicolas Mailhot wrote: The problem IOT side is not the security of the software update chain. The problem is that manufacturers skimp on software updates in the first place Yes, that's the situation right now: everyone has a custom firmware tied to a short product

Re: The future of legacy BIOS support in Fedora.

2020-07-10 Thread Nicolas Mailhot via devel
Le jeudi 09 juillet 2020 à 23:58 -0400, Przemek Klosowski via devel a écrit : > > While it's true that a completely secure software chain doesn't > really exist yet, we are slowly going in that direction, because it > is just inconceivable otherwise in the world with billions of > autonomous IOT

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread Przemek Klosowski via devel
On 7/9/20 10:46 AM, John M. Harris Jr wrote: "Secure Boot" doesn't make root non-uid 0, and can't keep root from controlling system devices, even uploading unsigned firmware to peripherals. While it's true that a completely secure software chain doesn't really exist yet, we are slowly going

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread Chris Adams
Once upon a time, nick...@gmail.com said: > To be honest, I don't know. Do all UEFI secure boot implementations > allow you to add your own keys to the list of trusted keys? I believe that the Microsoft OEM Windows x86_64 distribution requirements require UEFI, with Scure Boot enabled, and with

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread stan via devel
On Thu, 09 Jul 2020 23:10:46 +0300 nick...@gmail.com wrote: > On Thu, 2020-07-09 at 11:17 -0700, stan via devel wrote: > > That is, isn't this only an issue if the person doing the kernel > > development hasn't generated their own key, and isn't signing their > > kernels locally? > > To be

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread Simo Sorce
On Thu, 2020-07-09 at 23:10 +0300, nick...@gmail.com wrote: > On Thu, 2020-07-09 at 11:17 -0700, stan via devel wrote: > > On Thu, 09 Jul 2020 18:07:39 +0300 > > nick...@gmail.com wrote: > > > > > Yes, that's why "secure boot" should only be an option and the user > > > must have the option to

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread nickysn
On Thu, 2020-07-09 at 11:17 -0700, stan via devel wrote: > On Thu, 09 Jul 2020 18:07:39 +0300 > nick...@gmail.com wrote: > > > Yes, that's why "secure boot" should only be an option and the user > > must have the option to turn it off. Otherwise, it wouldn't be > > possible to do any kernel

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread stan via devel
On Thu, 09 Jul 2020 18:07:39 +0300 nick...@gmail.com wrote: > Yes, that's why "secure boot" should only be an option and the user > must have the option to turn it off. Otherwise, it wouldn't be > possible to do any kernel development on that computer. For my edification. I build custom

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread nickysn
On Thu, 2020-07-09 at 07:46 -0700, John M. Harris Jr wrote: > On Thursday, July 9, 2020 3:38:54 AM MST Richard Hughes wrote: > > On Wed, 8 Jul 2020 at 22:19, John M. Harris Jr < > > joh...@splentity.com> > > wrote: > > > This is not something that's beneficial here, it's only > > > harming our

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread nickysn
On Thu, 2020-07-09 at 07:38 -0700, John M. Harris Jr wrote: > On Thursday, July 9, 2020 12:26:27 AM MST Daniel P. Berrangé wrote: > > On Wed, Jul 08, 2020 at 02:17:53PM -0700, John M. Harris Jr wrote: > > > > > On Wednesday, July 8, 2020 10:04:01 AM MST Richard Hughes wrote: > > > > > > > On

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread John M. Harris Jr
On Thursday, July 9, 2020 3:38:54 AM MST Richard Hughes wrote: > On Wed, 8 Jul 2020 at 22:19, John M. Harris Jr > wrote: > > This is not something that's beneficial here, it's only > > harming our users. > > > That seems exceedingly myopic to me. I'm guessing you've not been > following the

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread John M. Harris Jr
On Thursday, July 9, 2020 12:26:27 AM MST Daniel P. Berrangé wrote: > On Wed, Jul 08, 2020 at 02:17:53PM -0700, John M. Harris Jr wrote: > > > On Wednesday, July 8, 2020 10:04:01 AM MST Richard Hughes wrote: > > > > > On Wed, 8 Jul 2020 at 16:48, John M. Harris Jr > > > wrote: > > > > > > >

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread Richard Hughes
On Wed, 8 Jul 2020 at 22:19, John M. Harris Jr wrote: > This is not something that's beneficial here, it's only > harming our users. That seems exceedingly myopic to me. I'm guessing you've not been following the last few years of security research, where attacking the firmware is now the best

Re: The future of legacy BIOS support in Fedora.

2020-07-09 Thread Daniel P . Berrangé
On Wed, Jul 08, 2020 at 02:17:53PM -0700, John M. Harris Jr wrote: > On Wednesday, July 8, 2020 10:04:01 AM MST Richard Hughes wrote: > > On Wed, 8 Jul 2020 at 16:48, John M. Harris Jr > > wrote: > > > needlessly disables a lot of kernel functionality > > > > > > It disables functionality which

Re: The future of legacy BIOS support in Fedora.

2020-07-08 Thread John M. Harris Jr
On Wednesday, July 8, 2020 10:04:01 AM MST Richard Hughes wrote: > On Wed, 8 Jul 2020 at 16:48, John M. Harris Jr > wrote: > > needlessly disables a lot of kernel functionality > > > It disables functionality which can destroy platform security. It disables functionality that users need, such

Re: The future of legacy BIOS support in Fedora.

2020-07-08 Thread Brandon Nielsen
On 7/8/20 10:47 AM, John M. Harris Jr wrote: On Tuesday, July 7, 2020 3:17:16 AM MST Gerd Hoffmann wrote: On Mon, Jul 06, 2020 at 01:26:31PM -0700, John M. Harris Jr wrote: Well, if that is your concern the answer is secure boot. That will not only prevent tampering with /boot files, but

Re: The future of legacy BIOS support in Fedora.

2020-07-08 Thread Chris Adams
Once upon a time, Richard Hughes said: > tl;dr: if you care about platform security at all, enable secure boot. If you want to use interesting and useful kernel technologies (namely eBPF), disable secure boot. That's a real killer of secure boot IMHO. -- Chris Adams

Re: The future of legacy BIOS support in Fedora.

2020-07-08 Thread Richard Hughes
On Wed, 8 Jul 2020 at 16:48, John M. Harris Jr wrote: > needlessly disables a lot of kernel functionality It disables functionality which can destroy platform security. > You cannot load kernel modules you've built If you can build and insert your own kernel module you can do almost anything

Re: The future of legacy BIOS support in Fedora.

2020-07-08 Thread John M. Harris Jr
On Tuesday, July 7, 2020 3:17:16 AM MST Gerd Hoffmann wrote: > On Mon, Jul 06, 2020 at 01:26:31PM -0700, John M. Harris Jr wrote: > > > On Monday, July 6, 2020 5:24:32 AM MST Gerd Hoffmann wrote: > > > > > Default fedora disk layout in UEFI mode is partitions for ESP, /boot > > > and > > > LVM.

Re: The future of legacy BIOS support in Fedora.

2020-07-07 Thread Lennart Poettering
On Mo, 06.07.20 21:58, Peter Robinson (pbrobin...@gmail.com) wrote: > > > > Less complexity in the boot chain, mainly. But the EFI drivers would > > need to be signed by MS, I think? That would massively complicate > > things. > > I believe that to be correct, of could Apply has control over that

Re: The future of legacy BIOS support in Fedora.

2020-07-07 Thread Chris Adams
Once upon a time, Lennart Poettering said: > EFI SecureBoot uses PE signed executables. Secure Boot also triggers the Linux kernel to disable functionality, so should be avoided as a requirement (except when necessary to boot some other OSes). -- Chris Adams

Re: The future of legacy BIOS support in Fedora.

2020-07-07 Thread Lennart Poettering
On Mo, 06.07.20 16:34, Neal Gompa (ngomp...@gmail.com) wrote: > Encryption != integrity/authentication. The only thing encryption > guarantees is that the data is not visible, not that it hasn't been > tampered with. Usually, dm-verity or dm-integrity is used for what > you're asking for. Android

Re: The future of legacy BIOS support in Fedora.

2020-07-07 Thread Peter Robinson
On Tue, Jul 7, 2020 at 11:17 AM Gerd Hoffmann wrote: > > On Mon, Jul 06, 2020 at 01:26:31PM -0700, John M. Harris Jr wrote: > > On Monday, July 6, 2020 5:24:32 AM MST Gerd Hoffmann wrote: > > > Default fedora disk layout in UEFI mode is partitions for ESP, /boot and > > > LVM. If you ask for

Re: The future of legacy BIOS support in Fedora.

2020-07-07 Thread Gerd Hoffmann
On Mon, Jul 06, 2020 at 01:26:31PM -0700, John M. Harris Jr wrote: > On Monday, July 6, 2020 5:24:32 AM MST Gerd Hoffmann wrote: > > Default fedora disk layout in UEFI mode is partitions for ESP, /boot and > > LVM. If you ask for full disk encryption LVM is encrypted, ESP + boot > > are not.

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread John M. Harris Jr
On Monday, July 6, 2020 3:03:05 PM MST Peter Robinson wrote: > > > It's less complex to maintain one solution for both types of boot, I'd > > > imagine. I'm not the one that'd be doing the work to support it, so far > > > be it from me to prevent somebody from doing so, but that's just what > > >

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Peter Robinson
> > It's less complex to maintain one solution for both types of boot, I'd > > imagine. I'm not the one that'd be doing the work to support it, so far be > > it > > from me to prevent somebody from doing so, but that's just what it sounds > > like. Right now, we have one solution that works well

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Neal Gompa
On Mon, Jul 6, 2020 at 5:05 PM John M. Harris Jr wrote: > > On Monday, July 6, 2020 1:34:05 PM MST Neal Gompa wrote: > > On Mon, Jul 6, 2020 at 4:26 PM John M. Harris Jr > > wrote: > > > > > > > > > On Monday, July 6, 2020 5:24:32 AM MST Gerd Hoffmann wrote: > > > > > > > Default fedora disk

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread John M. Harris Jr
On Monday, July 6, 2020 1:34:05 PM MST Neal Gompa wrote: > On Mon, Jul 6, 2020 at 4:26 PM John M. Harris Jr > wrote: > > > > > > On Monday, July 6, 2020 5:24:32 AM MST Gerd Hoffmann wrote: > > > > > Default fedora disk layout in UEFI mode is partitions for ESP, /boot > > > and > > > LVM. If you

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Peter Robinson
> > I guess that shows how unfamiliar I am with UEFI boot Fedora. You would > > encrypt /boot to ensure that your boot images have not been tampered with, > > or > > config files haven't been read by somebody other than the end user. > > > > Encryption != integrity/authentication. The only thing

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Neal Gompa
On Mon, Jul 6, 2020 at 4:26 PM John M. Harris Jr wrote: > > On Monday, July 6, 2020 5:24:32 AM MST Gerd Hoffmann wrote: > > Default fedora disk layout in UEFI mode is partitions for ESP, /boot and > > LVM. If you ask for full disk encryption LVM is encrypted, ESP + boot > > are not. Which makes

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread John M. Harris Jr
On Monday, July 6, 2020 5:24:32 AM MST Gerd Hoffmann wrote: > Default fedora disk layout in UEFI mode is partitions for ESP, /boot and > LVM. If you ask for full disk encryption LVM is encrypted, ESP + boot > are not. Which makes sense to me. Why would you encrypt /boot? The > files you can

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Hans de Goede
Hi, On 7/6/20 9:36 PM, John M. Harris Jr wrote: On Monday, July 6, 2020 5:51:40 AM MST Gerd Hoffmann wrote: Image boots in both uefi (sd-boot) and bios (grub2) mode, and the config file for the latter is so short that I can include it here without hitting the mailing list size limit ;)

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread John M. Harris Jr
On Monday, July 6, 2020 2:10:18 AM MST Jóhann B. Guðmundsson wrote: > On 5.7.2020 19:31, Solomon Peachy wrote: > > > On Sun, Jul 05, 2020 at 07:18:47PM -, Tom Seewald wrote: > > > >> In terms of physical x86 systems, you are right that UEFI is the > >> overwhelming majority. But as stated

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Jóhann B . Guðmundsson
On 6.7.2020 12:07, Tomasz Torcz wrote: On Mon, Jul 06, 2020 at 01:31:30PM +0200, Gerd Hoffmann wrote: The BIOS provides block device access at sector level, so the boot loader has little choice but implementing drivers for all kinds of stuff. Or use fragile block lists like lilo did in the

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread John M. Harris Jr
On Monday, July 6, 2020 5:51:40 AM MST Gerd Hoffmann wrote: > Image boots in both uefi (sd-boot) and bios (grub2) mode, and the config > file for the latter is so short that I can include it here without > hitting the mailing list size limit ;) > > -- cut here

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Jóhann B . Guðmundsson
On 6.7.2020 18:39, Javier Martinez Canillas wrote: On Mon, Jul 6, 2020 at 10:39 AM Jóhann B. Guðmundsson wrote: On 5.7.2020 18:34, Javier Martinez Canillas wrote: On Sat, Jul 4, 2020 at 6:27 PM Lennart Poettering wrote: [snip] Please submit additions to the spec as PRs to systemd github.

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Christian Stadelmann
Out of the 2 computers I own, 2 only boot through legacy BIOS. One claims to have UEFI support but I haven't managed to get it running with tens of hours of work over the years. In other words: I think it is too early to drop support for this legacy technology.

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Javier Martinez Canillas
On Mon, Jul 6, 2020 at 10:39 AM Jóhann B. Guðmundsson wrote: > > On 5.7.2020 18:34, Javier Martinez Canillas wrote: > > On Sat, Jul 4, 2020 at 6:27 PM Lennart Poettering > > wrote: > > > > [snip] > > > >> Please submit additions to the spec as PRs to systemd github. We added > >> a number of

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread nickysn
On Mon, 2020-07-06 at 14:51 +0200, Gerd Hoffmann wrote: > Hi, > > > My real problem with grub2 is not that it's complex, but the fact > > that > > it exposes its complexities to the user. > > The config file syntax is a mess indeed. The fact that you need a > config generator tool in the

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Nicolas Mailhot via devel
Le 2020-07-06 16:33, Gerd Hoffmann a écrit : On Mon, Jul 06, 2020 at 03:45:45PM +0200, Nicolas Mailhot via devel wrote: Le lundi 06 juillet 2020 à 15:33 +0200, Gerd Hoffmann a écrit : >   Hi, > > See above. sd-boot allows to edit the kernel command line too. Same > hotkey ('e') even.

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Gerd Hoffmann
On Mon, Jul 06, 2020 at 03:45:45PM +0200, Nicolas Mailhot via devel wrote: > Le lundi 06 juillet 2020 à 15:33 +0200, Gerd Hoffmann a écrit : > >   Hi, > > > > See above. sd-boot allows to edit the kernel command line too. Same > > hotkey ('e') even. And unlike the 'l' and 'w' hotkeys that

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Simo Sorce
On Mon, 2020-07-06 at 15:33 +0200, Gerd Hoffmann wrote: > Hi, > > > > default entry highlighted, a few seconds timeout with countdown. Both > > > support editing boot entries. > > Anecdata, but I definitely never (maybe once 15 years ago?) had grub > > install issue, but plenty of dracut

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Nicolas Mailhot via devel
Le lundi 06 juillet 2020 à 15:33 +0200, Gerd Hoffmann a écrit : >   Hi, > > > > default entry highlighted, a few seconds timeout with countdown. > > > Both > > > support editing boot entries. > > > Anecdata, but I definitely never (maybe once 15 years ago?) had > > grub > > install issue, but

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Gerd Hoffmann
Hi, > > default entry highlighted, a few seconds timeout with countdown. Both > > support editing boot entries. > Anecdata, but I definitely never (maybe once 15 years ago?) had grub > install issue, but plenty of dracut reconfiguration/upgrade failures > over the years and the ability to

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Simo Sorce
Hi, On Mon, 2020-07-06 at 13:31 +0200, Gerd Hoffmann wrote: > Hi, > > > > btw, sd-boot has a few tricks up its sleeve: if during boot you keep > > > "w" pressed down it will automatically boot into windows, similar if > > > you keep "l" pressed down it will automaticall boot into linux, "a" >

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Gerd Hoffmann
Hi, > My real problem with grub2 is not that it's complex, but the fact that > it exposes its complexities to the user. The config file syntax is a mess indeed. The fact that you need a config generator tool in the first place speaks volumes ... But note that grub config files don't have to

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Gerd Hoffmann
On Mon, Jul 06, 2020 at 08:08:48AM -0400, Stephen John Smoogen wrote: > On Mon, 6 Jul 2020 at 07:38, Gerd Hoffmann wrote: > > > > Hi, > > > > > > btw, sd-boot has a few tricks up its sleeve: if during boot you keep > > > > "w" pressed down it will automatically boot into windows, similar if > >

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Gerd Hoffmann
On Sun, Jul 05, 2020 at 01:11:08AM -0700, John M. Harris Jr wrote: > On Sunday, July 5, 2020 1:03:34 AM MST Luya Tshimbalanga wrote: > > It would be great that the installer, Anaconda, enables sd-boot for > > users running on UEFI system. The method was done before with both LILO > > and Grub

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread nickysn
On Mon, 2020-07-06 at 13:31 +0200, Gerd Hoffmann wrote: > Hi, > > > > btw, sd-boot has a few tricks up its sleeve: if during boot you > > > keep > > > "w" pressed down it will automatically boot into windows, similar > > > if > > > you keep "l" pressed down it will automaticall boot into linux,

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Stephen John Smoogen
On Mon, 6 Jul 2020 at 07:38, Gerd Hoffmann wrote: > > Hi, > > > > btw, sd-boot has a few tricks up its sleeve: if during boot you keep > > > "w" pressed down it will automatically boot into windows, similar if > > > you keep "l" pressed down it will automaticall boot into linux, "a" > > > will

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Tomasz Torcz
On Mon, Jul 06, 2020 at 01:31:30PM +0200, Gerd Hoffmann wrote: > The BIOS provides block device access at sector level, so the boot > loader has little choice but implementing drivers for all kinds of > stuff. Or use fragile block lists like lilo did in the last century. > > With UEFI much more

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Gerd Hoffmann
Hi, > I have no problem with GRUB2 or sd-boot. I have much more problems > with refind and their ilk. While things can look pretty, that's fine, > as soon as it gets in my way when I try to get things done it stops > being fine. "getting into the way" IMO includes "doesn't show up on the

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Gerd Hoffmann
Hi, > > btw, sd-boot has a few tricks up its sleeve: if during boot you keep > > "w" pressed down it will automatically boot into windows, similar if > > you keep "l" pressed down it will automaticall boot into linux, "a" > > will boot into macos, all without showing any UI at all. This means >

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Jóhann B . Guðmundsson
On 5.7.2020 19:31, Solomon Peachy wrote: On Sun, Jul 05, 2020 at 07:18:47PM -, Tom Seewald wrote: In terms of physical x86 systems, you are right that UEFI is the overwhelming majority. But as stated elsewhere in this thread, a lot of cloud providers and virtualization software default to

Re: The future of legacy BIOS support in Fedora.

2020-07-06 Thread Jóhann B . Guðmundsson
On 5.7.2020 18:34, Javier Martinez Canillas wrote: On Sat, Jul 4, 2020 at 6:27 PM Lennart Poettering wrote: [snip] Please submit additions to the spec as PRs to systemd github. We added a number of new keys in the past that sd-boot itself doesn't make use of (devicetree and such), and we'd

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread nickysn
On Sun, 2020-07-05 at 11:50 -0700, John M. Harris Jr wrote: > On Sunday, July 5, 2020 11:31:41 AM MST Solomon Peachy wrote: > > On Sun, Jul 05, 2020 at 10:20:01AM -0700, John M. Harris Jr wrote: > > > Chromebook devices are neither UEFI nor BIOS. You can use GPT > > > disk layout > > > while still

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread John M. Harris Jr
On Sunday, July 5, 2020 12:18:46 PM MST Solomon Peachy wrote: > On Sat, Jul 04, 2020 at 09:51:30PM -0700, John M. Harris Jr wrote: > > Many people on this very thread are still using BIOS boot systems, and one > > person provided a source for a NEW system they're using which is BIOS > > boot, > >

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Solomon Peachy
On Sun, Jul 05, 2020 at 07:18:47PM -, Tom Seewald wrote: > In terms of physical x86 systems, you are right that UEFI is the > overwhelming majority. But as stated elsewhere in this thread, a lot > of cloud providers and virtualization software default to using BIOS. > So I think Fedora

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Solomon Peachy
On Sat, Jul 04, 2020 at 09:51:30PM -0700, John M. Harris Jr wrote: > Many people on this very thread are still using BIOS boot systems, and one > person provided a source for a NEW system they're using which is BIOS boot, > while another provided factory-default BIOS configurations on hardware >

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Tom Seewald
> BIOS-based systems make up a miniscule minority of the current market. > Pretending otherwise is delusional, and delusions are no basis for > technical decisions. > > - Solomon In terms of physical x86 systems, you are right that UEFI is the overwhelming majority. But as stated elsewhere

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Chris Murphy
On Sun, Jul 5, 2020 at 12:41 PM Nicolas Mailhot via devel wrote: > > Le dimanche 05 juillet 2020 à 12:21 -0600, Chris Murphy a écrit : > > > > specification != standard > > I, for one, am very happy that the systemd project makes the effort of > documenting its formats so others can write

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread John M. Harris Jr
On Sunday, July 5, 2020 11:31:41 AM MST Solomon Peachy wrote: > On Sun, Jul 05, 2020 at 10:20:01AM -0700, John M. Harris Jr wrote: > > Chromebook devices are neither UEFI nor BIOS. You can use GPT disk layout > > while still booting BIOS, which they also don't do. Chromebook devices > > either

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Nicolas Mailhot via devel
Le dimanche 05 juillet 2020 à 12:21 -0600, Chris Murphy a écrit : > > specification != standard I, for one, am very happy that the systemd project makes the effort of documenting its formats so others can write competing implementations or write software that interacts with the systemd

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Javier Martinez Canillas
On Sat, Jul 4, 2020 at 6:27 PM Lennart Poettering wrote: [snip] > > Please submit additions to the spec as PRs to systemd github. We added > a number of new keys in the past that sd-boot itself doesn't make use > of (devicetree and such), and we'd be delighted to add more if they > make sense

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Solomon Peachy
On Sun, Jul 05, 2020 at 10:20:01AM -0700, John M. Harris Jr wrote: > Chromebook devices are neither UEFI nor BIOS. You can use GPT disk layout > while still booting BIOS, which they also don't do. Chromebook devices either > boot with uboot -> depthcharge or Coreboot -> uboot -> depthcharge. I

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Chris Murphy
On Sun, Jul 5, 2020 at 11:26 AM John M. Harris Jr wrote: > > On Sunday, July 5, 2020 3:07:44 AM MST Lennart Poettering wrote: > > On Sa, 04.07.20 18:11, John M. Harris Jr (joh...@splentity.com) wrote: > > > > > > > That systemd throws some crap out doesn't make it a standard. There's no > > >

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread John M. Harris Jr
On Sunday, July 5, 2020 8:12:33 AM MST Markus Larsson wrote: > I have no problem with GRUB2 or sd-boot. I have much more problems with > refind and their ilk. While things can look pretty, that's fine, as soon as > it gets in my way when I try to get things done it stops being fine. I don't think

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread John M. Harris Jr
On Sunday, July 5, 2020 3:07:44 AM MST Lennart Poettering wrote: > On Sa, 04.07.20 18:11, John M. Harris Jr (joh...@splentity.com) wrote: > > > > That systemd throws some crap out doesn't make it a standard. There's no > > reason for GRUB to adopt this, or for anyone else to use this. > > >

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread John M. Harris Jr
On Sunday, July 5, 2020 6:18:50 AM MST Solomon Peachy wrote: > On Sun, Jul 05, 2020 at 08:52:12AM +0200, Nicolas Mailhot via devel wrote: > > So you want to discuss Linux desktop deployments, excluding the only > > sucessful mass Linux desktop deployment to date? Why? > > Because the raw data I

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Stephen John Smoogen
On Sun, 5 Jul 2020 at 11:23, Markus Larsson wrote: > > > > On 5 July 2020 16:27:07 CEST, Stephen John Smoogen wrote: > >On Sat, 4 Jul 2020 at 11:34, Neal Gompa wrote: > >> > >> On Sat, Jul 4, 2020 at 11:20 AM Lennart Poettering > >> wrote: > >> > > >> > On Mi, 01.07.20 21:06, Neal Gompa

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Markus Larsson
On 5 July 2020 16:27:07 CEST, Stephen John Smoogen wrote: >On Sat, 4 Jul 2020 at 11:34, Neal Gompa wrote: >> >> On Sat, Jul 4, 2020 at 11:20 AM Lennart Poettering >> wrote: >> > >> > On Mi, 01.07.20 21:06, Neal Gompa (ngomp...@gmail.com) wrote: >> > >> > > The user-interactive portion of

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Stephen John Smoogen
On Sat, 4 Jul 2020 at 11:34, Neal Gompa wrote: > > On Sat, Jul 4, 2020 at 11:20 AM Lennart Poettering > wrote: > > > > On Mi, 01.07.20 21:06, Neal Gompa (ngomp...@gmail.com) wrote: > > > > > The user-interactive portion of sd-boot is *awful*. I know our GRUB > > > looks ugly by default these

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Solomon Peachy
On Sun, Jul 05, 2020 at 08:41:16AM +0200, Nicolas Mailhot via devel wrote: > Those things are not meant to run ancient software. They are meant to > run a very long time. And yes at the end of this time the software is > ancient. Of course. > That does not mean it is ancient at the start of the

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Sumit Bhardwaj
I don't know about how important EFI and reducing the bootloader technical debt is for the project, but at least for me personally, it will be a straight way out. My hard disk has a traditional MBR based structure with about a TB of very important data. I don't know of a 100% reliable way of

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Solomon Peachy
On Sun, Jul 05, 2020 at 08:52:12AM +0200, Nicolas Mailhot via devel wrote: > So you want to discuss Linux desktop deployments, excluding the only > sucessful mass Linux desktop deployment to date? Why? Because the raw data I had access to excludes chromebooks, only listing "traditional" PCs and

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Lennart Poettering
On Sa, 04.07.20 12:49, Chris Murphy (li...@colorremedies.com) wrote: > Why do the security folks want POSIX and SELinux labels on the > contents of /boot? I've never really gotten a straight answer on this, > but I know it's considered important and a sticking point for why some > folks do not

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Lennart Poettering
On Sa, 04.07.20 18:11, John M. Harris Jr (joh...@splentity.com) wrote: > That systemd throws some crap out doesn't make it a standard. There's no > reason for GRUB to adopt this, or for anyone else to use this. "bloat", "crap", … I am sorry, but you are apparently just a troll and this is the

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread John M. Harris Jr
On Sunday, July 5, 2020 1:03:34 AM MST Luya Tshimbalanga wrote: > It would be great that the installer, Anaconda, enables sd-boot for > users running on UEFI system. The method was done before with both LILO > and Grub decades ago and it was very surprising very few thought of that > process

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Luya Tshimbalanga
It would be great that the installer, Anaconda, enables sd-boot for users running on UEFI system. The method was done before with both LILO and Grub decades ago and it was very surprising very few thought of that process especially for a distribution aiming to use latest technology. The

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Nicolas Mailhot via devel
Le samedi 04 juillet 2020 à 23:10 -0400, Solomon Peachy a écrit : > (Note this explicitly excludes Chromebooks) So you want to discuss Linux desktop deployments, excluding the only sucessful mass Linux desktop deployment to date? Why? Also your data conflates systems sold in with systems

Re: The future of legacy BIOS support in Fedora.

2020-07-05 Thread Nicolas Mailhot via devel
Le samedi 04 juillet 2020 à 23:10 -0400, Solomon Peachy a écrit : > folks that make very long-lifecycle industrial systems > meant to run generally ancient software Those things are not meant to run ancient software. They are meant to run a very long time. And yes at the end of this time the

Re: The future of legacy BIOS support in Fedora.

2020-07-04 Thread John M. Harris Jr
On Saturday, July 4, 2020 8:10:49 PM MST Solomon Peachy wrote: > On Sat, Jul 04, 2020 at 05:24:05PM -0700, John M. Harris Jr wrote: > > There are still new systems built today that only support BIOS, and > > vendors > > providing systems factory-configured for BIOS boot on hardware that does > >

  1   2   3   >