How do you build a BIOS successor that's not complicated, when it has to be able to reflash bios from a file on a fat32 partition on a usb stick, because all the other historical ways of reflashing bios were difficult and more fragile? How do you build a BIOS successor that's not complicated when it needs to allow an OS to alter boot settings for the next boot?
Granted, most of what goes on in a BIOS is displaying and changing variables involved in getting the system running, and maintaining those values, which just requires some sort of minimal editing interface and nv storage, but then... users appear. They want to be able to use a mouse. They want an ability to configure their raid chipset prior to boot, or netboot, and HW makers want to implement that in a way that's not some arcane raw assembly dance between BIOS and additional chip FW. What then?
I don't think the complaint is about complexity, but about code quality and architecture. This isn't the only case where an old, simpler but less capable and annoying, system has been replaced by a much more complex system that is much hated and [initially] buggy and less secure, but also more or less gets the job done better than the old way, and where average users of the new system find it easier and more productive.
If there wasn't a case where a hardware manufacturer needed a capability prior to the OS taking over, or to modify their HW settings from the OS in a portable way, it wouldn't be in UEFI, right?
Calling UEFI a full operating system seems needlessly inflammatory. It's not a linux or windows kernel. It has to do a fair amount of the basics, but so does any kernel running on a general purpose chip and interfacing with a bunch of other people's code. UEFI is terrible. Baseband firmwares are terrible. Security processor firmwares are terrible. AMT is terrible. Okay, but we still need them.
> How do you build a BIOS successor that's not complicated, when it has to be able to reflash bios from a file on a fat32 partition on a usb stick, because all the other historical ways of reflashing bios were difficult and more fragile?
It doesn't need to do this at all. Just make the flash accessible to the OS and have the OS do it. Machines without an OS can be booted into a live image. Put a write-protect jumper on the system board if you like.
> How do you build a BIOS successor that's not complicated when it needs to allow an OS to alter boot settings for the next boot?
You give the OS access to the flash and then document what the bits do so the OS knows what to change.
> Granted, most of what goes on in a BIOS is displaying and changing variables involved in getting the system running, and maintaining those values, which just requires some sort of minimal editing interface and nv storage, but then... users appear. They want to be able to use a mouse. They want an ability to configure their raid chipset prior to boot, or netboot, and HW makers want to implement that in a way that's not some arcane raw assembly dance between BIOS and additional chip FW. What then?
Limit the firmware UI to extremely basic settings like "restore factory defaults" and "choose boot device", none of which need a mouse. Boot an OS to do anything more complicated.
> UEFI is terrible. Baseband firmwares are terrible. Security processor firmwares are terrible. AMT is terrible. Okay, but we still need them.
The reason these are all terrible is that they're supplied by the OEM. Delete all of them and replace them with hardware documentation that allows anyone to write their own. Ship the machine with an open source reference implementation that most people will never have to change unless it's terrible, in which case the 0.1% of the users that care will fix it and you can incorporate the fix into the reference implementation.
Heh, I'm having flashbacks to a time repairing a computer where the BIOS/UEFI simply wouldn't work work with the regular keyboard, even though the regular OS supported it just fine.
So I had to go dig up a PS/2 one just to change settings.
Not sure which article that complained about EFI mentioned that PNG parser was vulnerable... and... there's no reason for EFI to have a PNG parser really. It's a fancy stuff that could've been totally avoided. And yet, here we go...
> It doesn't need to do this at all. Just make the flash accessible to the OS and have the OS do it.
I fear this would lead to vendors only implementing proprietary, Windows-only, firmware update software. UEFI-based updates and "UEFI capsules" are better than a Windows-only world, even if UEFI is not necessarily the best thing ever.
You don't need to update the flash to boot an OS capable of updating the flash. The firmware it comes with can do that and if you've irrecoverably installed broken firmware then you've bricked your machine regardless.
No, we don't need them. Look at the OpenWRT ecosystem and the routers it runs on. Those cheap plastic routers come with pretty dumb bootloaders and it works.
However each OpenWRT router also has its own custom bootloader AFAIK. This is why you need different images for different devices, and can't create a single image for everything. UEFI on the other hand you just build one image and it works everywhere.
Yes, UEFI is messy, not saying you will never have issues. But on the other hand, in OpenWRT you literally need to build an image for each device, something that you (almost) never have to do with UEFI or BIOS. Or when was the last time you had to build a specific image for a x86_64 laptop? If this happened to you, I am curious, this would probably make a nice blog post.
By the way, I am not saying that UEFI is not complicated, but there is probably a middle ground between "we need to build a specific image for this device because its bootloader is dumb" and "we have a f* operational system as a bootloader that works everywhere but is full of holes".
That's partly because nesrly nobody, including Linux vendors, actually pushes or checks for parameters being passed from BootVar to executable. Just like barely anyone apparently supports BootVar hotkeys.
Nobody uses it so nobody actually bothers with it, and even Linux defsulted to storing the params in files or kernel itself because good luck finding out you can put them in BootVar at all.
It's still miles better than it was with BIOS, or even Unix workstations (including OpenFirmware ones) with their "emergency releases" of updated OS just to make it boot on new gear
Granted, most of what goes on in a BIOS is displaying and changing variables involved in getting the system running, and maintaining those values, which just requires some sort of minimal editing interface and nv storage, but then... users appear. They want to be able to use a mouse. They want an ability to configure their raid chipset prior to boot, or netboot, and HW makers want to implement that in a way that's not some arcane raw assembly dance between BIOS and additional chip FW. What then?
I don't think the complaint is about complexity, but about code quality and architecture. This isn't the only case where an old, simpler but less capable and annoying, system has been replaced by a much more complex system that is much hated and [initially] buggy and less secure, but also more or less gets the job done better than the old way, and where average users of the new system find it easier and more productive.
If there wasn't a case where a hardware manufacturer needed a capability prior to the OS taking over, or to modify their HW settings from the OS in a portable way, it wouldn't be in UEFI, right?
Calling UEFI a full operating system seems needlessly inflammatory. It's not a linux or windows kernel. It has to do a fair amount of the basics, but so does any kernel running on a general purpose chip and interfacing with a bunch of other people's code. UEFI is terrible. Baseband firmwares are terrible. Security processor firmwares are terrible. AMT is terrible. Okay, but we still need them.