install guide notes: bootloader

Adam Williamson awilliam at redhat.com
Wed Dec 5 00:46:51 UTC 2012 

On Mon, 2012-12-03 at 16:52 +1000, Jack Reed wrote:

> Incorporating these points into the Installation Guide won't be a 
> problem. I'll clarify what bootloader options we now provide. How can we 
> expect UEFI to differ though, and will this need to be documented?

This is almost an essay in itself! I don't know what you have in the
install guide about UEFI already, but bootloading with UEFI is just
entirely different to bootloading with BIOS.

So with UEFI there's this concept called the 'EFI boot manager': a
useful way of thinking about it is that there's a boot loader in the
firmware itself. The 10,000ft overview of how it's supposed to work is
pretty simple: as an OS, you should install a bootloader that only loads
yourself (to a standardized location in something called the 'EFI system
partition'), and then add an entry to the EFI boot manager which is
called 'Fedora 18' or 'Windows 8' or 'Bob's Raptoriffic Linux' or
whatever your OS happens to be called, which points to your own
bootloader.

No OS gets to 'control' bootloading for everyone, there's none of this
chainloading malarkey or different bootloaders on different disks' MBRs
and partition headers and BIOS drive boot orders and who knows what
else: there's just supposed to be one list of 'things that can be
booted', which lives in the firmware, and each OS is only supposed to
fiddle with its own entry in that list and with the bootloader that
loads itself and only itself.

Of course it can get a bit messier in practice; in practice all the
messy stuff about BIOS booting - chainloading, and bootloaders
associated with one OS also being capable of booting other OSes - is
still actually possible and some bugger somewhere has probably come up
with some reason to do them, and you also have the case of hybrid
systems to consider - most UEFI firmwares shipped today have a 'BIOS
compatibility mode', whereby they can boot from a disk MBR and look to
the booted system very much like a BIOS would do. So a typical EFI boot
manager on a current system has entries for any UEFI-native OS installs,
*and* entries for each hard disk, which result in BIOS compatibility
boot from that disk. (There are other ways of representing BIOS
compatibility mode, but this is one of the most popular). It is, not
surprisingly, a bit confusing. Sigh, computers.

Still, the overview is worth keeping in mind. What Fedora 18 actually
*does* when installed as a native UEFI OS is to install the shim and
grub2-efi bootloaders to the EFI system partition (I have heard a report
that it doesn't actually detect an existing EFI system partition if
there is one but just creates a new one, which would be a bug, but I'm
not 100% sure of that) and add an entry named 'Fedora' to the EFI boot
manager, pointing to shim: shim in turn loads grub2-efi, which loads
Fedora. shim is our Secure Boot solution, which really *is* an essay in
itself, I can pass you that essay if your head isn't spinning yet.

Fedora 17, for comparison, installed grub-efi to the ESP and wrote an
entry to the EFI boot manager called 'Fedora', which loaded grub-efi,
which loaded Fedora. shim is just an extra step in essentially the same
chain, and we switched from grub-efi in F17 to grub2-efi in F18.

If you're paying attention you may notice a shortcoming of this design,
which is that it doesn't allow for multiple native UEFI Fedora installs
to a single system, and you'd be correct. If you have a native UEFI
Fedora install already, and you do a new one, it just overwrites the EFI
boot manager entry associated with the existing install. You won't be
able to get into the existing install any more without some manual
poking of the EFI boot manager (or configuring grub2-efi to allow access
to the existing install as well, which I suppose might work, though I
don't know if it really ties in with the 'intended' use of the EFI boot
manager). I filed a bug on this a while back -
https://bugzilla.redhat.com/show_bug.cgi?id=759303 - which was closed as
'wontfix' back in July, though I rather hope that may change at some
point, as it seems a shame.

This is all, of course, just the incomplete and probably often incorrect
understanding of the idiot monkey, I am not a lawyer, errors and
omissions excepted, final sale, no refunds, does not constitute medical
advice or professional investment advice, and I strongly and heartily
recommend that you get a second opinion from someone who knows what the
hell he's talking about - pjones and/or mjg59, for preference - before
accepting any of this as actually bearing the slightest resemblance to
the truth. Seriously, some of the above I know to be a simplification,
and some of it is probably also simplified without me knowing about it,
by the poor sods who have to try and educate me.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net

More information about the docs mailing list