On Wed, Apr 6, 2022 at 11:50 AM Jared Dominguez jaredz@redhat.com wrote:
On Wed, Apr 6, 2022 at 8:20 AM Neal Gompa ngompa13@gmail.com wrote:
On Wed, Apr 6, 2022 at 8:04 AM Vít Ondruch vondruch@redhat.com wrote:
Dne 05. 04. 22 v 17:08 Neal Gompa napsal(a):
On Tue, Apr 5, 2022 at 10:54 AM Ben Cotton bcotton@redhat.com wrote:
https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS
== Summary == Make UEFI a hardware requirement for new Fedora installations on platforms that support it (x86_64). Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms. This is a first step toward eventually removing legacy BIOS support entirely.
== Owner ==
- Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří
Konečný]], [[User:bcl| Brian C. Lane]]
- Email: rharwood@redhat.com
== Detailed Description == UEFI is defined by a versioned standard that can be tested and certified against. By contrast, every legacy BIOS is unique. Legacy BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) and on its way out. As it ages, maintainability has decreased, and the status quo of maintaining both stacks in perpetuity is not viable for those currently doing that work.
It is inevitable that legacy BIOS will be removed in a future release. To ease this transition as best we can, there will be a period (of at least one Fedora release) where it will be possible to boot using the legacy BIOS codepaths, but new installations will not be possible. While it would be easier for us to cut support off today, our hope is that this compromise position will make for a smoother transition. Additional support with issues during the transition would be appreciated.
While this will eventually reduce workload for boot/installation components (grub2 reduces surface area, syslinux goes away entirely, anaconda reduces surface area), the reduction in support burden extends much further into the stack - for instance, VESA support can be removed from the distro.
Fedora already requires a 2GHz dual core CPU at minimum (and therefore mandates that machines must have been made after 2006). Like the already accepted Fedora 37 change to retire ARMv7 support, the hardware targeted tends to be rather underpowered by today’s standards, and the world has moved on from it. Intel stopped shipping the last vestiges of BIOS support in 2020 (as have other vendors, and Apple and Microsoft), so this is clearly the way things are heading - and therefore aligns with Fedora’s “First” objective.
== Feedback == Dropping legacy BIOS was previously discussed (but not proposed) in 2020: https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject.or...
Important, relevant points from that thread (yes, I reread the entire thread) that have informed this change:
- Some machines are BIOS-only. This change does not prevent their use
yet, but they are effectively deprecated. grub2 (our default bootloader) is already capable of both BIOS and UEFI booting.
- Drawing a clear year cutoff, let alone a detailed list of hardware
this change affects, is basically impossible. This is unfortunate but unlikely to ever change.
- There is no migration story from Legacy BIOS to UEFI -
repartitioning effectively mandates a reinstall. As a result, we don’t drop support for existing Legacy BIOS systems yet, just new installations.
- There is no way to deprecate hardware without causing some amount of friction.
- While at the time AWS did not support UEFI booting, that is no
longer the case and they support UEFI today.
== Benefit to Fedora == UEFI is required for many desirable features, including applying firmware updates (fwupd) and supporting SecureBoot. As a standalone change, it reduces support burden on everything involved in installing Fedora, since there becomes only one way to do it per platform. Finally, it simplifies our install/live media, since it too only has to boot one way per arch. Freedom Friends Features First - this is that last one.
== Scope ==
- Proposal owners:
** bootloaders: No change (existing Legacy BIOS installations still supported). ** anaconda: No change (there could be only optional cleanups in the code). However, it needs to be verified. ** Lorax: Code has already been written: https://github.com/weldr/lorax/pull/1205
This pull request primarily drops legacy BIOS support by dropping syslinux/isolinux. We don't necessarily have to drop legacy BIOS support there if we reuse GRUB there too. Other distributions (openSUSE and Mageia, notably) both use GRUB for both BIOS and UEFI on live media.
- Other developers:
** libvirt: UEFI works today, but is not the default. UEFI-only installation is needed for Windows 11, and per conversations, libvirt is prepared for this change. ** Virtualbox: UEFI Fedora installs are working and per virtualbox team, UEFI will be/is the default in 7.0+. ** The Hardware Overview page should be updated to mention the UEFI requirement: https://docs.fedoraproject.org/en-US/fedora/rawhide/release-notes/welcome/Ha...
- Release engineering: [https://pagure.io/releng/issue/10738 #Releng
issue 10738]
Policies and guidelines: N/A (not needed for this Change)
Trademark approval: N/A (not needed for this Change)
Alignment with Objectives: N/A
== Upgrade/compatibility impact == Systems currently using Legacy BIOS for booting on x86_64 will continue to do so.
However, this modifies the baseline Fedora requirements and some hardware will no longer be supported for new installations.
== How To Test == UEFI installation has been supported for quite a while already, so additional testing there should not be required.
== User Experience == Installs will continue to work on UEFI, and will not work on Legacy BIOS. Our install media is already UEFI-capable.
== Dependencies == None
== Contingency Plan == Leave things as they are. Code continues to rot. Community assistance is required to continue the status quo. Current owners plan to orphan some packages regardless of whether the proposal is accepted.
Another fallback option could be, if a Legacy BIOS SIG organizes, to donate the relevant packages there and provide some initial mentoring. Longer term, packages that cannot be wholly donated could be split, though it is unclear whether the synchronization thereby required would reduce the work for anyone.
- Contingency mechanism: Delay until next release.
- Contingency deadline: Beta freeze
- Blocks release? No
== Documentation == See release notes.
== Release Notes == Fedora 37 marks legacy BIOS installation as deprecated on x86_64 in favor of UEFI. While systems already using Legacy BIOS to boot are still supported, new legacy BIOS installations on these architectures are no longer possible. Legacy BIOS support will be removed entirely in a future Fedora.
(Additionally, the Hardware Overview page should be updated to mention the UEFI requirement.)
While I'm sympathetic to this Change, I think this is way too early to do across the board. UEFI came onto the scene in the PC space in 2011~2012 with Windows 8, and even to this day, there are sufficiently buggy hardware platforms that Linux does not boot in UEFI mode: https://twitter.com/VKCsh/status/1511132132885815307
I even have one such machine, an HP desktop machine that came with Windows 8. My current desktop PC has problems booting Linux UEFI as well, though I've done "clever" things to work around that. I don't expect most users to be able to deal with that. Server platforms were *worse* as they were slower to offer UEFI. The first time I was able to get a server with UEFI was in 2014.
Maybe I don't correctly understand the "Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms." quoted from the the change description, but if you have your system installed, it should keep working. You just keep updating. IOW as long as you don't reinstall the system, you are fine and you don't have to be concerned.
If you really have a need to reinstall such machine, you'll take the F36 image and upgrade to F37+ and you should still be good.
This is not a deprecation change, this is effectively a removal change. By removing the packages and the tooling support for legacy BIOS, it makes several scenarios (including recovery) harder. Moreover, it puts the burden on people to figure out if their hardware can boot and install Fedora when we clearly haven't reached a critical mass yet for doing so, like we did when we finally removed the i686 kernel build.
I'm personally a fan of using UEFI instead of BIOS. Heck, I implemented support for UEFI in Fedora's cloud images when other people told me it was not possible, while preserving BIOS support. I've been trying to figure out the roadmap for BIOS deprecation for a year now, and the reason *I* didn't propose a Change yet is because I have not sufficiently determined that it was reasonable to do so.
I'm particularly upset about this Change because it feels like a hostage change where the proposal owners blithely ignore what we're saying as unimportant or irrelevant and abuse our principles to do things that are clearly against what the community feels is right.
This strikes me as a very negative view of what we're trying to do. We're trying to figure out a timeline for deprecation and openly discuss, which is why this change proposal is here now. Support for legacy x86 boot is rapidly vanishing across the industry. Code is rotting in Fedora. The Red Hat team doing the work in the bootloader space doesn't have capacity for continuing support for legacy x86 boot anyway. We're attempting to communicate boundaries and available commitment and work in the community on a workable plan. This proposal includes a call for community assistance if there's sufficient desire to maintain the status quo longer. You are welcome to constructively help with that. Hearing accusations of folks, who are operating on good faith, engaging in "abuse" and executing a "hostage change" feels concerning to me.
I have been trying in the background for years to try to figure out solutions for usability problems in Fedora Linux on UEFI because *I want our experience to be good there*. But it's extremely hard when:
- Bugs and feature requests around UEFI related features are ignored
Per my reply to you yesterday, I would be grateful if you would list out examples here. This is the second time I've heard this, and it's not concrete enough for a constructive conversation on that topic.
This comes from years of trying to engage on improving the UEFI situation in Fedora. To be perfectly clear: I don't want to maintain the status quo. The status quo sucks.
The status quo is:
* UEFI is where everything is going in hardware * Linux UEFI is a second-class experience to legacy boot * No interest in making the UEFI-based environments better for users
We have a ton of nice things in UEFI environments when they work, as long as we don't step out of the happy path. However, the majority of Linux PC users *must* step out of the happy path to get their hardware working for two cases:
* NVIDIA graphics * Broadcom wireless
The former case is excessively common, and the latter case is fairly common with HP and Dell machines as well as some smaller OEMs. I literally helped someone this past week with both[1][2][3]. The Workstation WG has been tracking both issues for years now[4][5]. This situation is *worse* now because we have Fedora Linux preloaded on computers, and OEMs basically have to disable Secure Boot to make things "work". How's that for improving security?
On the cloud side, it's been very difficult to articulate any benefits for supporting UEFI when the majority of the consumers of Fedora Cloud don't have any pressing need to do it and things like hibernation and snapshotting are non-functional. Last year, I changed Fedora Cloud to hybrid boot[6] so that our image artifacts support both boot modes. While GCP requires UEFI and Azure prefers it, AWS has very basic support for UEFI and using UEFI causes you to lose some features that exist only in BIOS mode. One of those is leveraging hibernation in the cloud for spot instances[7]. Moving past the Big Three(tm), the actual cloud providers that matter from a Fedora context are the smaller outfits that principally serve Linux users. These are companies like DigitalOcean, Linode (Akamai), Hetzner, VexxHost, and others who graciously do offer Fedora Linux in their platforms. All of their virtualization platforms are BIOS only right now, and getting them to switch requires them to uplift their platforms to support UEFI in the first place. And again, when UEFI means things like VM snapshots and cloud hibernation don't work, it's not very compelling.
You'd think that given how important this is for the Cloud that it would have mattered for RHEL, but nope. These problems are not new. They've existed since we supported UEFI Secure Boot, and given how people have responded saying these issues are irrelevant to this Change, it shows how out of sync with reality this Change is.
Frankly, I'm extremely frustrated and exhausted over the situation.
[1]: https://twitter.com/Det_Conan_Kudo/status/1508968025785049088 [2]: https://twitter.com/Det_Conan_Kudo/status/1508984123339202560 [3]: https://twitter.com/Det_Conan_Kudo/status/1511755879687012354 [4]: https://pagure.io/fedora-workstation/issue/155 [5]: https://pagure.io/fedora-workstation/issue/116 [6]: https://fedoraproject.org/wiki/Changes/FedoraCloudHybridBoot [7]: https://lwn.net/Articles/821158/
-- 真実はいつも一つ!/ Always, there's only one truth!