https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS == Summary == Make UEFI a hardware requirement for new Fedora installations on platforms that support it (x86_64). Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms. This is a first step toward eventually removing legacy BIOS support entirely. == Owner == * Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří Konečný]], [[User:bcl| Brian C. Lane]] * Email: rharwood(a)redhat.com == Detailed Description == UEFI is defined by a versioned standard that can be tested and certified against. By contrast, every legacy BIOS is unique. Legacy BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) and on its way out. As it ages, maintainability has decreased, and the status quo of maintaining both stacks in perpetuity is not viable for those currently doing that work. It is inevitable that legacy BIOS will be removed in a future release. To ease this transition as best we can, there will be a period (of at least one Fedora release) where it will be possible to boot using the legacy BIOS codepaths, but new installations will not be possible. While it would be easier for us to cut support off today, our hope is that this compromise position will make for a smoother transition. Additional support with issues during the transition would be appreciated. While this will eventually reduce workload for boot/installation components (grub2 reduces surface area, syslinux goes away entirely, anaconda reduces surface area), the reduction in support burden extends much further into the stack - for instance, VESA support can be removed from the distro. Fedora already requires a 2GHz dual core CPU at minimum (and therefore mandates that machines must have been made after 2006). Like the already accepted Fedora 37 change to retire ARMv7 support, the hardware targeted tends to be rather underpowered by today’s standards, and the world has moved on from it. Intel stopped shipping the last vestiges of BIOS support in 2020 (as have other vendors, and Apple and Microsoft), so this is clearly the way things are heading - and therefore aligns with Fedora’s “First” objective. == Feedback == Dropping legacy BIOS was previously discussed (but not proposed) in 2020: https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject... Important, relevant points from that thread (yes, I reread the entire thread) that have informed this change: * Some machines are BIOS-only. This change does not prevent their use yet, but they are effectively deprecated. grub2 (our default bootloader) is already capable of both BIOS and UEFI booting. * Drawing a clear year cutoff, let alone a detailed list of hardware this change affects, is basically impossible. This is unfortunate but unlikely to ever change. * There is no migration story from Legacy BIOS to UEFI - repartitioning effectively mandates a reinstall. As a result, we don’t drop support for existing Legacy BIOS systems yet, just new installations. * There is no way to deprecate hardware without causing some amount of friction. * While at the time AWS did not support UEFI booting, that is no longer the case and they support UEFI today. == Benefit to Fedora == UEFI is required for many desirable features, including applying firmware updates (fwupd) and supporting SecureBoot. As a standalone change, it reduces support burden on everything involved in installing Fedora, since there becomes only one way to do it per platform. Finally, it simplifies our install/live media, since it too only has to boot one way per arch. Freedom Friends Features First - this is that last one. == Scope == * Proposal owners: ** bootloaders: No change (existing Legacy BIOS installations still supported). ** anaconda: No change (there could be only optional cleanups in the code). However, it needs to be verified. ** Lorax: Code has already been written: https://github.com/weldr/lorax/pull/1205

* Other developers: ** libvirt: UEFI works today, but is not the default. UEFI-only installation is needed for Windows 11, and per conversations, libvirt is prepared for this change. ** Virtualbox: UEFI Fedora installs are working and per virtualbox team, UEFI will be/is the default in 7.0+. ** The Hardware Overview page should be updated to mention the UEFI requirement: https://docs.fedoraproject.org/en-US/fedora/rawhide/release-notes/welcome... * Release engineering: [https://pagure.io/releng/issue/10738 #Releng issue 10738] * Policies and guidelines: N/A (not needed for this Change) * Trademark approval: N/A (not needed for this Change) * Alignment with Objectives: N/A == Upgrade/compatibility impact == Systems currently using Legacy BIOS for booting on x86_64 will continue to do so. However, this modifies the baseline Fedora requirements and some hardware will no longer be supported for new installations. == How To Test == UEFI installation has been supported for quite a while already, so additional testing there should not be required. == User Experience == Installs will continue to work on UEFI, and will not work on Legacy BIOS. Our install media is already UEFI-capable. == Dependencies == None == Contingency Plan == Leave things as they are. Code continues to rot. Community assistance is required to continue the status quo. Current owners plan to orphan some packages regardless of whether the proposal is accepted. Another fallback option could be, if a Legacy BIOS SIG organizes, to donate the relevant packages there and provide some initial mentoring. Longer term, packages that cannot be wholly donated could be split, though it is unclear whether the synchronization thereby required would reduce the work for anyone. * Contingency mechanism: Delay until next release. * Contingency deadline: Beta freeze * Blocks release? No == Documentation == See release notes. == Release Notes == Fedora 37 marks legacy BIOS installation as deprecated on x86_64 in favor of UEFI. While systems already using Legacy BIOS to boot are still supported, new legacy BIOS installations on these architectures are no longer possible. Legacy BIOS support will be removed entirely in a future Fedora. (Additionally, the Hardware Overview page should be updated to mention the UEFI requirement.)

https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS Important, relevant points from that thread (yes, I reread the entire thread) that have informed this change: * Some machines are BIOS-only.  This change does not prevent their use yet, but they are effectively deprecated.  grub2 (our default bootloader) is already capable of both BIOS and UEFI booting. * Drawing a clear year cutoff, let alone a detailed list of hardware this change affects, is basically impossible.  This is unfortunate but unlikely to ever change. * There is no migration story from Legacy BIOS to UEFI - repartitioning effectively mandates a reinstall.  As a result, we don’t drop support for existing Legacy BIOS systems yet, just new installations. * There is no way to deprecate hardware without causing some amount of friction. * While at the time AWS did not support UEFI booting, that is no longer the case and they support UEFI today.

This is out of context here because you can disable Secure Boot but still use UEFI to make that work. You're trying to link to different problems together.

Users wishing to use NVIDIA hardware have the following options: - Use nouveau (free, open source, cool) - Sign their own copy of the proprietary driver (involves messing with certificates, so not appropriate for all users) - Disable Secure Boot (note that this is still UEFI) The NVIDIA driver is proprietary, so of course it's not going to get signed.

On Tue, Apr 5, 2022 at 10:54 AM Ben Cotton <bcotton(a)redhat.com&gt; wrote: > > https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS > > == Summary == > Make UEFI a hardware requirement for new Fedora installations on > platforms that support it (x86_64). Legacy BIOS support is not > removed, but new non-UEFI installation is not supported on those > platforms. This is a first step toward eventually removing legacy > BIOS support entirely. > > == Owner == > * Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří > Konečný]], [[User:bcl| Brian C. Lane]] > * Email: rharwood(a)redhat.com > > > == Detailed Description == > UEFI is defined by a versioned standard that can be tested and > certified against. By contrast, every legacy BIOS is unique. Legacy > BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) > and on its way out. As it ages, maintainability has decreased, and > the status quo of maintaining both stacks in perpetuity is not viable > for those currently doing that work. > > It is inevitable that legacy BIOS will be removed in a future release. > To ease this transition as best we can, there will be a period (of at > least one Fedora release) where it will be possible to boot using the > legacy BIOS codepaths, but new installations will not be possible. > While it would be easier for us to cut support off today, our hope is > that this compromise position will make for a smoother transition. > Additional support with issues during the transition would be > appreciated. > > While this will eventually reduce workload for boot/installation > components (grub2 reduces surface area, syslinux goes away entirely, > anaconda reduces surface area), the reduction in support burden > extends much further into the stack - for instance, VESA support can > be removed from the distro. > > Fedora already requires a 2GHz dual core CPU at minimum (and therefore > mandates that machines must have been made after 2006). Like the > already accepted Fedora 37 change to retire ARMv7 support, the > hardware targeted tends to be rather underpowered by today’s > standards, and the world has moved on from it. Intel stopped shipping > the last vestiges of BIOS support in 2020 (as have other vendors, and > Apple and Microsoft), so this is clearly the way things are heading - > and therefore aligns with Fedora’s “First” objective. > > == Feedback == > Dropping legacy BIOS was previously discussed (but not proposed) in 2020: > https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject... > > Important, relevant points from that thread (yes, I reread the entire > thread) that have informed this change: > > * Some machines are BIOS-only. This change does not prevent their use > yet, but they are effectively deprecated. grub2 (our default > bootloader) is already capable of both BIOS and UEFI booting. > * Drawing a clear year cutoff, let alone a detailed list of hardware > this change affects, is basically impossible. This is unfortunate but > unlikely to ever change. > * There is no migration story from Legacy BIOS to UEFI - > repartitioning effectively mandates a reinstall. As a result, we > don’t drop support for existing Legacy BIOS systems yet, just new > installations. > * There is no way to deprecate hardware without causing some amount of friction. > * While at the time AWS did not support UEFI booting, that is no > longer the case and they support UEFI today. > > == Benefit to Fedora == > UEFI is required for many desirable features, including applying > firmware updates (fwupd) and supporting SecureBoot. As a standalone > change, it reduces support burden on everything involved in installing > Fedora, since there becomes only one way to do it per platform. > Finally, it simplifies our install/live media, since it too only has > to boot one way per arch. Freedom Friends Features First - this is > that last one. > > == Scope == > * Proposal owners: > ** bootloaders: No change (existing Legacy BIOS installations still supported). > ** anaconda: No change (there could be only optional cleanups in the > code). However, it needs to be verified. > ** Lorax: Code has already been written: > https://github.com/weldr/lorax/pull/1205 > This pull request primarily drops legacy BIOS support by dropping syslinux/isolinux. We don't necessarily have to drop legacy BIOS support there if we reuse GRUB there too. Other distributions (openSUSE and Mageia, notably) both use GRUB for both BIOS and UEFI on live media. > * Other developers: > ** libvirt: UEFI works today, but is not the default. UEFI-only > installation is needed for Windows 11, and per conversations, libvirt > is prepared for this change. > ** Virtualbox: UEFI Fedora installs are working and per virtualbox > team, UEFI will be/is the default in 7.0+. > ** The Hardware Overview page should be updated to mention the UEFI > requirement: https://docs.fedoraproject.org/en-US/fedora/rawhide/release-notes/welcome... > > * Release engineering: [https://pagure.io/releng/issue/10738 #Releng > issue 10738] > > * Policies and guidelines: N/A (not needed for this Change) > > * Trademark approval: N/A (not needed for this Change) > > * Alignment with Objectives: N/A > > == Upgrade/compatibility impact == > Systems currently using Legacy BIOS for booting on x86_64 will > continue to do so. > > However, this modifies the baseline Fedora requirements and some > hardware will no longer be supported for new installations. > > == How To Test == > UEFI installation has been supported for quite a while already, so > additional testing there should not be required. > > == User Experience == > Installs will continue to work on UEFI, and will not work on Legacy > BIOS. Our install media is already UEFI-capable. > > == Dependencies == > None > > == Contingency Plan == > Leave things as they are. Code continues to rot. Community > assistance is required to continue the status quo. Current owners > plan to orphan some packages regardless of whether the proposal is > accepted. > > Another fallback option could be, if a Legacy BIOS SIG organizes, to > donate the relevant packages there and provide some initial mentoring. > Longer term, packages that cannot be wholly donated could be split, > though it is unclear whether the synchronization thereby required > would reduce the work for anyone. > > * Contingency mechanism: Delay until next release. > * Contingency deadline: Beta freeze > * Blocks release? No > > == Documentation == > See release notes. > > == Release Notes == > Fedora 37 marks legacy BIOS installation as deprecated on x86_64 in > favor of UEFI. While systems already using Legacy BIOS to boot are > still supported, new legacy BIOS installations on these architectures > are no longer possible. Legacy BIOS support will be removed entirely > in a future Fedora. > > (Additionally, the Hardware Overview page should be updated to mention > the UEFI requirement.) > While I'm sympathetic to this Change, I think this is way too early to do across the board. UEFI came onto the scene in the PC space in 2011~2012 with Windows 8, and even to this day, there are sufficiently buggy hardware platforms that Linux does not boot in UEFI mode: https://twitter.com/VKCsh/status/1511132132885815307

Windows 8. My current desktop PC has problems booting Linux UEFI as well, though I've done "clever" things to work around that. I don't expect most users to be able to deal with that. Server platforms were *worse* as they were slower to offer UEFI. The first time I was able to get a server with UEFI was in 2014.

UEFI (though that's irrelevant to this Change, even though ARM is mentioned). We also lack solutions for dealing with the NVIDIA driver in UEFI+Secure Boot case. Are you planning to actually *fix* that now? Because we still don't have a way to have kernel-only keyrings for secure boot certificates to avoid importing them into the firmware.

真実はいつも一つ！/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel(a)lists.fedoraproject.org To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

By virtue of how boot stuff is handled in Fedora, the community is incapable of working on it.

Fundamentally, this Change is premature unless there's a fundamental decision that there's going to be more activity to solve these problems. You're saying that this will reduce maintenance burden, but virtually every boot bug I've seen for the last few Fedora releases have been around UEFI, *not* BIOS. And it's a very real struggle to get UEFI bugs fixed.

(Just to be clear here: this change is proposing a deprecation, not a removal.)

* There is no migration story from Legacy BIOS to UEFI - repartitioning effectively mandates a reinstall. As a result, we don’t drop support for existing Legacy BIOS systems yet, just new installations.

On Tue, Apr 5, 2022 at 1:31 PM Tom Hughes via devel <devel(a)lists.fedoraproject.org&gt; wrote: > > On 05/04/2022 15:52, Ben Cotton wrote: > >> * There is no migration story from Legacy BIOS to UEFI - >> repartitioning effectively mandates a reinstall. As a result, we >> don’t drop support for existing Legacy BIOS systems yet, just new >> installations. > > This is where I have a problem with this, the fact that there is > no upgrade path - virtually my entire installed base of Fedora is > running legacy BIOS and not being able to upgrade them will be > something of a headache. > > Is it actually true though? You need to be able to find some space > for an EFI partition but assuming that can be done is there some > other reason you can't migrate from BIOS to UEFI booting? In Fedora Linux default partitioning for all but Server, it is possible to reconfigure existing systems to UEFI. Fedora Server is screwed because they use XFS and you cannot shrink an XFS volume. Fedora < 33 used ext4 by default, and you can do offline shrink and open up space for an ESP. In Fedora >= 33, ext4 is still used for /boot and you can resize that. Alternatively, the Btrfs / can be resized while the system is running to make room for an ESP.

Fedora Server users *must* fully reinstall, because there's no way to make space for an ESP and reconfigure things.

Am 05.04.2022 um 16:52 schrieb Ben Cotton <bcotton(a)redhat.com&gt;: https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS == Summary == Make UEFI a hardware requirement for new Fedora installations on platforms that support it (x86_64). Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms. This is a first step toward eventually removing legacy BIOS support entirely.

On 05/04/2022 15:52, Ben Cotton wrote: > * There is no migration story from Legacy BIOS to UEFI - > repartitioning effectively mandates a reinstall. As a result, we > don’t drop support for existing Legacy BIOS systems yet, just new > installations. This is where I have a problem with this, the fact that there is no upgrade path - virtually my entire installed base of Fedora is running legacy BIOS and not being able to upgrade them will be something of a headache.

Is it actually true though? You need to be able to find some space for an EFI partition but assuming that can be done is there some other reason you can't migrate from BIOS to UEFI booting?

And I also don't understand why we should give up a hallmark of free Linux, namely to support old, but still good usable hardware (unlike commercial system, not only Windows but also e.g. RHEL).

Am 05.04.2022 um 19:38 schrieb Neal Gompa <ngompa13(a)gmail.com&gt;: Fedora Server is screwed because they use XFS and you cannot shrink an XFS volume.

Am 05.04.2022 um 19:57 schrieb Robbie Harwood <rharwood(a)redhat.com&gt;: Peter Boy <pboy(a)uni-bremen.de&gt; writes: > And I also don't understand why we should give up a hallmark of free > Linux, namely to support old, but still good usable hardware (unlike > commercial system, not only Windows but also e.g. RHEL). Developers are free to support whatever systems they like. If someone wants to support systems, they'll be supported; if not, they won't. There's no law that says Linux MUST keep supporting hardware forever. See also: armv7 removal, i386/i686 removal, ppc removal, m68k removal,

So you've heard that we're overloaded, and you know that UEFI is the direction the world is heading.

Your solution to this is... what, stick our heads in the sand and ignore that? Just do legacy? We already have UEFI-only platforms (see also: the mention of ARM you're belaboring), so that's obviously not going to fly, even if we were willing to, which we're not.

Curious, has anyone from @redhat or @fedora though to actually communicate with any of the 'big' hosting providers, to perhaps coordinate/influence/compromise/plan? I'd bet AWS, DigitalOcean & Linode/Akamai -- among this biggest hosting providers where 'new installs' would be happening on their VPSs -- would be quite interested in making sure that THEIR customers had smooth install/migration options for Redhat/Centos*/Fedora variants. I know my _own_ solution to UEFI-install only if those^ providers don't support it; I'm guessing not everyone will have the same goals/approach.

PGNet Dev <pgnet.dev(a)gmail.com&gt; writes: > Curious, has anyone from @redhat or @fedora though to actually > communicate with any of the 'big' hosting providers, to perhaps > coordinate/influence/compromise/plan? > > I'd bet AWS, DigitalOcean & Linode/Akamai -- among this biggest > hosting providers where 'new installs' would be happening on their > VPSs -- would be quite interested in making sure that THEIR customers > had smooth install/migration options for Redhat/Centos*/Fedora > variants. > > I know my _own_ solution to UEFI-install only if those^ providers > don't support it; I'm guessing not everyone will have the same > goals/approach. Any VPS that supports Windows 11 needs to support UEFI-only already. In particular, the top 3 (AWS, Azure, Google Cloud) are all UEFI-capable. (Akamai is, to my knowledge, not a provider of VPSs.)

Akamai owns Linode, which is a prominent VPS that focuses on Linux (Linode is a contraction meaning "Linux Node").

DigitalOcean similarly is Linux centric and so Windows doesn't matter.

Most web hosting providers and VPSes are Linux-centric and so Windows doesn't matter.

On 4/5/22 13:38, Neal Gompa wrote: > On Tue, Apr 5, 2022 at 1:31 PM Tom Hughes via devel > <devel(a)lists.fedoraproject.org&gt; wrote: >> >> On 05/04/2022 15:52, Ben Cotton wrote: >> >>> * There is no migration story from Legacy BIOS to UEFI - >>> repartitioning effectively mandates a reinstall. As a result, we >>> don’t drop support for existing Legacy BIOS systems yet, just new >>> installations. >> >> This is where I have a problem with this, the fact that there is >> no upgrade path - virtually my entire installed base of Fedora is >> running legacy BIOS and not being able to upgrade them will be >> something of a headache. >> >> Is it actually true though? You need to be able to find some space >> for an EFI partition but assuming that can be done is there some >> other reason you can't migrate from BIOS to UEFI booting? >> > > In Fedora Linux default partitioning for all but Server, it is > possible to reconfigure existing systems to UEFI. Fedora Server is > screwed because they use XFS and you cannot shrink an XFS volume. Time to get the XFS developers to support shrinking?

We also lack solutions for dealing with the NVIDIA driver in UEFI+Secure Boot case. Are you planning to actually *fix* that now? Because we still don't have a way to have kernel-only keyrings for secure boot certificates to avoid importing them into the firmware.

https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS == Summary == Make UEFI a hardware requirement for new Fedora installations on platforms that support it (x86_64). Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms. This is a first step toward eventually removing legacy BIOS support entirely. == Owner == * Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří Konečný]], [[User:bcl| Brian C. Lane]] * Email: rharwood(a)redhat.com == Detailed Description == UEFI is defined by a versioned standard that can be tested and certified against. By contrast, every legacy BIOS is unique. Legacy BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) and on its way out. As it ages, maintainability has decreased, and the status quo of maintaining both stacks in perpetuity is not viable for those currently doing that work. It is inevitable that legacy BIOS will be removed in a future release. To ease this transition as best we can, there will be a period (of at least one Fedora release) where it will be possible to boot using the legacy BIOS codepaths, but new installations will not be possible. While it would be easier for us to cut support off today, our hope is that this compromise position will make for a smoother transition. Additional support with issues during the transition would be appreciated.

Fedora already requires a 2GHz dual core CPU at minimum (and therefore mandates that machines must have been made after 2006).

* Drawing a clear year cutoff, let alone a detailed list of hardware this change affects, is basically impossible. This is unfortunate but unlikely to ever change.

* There is no migration story from Legacy BIOS to UEFI - repartitioning effectively mandates a reinstall. As a result, we don’t drop support for existing Legacy BIOS systems yet, just new installations.

* Peter Robinson: > This is out of context here because you can disable Secure Boot but > still use UEFI to make that work. You're trying to link to different > problems together. I think there's firmware out there which enables Secure Boot unconditionally in UEFI mode, but still has CSM support.

On 05/04/2022 15:52, Ben Cotton wrote: > * There is no migration story from Legacy BIOS to UEFI - > repartitioning effectively mandates a reinstall. As a result, we > don’t drop support for existing Legacy BIOS systems yet, just new > installations. This is where I have a problem with this, the fact that there is no upgrade path - virtually my entire installed base of Fedora is running legacy BIOS and not being able to upgrade them will be something of a headache. Is it actually true though? You need to be able to find some space for an EFI partition but assuming that can be done is there some other reason you can't migrate from BIOS to UEFI booting?

On Tue, Apr 5, 2022 at 3:38 PM Adam Jackson <ajax(a)redhat.com&gt; wrote: > > On Tue, Apr 5, 2022 at 3:15 PM Neal Gompa <ngompa13(a)gmail.com&gt; wrote: > > > We also lack solutions for dealing with the NVIDIA driver in > > UEFI+Secure Boot case. Are you planning to actually *fix* that now? > > Because we still don't have a way to have kernel-only keyrings for > > secure boot certificates to avoid importing them into the firmware. > > Couple of thoughts, here: > > 1 - This is a non sequitur to the question of removing BIOS support, > because Secure Boot is not a BIOS feature, so nobody relying on Secure > Boot today would stand to lose anything. > > 2 - How is this our problem to solve? NVIDIA are the ones with the > private source code. > It's our problem because the problem isn't specific to NVIDIA, it's specific to how people compile and load kernel modules of their own. We should not require loading keys into firmware for user built kernel modules. An OS-level module should be trustable at the OS kernel level. Thus, it should be: MS cert -> shim -> Fedora cert -> grub -> kernel -> user cert -> user kmod. > 3 - Your complaint describes solution: import NVIDIA's signing key > into your firmware. If you want both Secure Boot and nvidia.ko so > badly, then you as the consumer need to tell your platform to trust > what NVIDIA signs. If that's a burden, again, see point 2 about who > exactly is making your life hard here. Remedies there might include > some UI streamlining around mokutil, or getting nvidia and nouveau to > use the same (open) kernel driver so the question just goes away. > This problem also makes life miserable for people working with third party open source kernel modules too. As a live streamer, for example, I need to use v4l2loopback, which will never exist in mainline because v4l2 maintainers don't like it at all. Broad non-Mac hardware only became available after Windows 8 / Windows Server 2012 R2. Yes, some hardware existed a few years before, but it was not broadly available before 2013. We didn't discontinue i686 in Fedora until Fedora Linux 31, which was over 15 years after the first x86_64 system. The user experience with x86_64 was immeasurably better than i686 at that point in time.

We do not have a better experience with UEFI *right now*. I know of plenty of people intentionally choosing BIOS because the user experience is better, even though it's older/bad technology. Because using BIOS means kmods work. Because using BIOS means hibernate works. Because using BIOS means they can get an equivalent experience leveraging their hardware that they can get on Windows today with UEFI. Maybe none of you proposing this Change use these things, but I'm telling you these things matter.

And the amount of resistance to improving UEFI experience for hardware is amazingly awful. The workstation working group has tried to figure out ways to improve the experience, only to be simultaneously stymied by the UEFI firmware management tools and unwillingness by anyone involved to even consider that we should make this better.

I will *not* force people to deal with importing keys into firmware. It's brittle, buggy, and often completely broken on motherboards. Many of those UEFI implementations are extremely buggy and terrible. I've dealt with a lot of it as part of my job over the years and it leads to a terrible user experience for Linux users.

If you are making UEFI the only way people boot, ***fix*** the experience. If you're not committed to that, then you're causing more pain for no gain.

真実はいつも一つ！/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel(a)lists.fedoraproject.org To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

On Tue, Apr 5, 2022 at 11:47 AM Gregory Bartholomew <gregory.lee.bartholomew(a)gmail.com&gt; wrote: > I haven't done a "default" Fedora Server installation in a long time, so I'm not sure how they are laid out. But I seem to remember /boot being a separate partition for a long time (it used to be required because some older BOISs couldn't read beyond a certain sector on the disk). Could not /boot be converted to the ESP (i.e. reformatted with FAT32) on such systems? No. It would need to be reformatted as FAT to be firmware readable. And thus this is an irreversible modification. There will be lengthy periods of time that are simply not crash safe. So the risk is probably unacceptably high that the user ends up abandoned on a deserted island, in which case it's better to just steer them toward the well understood and document process of reprovisioning (clean install time). Yes it's tedious, but it's well understood and very reliable, and that counts for more than convenience in QA terms.

On Tue, Apr 5, 2022 at 11:18 AM Ben Cotton <bcotton(a)redhat.com&gt; wrote: > While this will eventually reduce workload for boot/installation > components (grub2 reduces surface area, syslinux goes away entirely, > anaconda reduces surface area), the reduction in support burden > extends much further into the stack - for instance, VESA support can > be removed from the distro. I'm flattered, but I intend to drop vesa in F37 regardless of the outcome of this particular change. The only supported way to get to graphics with vesa is to use Xorg, and we sincerely want to be out of the business of maintaining Xorg the hardware server. (We'll need an X server forever, Xwayland isn't going away, don't misread me here.)

And frankly at this point if you seriously want to use vesa it's because you're trying to like reverse engineer some obscure card's VBIOS, and if you're doing that you're probably building your own X server anyway, I know I would be. Its use as an emergency driver on physical GPUs is negligible, we have native drivers for virtually everything made in the last 20 years. Its use as an emergency driver in virtual machines is more statistically significant, maybe, but even there we usually have a drm driver these days, and where we don't we can probably club it into bochs_drm since that's the only rom anyone bothers to use for that.

> Current owners plan to orphan some packages regardless of whether the > proposal is accepted. And that is completely unacceptable blackmailing.

Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms. This is a first step toward eventually removing legacy BIOS support entirely.

syslinux goes away entirely

* Some machines are BIOS-only. This change does not prevent their use yet, but they are effectively deprecated. grub2 (our default bootloader) is already capable of both BIOS and UEFI booting.

However, this modifies the baseline Fedora requirements and some hardware will no longer be supported for new installations.

Installs will continue to work on UEFI, and will not work on Legacy BIOS.

On Tue, Apr 5, 2022 at 3:08 PM Jared Dominguez <jaredz(a)redhat.com&gt; wrote: > The security of UEFI systems is immeasurably better. Standardized firmware updates, support for modern secure TPMs, OS protection from firmware (SMM mitigations), HTTP(S) boot support, largely shared and open sourced firmware codebases that aren't a pile of assembly code, and a lot of other features are UEFI-only. When users have a suboptimal experience by default, it makes Fedora look bad. We can't have security concerns overriding all other concerns. But it's really pernicious to simultaneously say security is important, but we're also not going to sign proprietary drivers. This highly incentivizes the user to disable Secure Boot because that's so much easier than users signing kernel modules and enrolling keys with the firmware, and therefore makes the user *less safe*. >> And the amount of resistance to improving UEFI experience for hardware >> is amazingly awful. The workstation working group has tried to figure >> out ways to improve the experience, only to be simultaneously stymied >> by the UEFI firmware management tools and unwillingness by anyone >> involved to even consider that we should make this better. > > > Which tools? What specific efforts have been stymied? How is any of this specific to UEFI versus trying to deal with things that aren't supported by someone? Namely, Fedora signing NVIDIA's proprietary driver. Apple and Microsoft signing NVIDIA's proprietary driver doesn't at all indicate Apple and Microsoft trust the driver itself. It is trusting the providence of the blob, in order to achieve an overall safer ecosystem for their users. We either want users with NVIDIA hardware to be inside the Secure Boot fold or we don't. I want them in the fold *despite* the driver that needs signing is proprietary. That's a better user experience across the board, including the security messaging is made consistent. The existing policy serves no good at all and is double talk. If we really care about security more than ideological worry, we'd sign the driver.

On Tue, Apr 5, 2022 at 3:38 PM Adam Jackson <ajax(a)redhat.com&gt; wrote: > > On Tue, Apr 5, 2022 at 3:15 PM Neal Gompa <ngompa13(a)gmail.com&gt; wrote: > >> We also lack solutions for dealing with the NVIDIA driver in >> UEFI+Secure Boot case. Are you planning to actually *fix* that now? >> Because we still don't have a way to have kernel-only keyrings for >> secure boot certificates to avoid importing them into the firmware. > > Couple of thoughts, here: > > 1 - This is a non sequitur to the question of removing BIOS support, > because Secure Boot is not a BIOS feature, so nobody relying on Secure > Boot today would stand to lose anything. > > 2 - How is this our problem to solve? NVIDIA are the ones with the > private source code. > It's our problem because the problem isn't specific to NVIDIA, it's specific to how people compile and load kernel modules of their own. We should not require loading keys into firmware for user built kernel modules. An OS-level module should be trustable at the OS kernel level. Thus, it should be: MS cert -> shim -> Fedora cert -> grub -> kernel -> user cert -> user kmod. > 3 - Your complaint describes solution: import NVIDIA's signing key > into your firmware. If you want both Secure Boot and nvidia.ko so > badly, then you as the consumer need to tell your platform to trust > what NVIDIA signs. If that's a burden, again, see point 2 about who > exactly is making your life hard here. Remedies there might include > some UI streamlining around mokutil, or getting nvidia and nouveau to > use the same (open) kernel driver so the question just goes away. > This problem also makes life miserable for people working with third party open source kernel modules too. As a live streamer, for example, I need to use v4l2loopback, which will never exist in mainline because v4l2 maintainers don't like it at all.

Broad non-Mac hardware only became available after Windows 8 / Windows Server 2012 R2. Yes, some hardware existed a few years before, but it was not broadly available before 2013. We didn't discontinue i686 in Fedora until Fedora Linux 31, which was over 15 years after the first x86_64 system. The user experience with x86_64 was immeasurably better than i686 at that point in time. We do not have a better experience with UEFI *right now*. I know of plenty of people intentionally choosing BIOS because the user experience is better, even though it's older/bad technology. Because using BIOS means kmods work. Because using BIOS means hibernate works. Because using BIOS means they can get an equivalent experience leveraging their hardware that they can get on Windows today with UEFI. Maybe none of you proposing this Change use these things, but I'm telling you these things matter.

And the amount of resistance to improving UEFI experience for hardware is amazingly awful. The workstation working group has tried to figure out ways to improve the experience, only to be simultaneously stymied by the UEFI firmware management tools and unwillingness by anyone involved to even consider that we should make this better. I will *not* force people to deal with importing keys into firmware. It's brittle, buggy, and often completely broken on motherboards. Many of those UEFI implementations are extremely buggy and terrible. I've dealt with a lot of it as part of my job over the years and it leads to a terrible user experience for Linux users.

If you are making UEFI the only way people boot, ***fix*** the experience. If you're not committed to that, then you're causing more pain for no gain.

On 4/5/22 19:38, Chris Murphy wrote:

> Apple and Microsoft signing NVIDIA's proprietary driver doesn't at all > indicate Apple and Microsoft trust the driver itself. It is trusting > the providence of the blob, in order to achieve an overall safer > ecosystem for their users.

On 4/5/22 19:38, Chris Murphy wrote: > We either want users with NVIDIA hardware to be inside the Secure Boot > fold or we don't. I want them in the fold *despite* the driver that > needs signing is proprietary. That's a better user experience across > the board, including the security messaging is made consistent. The > existing policy serves no good at all and is double talk. If we really > care about security more than ideological worry, we'd sign the driver. I agree with this. Sign the driver.

Fedora already requires a 2GHz dual core CPU at minimum (and therefore mandates that machines must have been made after 2006). Like the already accepted Fedora 37 change to retire ARMv7 support, the hardware targeted tends to be rather underpowered by today’s standards, and the world has moved on from it. Intel stopped shipping the last vestiges of BIOS support in 2020 (as have other vendors, and Apple and Microsoft), so this is clearly the way things are heading - and therefore aligns with Fedora’s “First” objective.

On Wed, Apr 6, 2022 at 12:59 AM Demi Marie Obenour <demiobenour(a)gmail.com&gt; wrote: > > On 4/5/22 19:38, Chris Murphy wrote: > > We either want users with NVIDIA hardware to be inside the Secure Boot > > fold or we don't. I want them in the fold *despite* the driver that > > needs signing is proprietary. That's a better user experience across > > the board, including the security messaging is made consistent. The > > existing policy serves no good at all and is double talk. If we really > > care about security more than ideological worry, we'd sign the driver. > > I agree with this. Sign the driver. Nvidia has their driver signed for their Windows drivers. That they choose not to do so for Linux is their right, even if some wish they did. It should be noted that while many might wish nvidia chose a different way, that is completely orthogonal to bios vs uefi.

Make UEFI a hardware requirement for new Fedora installations on platforms that support it (x86_64). Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms. This is a first step toward eventually removing legacy BIOS support entirely.

On Tue, Apr 5, 2022 at 10:54 AM Ben Cotton <bcotton(a)redhat.com&gt; wrote: > https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS > > == Summary == > Make UEFI a hardware requirement for new Fedora installations on > platforms that support it (x86_64). Legacy BIOS support is not > removed, but new non-UEFI installation is not supported on those > platforms. This is a first step toward eventually removing legacy > BIOS support entirely. > > == Owner == > * Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří > Konečný]], [[User:bcl| Brian C. Lane]] > * Email: rharwood(a)redhat.com > > > == Detailed Description == > UEFI is defined by a versioned standard that can be tested and > certified against. By contrast, every legacy BIOS is unique. Legacy > BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) > and on its way out. As it ages, maintainability has decreased, and > the status quo of maintaining both stacks in perpetuity is not viable > for those currently doing that work. > > It is inevitable that legacy BIOS will be removed in a future release. > To ease this transition as best we can, there will be a period (of at > least one Fedora release) where it will be possible to boot using the > legacy BIOS codepaths, but new installations will not be possible. > While it would be easier for us to cut support off today, our hope is > that this compromise position will make for a smoother transition. > Additional support with issues during the transition would be > appreciated. > > While this will eventually reduce workload for boot/installation > components (grub2 reduces surface area, syslinux goes away entirely, > anaconda reduces surface area), the reduction in support burden > extends much further into the stack - for instance, VESA support can > be removed from the distro. > > Fedora already requires a 2GHz dual core CPU at minimum (and therefore > mandates that machines must have been made after 2006). Like the > already accepted Fedora 37 change to retire ARMv7 support, the > hardware targeted tends to be rather underpowered by today’s > standards, and the world has moved on from it. Intel stopped shipping > the last vestiges of BIOS support in 2020 (as have other vendors, and > Apple and Microsoft), so this is clearly the way things are heading - > and therefore aligns with Fedora’s “First” objective. > > == Feedback == > Dropping legacy BIOS was previously discussed (but not proposed) in 2020: > https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject... > > Important, relevant points from that thread (yes, I reread the entire > thread) that have informed this change: > > * Some machines are BIOS-only. This change does not prevent their use > yet, but they are effectively deprecated. grub2 (our default > bootloader) is already capable of both BIOS and UEFI booting. > * Drawing a clear year cutoff, let alone a detailed list of hardware > this change affects, is basically impossible. This is unfortunate but > unlikely to ever change. > * There is no migration story from Legacy BIOS to UEFI - > repartitioning effectively mandates a reinstall. As a result, we > don’t drop support for existing Legacy BIOS systems yet, just new > installations. > * There is no way to deprecate hardware without causing some amount of friction. > * While at the time AWS did not support UEFI booting, that is no > longer the case and they support UEFI today. > > == Benefit to Fedora == > UEFI is required for many desirable features, including applying > firmware updates (fwupd) and supporting SecureBoot. As a standalone > change, it reduces support burden on everything involved in installing > Fedora, since there becomes only one way to do it per platform. > Finally, it simplifies our install/live media, since it too only has > to boot one way per arch. Freedom Friends Features First - this is > that last one. > > == Scope == > * Proposal owners: > ** bootloaders: No change (existing Legacy BIOS installations still supported). > ** anaconda: No change (there could be only optional cleanups in the > code). However, it needs to be verified. > ** Lorax: Code has already been written: > https://github.com/weldr/lorax/pull/1205 > This pull request primarily drops legacy BIOS support by dropping syslinux/isolinux. We don't necessarily have to drop legacy BIOS support there if we reuse GRUB there too. Other distributions (openSUSE and Mageia, notably) both use GRUB for both BIOS and UEFI on live media. > * Other developers: > ** libvirt: UEFI works today, but is not the default. UEFI-only > installation is needed for Windows 11, and per conversations, libvirt > is prepared for this change. > ** Virtualbox: UEFI Fedora installs are working and per virtualbox > team, UEFI will be/is the default in 7.0+. > ** The Hardware Overview page should be updated to mention the UEFI > requirement: https://docs.fedoraproject.org/en-US/fedora/rawhide/release-notes/welcome... > > * Release engineering: [https://pagure.io/releng/issue/10738 #Releng > issue 10738] > > * Policies and guidelines: N/A (not needed for this Change) > > * Trademark approval: N/A (not needed for this Change) > > * Alignment with Objectives: N/A > > == Upgrade/compatibility impact == > Systems currently using Legacy BIOS for booting on x86_64 will > continue to do so. > > However, this modifies the baseline Fedora requirements and some > hardware will no longer be supported for new installations. > > == How To Test == > UEFI installation has been supported for quite a while already, so > additional testing there should not be required. > > == User Experience == > Installs will continue to work on UEFI, and will not work on Legacy > BIOS. Our install media is already UEFI-capable. > > == Dependencies == > None > > == Contingency Plan == > Leave things as they are. Code continues to rot. Community > assistance is required to continue the status quo. Current owners > plan to orphan some packages regardless of whether the proposal is > accepted. > > Another fallback option could be, if a Legacy BIOS SIG organizes, to > donate the relevant packages there and provide some initial mentoring. > Longer term, packages that cannot be wholly donated could be split, > though it is unclear whether the synchronization thereby required > would reduce the work for anyone. > > * Contingency mechanism: Delay until next release. > * Contingency deadline: Beta freeze > * Blocks release? No > > == Documentation == > See release notes. > > == Release Notes == > Fedora 37 marks legacy BIOS installation as deprecated on x86_64 in > favor of UEFI. While systems already using Legacy BIOS to boot are > still supported, new legacy BIOS installations on these architectures > are no longer possible. Legacy BIOS support will be removed entirely > in a future Fedora. > > (Additionally, the Hardware Overview page should be updated to mention > the UEFI requirement.) > While I'm sympathetic to this Change, I think this is way too early to do across the board. UEFI came onto the scene in the PC space in 2011~2012 with Windows 8, and even to this day, there are sufficiently buggy hardware platforms that Linux does not boot in UEFI mode: https://twitter.com/VKCsh/status/1511132132885815307 I even have one such machine, an HP desktop machine that came with Windows 8. My current desktop PC has problems booting Linux UEFI as well, though I've done "clever" things to work around that. I don't expect most users to be able to deal with that. Server platforms were *worse* as they were slower to offer UEFI. The first time I was able to get a server with UEFI was in 2014.

And we've still failed to get ARM and RISC-V broadly on board with UEFI (though that's irrelevant to this Change, even though ARM is mentioned). We also lack solutions for dealing with the NVIDIA driver in UEFI+Secure Boot case. Are you planning to actually *fix* that now? Because we still don't have a way to have kernel-only keyrings for secure boot certificates to avoid importing them into the firmware. -- 真実はいつも一つ！/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel(a)lists.fedoraproject.org To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

If you really have a need to reinstall such machine, you'll take the F36 image and upgrade to F37+ and you should still be good.

Dne 05. 04. 22 v 17:08 Neal Gompa napsal(a): > On Tue, Apr 5, 2022 at 10:54 AM Ben Cotton <bcotton(a)redhat.com&gt; wrote: >> https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS >> >> == Summary == >> Make UEFI a hardware requirement for new Fedora installations on >> platforms that support it (x86_64). Legacy BIOS support is not >> removed, but new non-UEFI installation is not supported on those >> platforms. This is a first step toward eventually removing legacy >> BIOS support entirely. >> >> == Owner == >> * Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří >> Konečný]], [[User:bcl| Brian C. Lane]] >> * Email: rharwood(a)redhat.com >> >> >> == Detailed Description == >> UEFI is defined by a versioned standard that can be tested and >> certified against. By contrast, every legacy BIOS is unique. Legacy >> BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) >> and on its way out. As it ages, maintainability has decreased, and >> the status quo of maintaining both stacks in perpetuity is not viable >> for those currently doing that work. >> >> It is inevitable that legacy BIOS will be removed in a future release. >> To ease this transition as best we can, there will be a period (of at >> least one Fedora release) where it will be possible to boot using the >> legacy BIOS codepaths, but new installations will not be possible. >> While it would be easier for us to cut support off today, our hope is >> that this compromise position will make for a smoother transition. >> Additional support with issues during the transition would be >> appreciated. >> >> While this will eventually reduce workload for boot/installation >> components (grub2 reduces surface area, syslinux goes away entirely, >> anaconda reduces surface area), the reduction in support burden >> extends much further into the stack - for instance, VESA support can >> be removed from the distro. >> >> Fedora already requires a 2GHz dual core CPU at minimum (and therefore >> mandates that machines must have been made after 2006). Like the >> already accepted Fedora 37 change to retire ARMv7 support, the >> hardware targeted tends to be rather underpowered by today’s >> standards, and the world has moved on from it. Intel stopped shipping >> the last vestiges of BIOS support in 2020 (as have other vendors, and >> Apple and Microsoft), so this is clearly the way things are heading - >> and therefore aligns with Fedora’s “First” objective. >> >> == Feedback == >> Dropping legacy BIOS was previously discussed (but not proposed) in 2020: >> https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject... >> >> Important, relevant points from that thread (yes, I reread the entire >> thread) that have informed this change: >> >> * Some machines are BIOS-only. This change does not prevent their use >> yet, but they are effectively deprecated. grub2 (our default >> bootloader) is already capable of both BIOS and UEFI booting. >> * Drawing a clear year cutoff, let alone a detailed list of hardware >> this change affects, is basically impossible. This is unfortunate but >> unlikely to ever change. >> * There is no migration story from Legacy BIOS to UEFI - >> repartitioning effectively mandates a reinstall. As a result, we >> don’t drop support for existing Legacy BIOS systems yet, just new >> installations. >> * There is no way to deprecate hardware without causing some amount of friction. >> * While at the time AWS did not support UEFI booting, that is no >> longer the case and they support UEFI today. >> >> == Benefit to Fedora == >> UEFI is required for many desirable features, including applying >> firmware updates (fwupd) and supporting SecureBoot. As a standalone >> change, it reduces support burden on everything involved in installing >> Fedora, since there becomes only one way to do it per platform. >> Finally, it simplifies our install/live media, since it too only has >> to boot one way per arch. Freedom Friends Features First - this is >> that last one. >> >> == Scope == >> * Proposal owners: >> ** bootloaders: No change (existing Legacy BIOS installations still supported). >> ** anaconda: No change (there could be only optional cleanups in the >> code). However, it needs to be verified. >> ** Lorax: Code has already been written: >> https://github.com/weldr/lorax/pull/1205 >> > This pull request primarily drops legacy BIOS support by dropping > syslinux/isolinux. We don't necessarily have to drop legacy BIOS > support there if we reuse GRUB there too. Other distributions > (openSUSE and Mageia, notably) both use GRUB for both BIOS and UEFI on > live media. > >> * Other developers: >> ** libvirt: UEFI works today, but is not the default. UEFI-only >> installation is needed for Windows 11, and per conversations, libvirt >> is prepared for this change. >> ** Virtualbox: UEFI Fedora installs are working and per virtualbox >> team, UEFI will be/is the default in 7.0+. >> ** The Hardware Overview page should be updated to mention the UEFI >> requirement: https://docs.fedoraproject.org/en-US/fedora/rawhide/release-notes/welcome... >> >> * Release engineering: [https://pagure.io/releng/issue/10738 #Releng >> issue 10738] >> >> * Policies and guidelines: N/A (not needed for this Change) >> >> * Trademark approval: N/A (not needed for this Change) >> >> * Alignment with Objectives: N/A >> >> == Upgrade/compatibility impact == >> Systems currently using Legacy BIOS for booting on x86_64 will >> continue to do so. >> >> However, this modifies the baseline Fedora requirements and some >> hardware will no longer be supported for new installations. >> >> == How To Test == >> UEFI installation has been supported for quite a while already, so >> additional testing there should not be required. >> >> == User Experience == >> Installs will continue to work on UEFI, and will not work on Legacy >> BIOS. Our install media is already UEFI-capable. >> >> == Dependencies == >> None >> >> == Contingency Plan == >> Leave things as they are. Code continues to rot. Community >> assistance is required to continue the status quo. Current owners >> plan to orphan some packages regardless of whether the proposal is >> accepted. >> >> Another fallback option could be, if a Legacy BIOS SIG organizes, to >> donate the relevant packages there and provide some initial mentoring. >> Longer term, packages that cannot be wholly donated could be split, >> though it is unclear whether the synchronization thereby required >> would reduce the work for anyone. >> >> * Contingency mechanism: Delay until next release. >> * Contingency deadline: Beta freeze >> * Blocks release? No >> >> == Documentation == >> See release notes. >> >> == Release Notes == >> Fedora 37 marks legacy BIOS installation as deprecated on x86_64 in >> favor of UEFI. While systems already using Legacy BIOS to boot are >> still supported, new legacy BIOS installations on these architectures >> are no longer possible. Legacy BIOS support will be removed entirely >> in a future Fedora. >> >> (Additionally, the Hardware Overview page should be updated to mention >> the UEFI requirement.) >> > While I'm sympathetic to this Change, I think this is way too early to > do across the board. UEFI came onto the scene in the PC space in > 2011~2012 with Windows 8, and even to this day, there are sufficiently > buggy hardware platforms that Linux does not boot in UEFI mode: > https://twitter.com/VKCsh/status/1511132132885815307 > > I even have one such machine, an HP desktop machine that came with > Windows 8. My current desktop PC has problems booting Linux UEFI as > well, though I've done "clever" things to work around that. I don't > expect most users to be able to deal with that. Server platforms were > *worse* as they were slower to offer UEFI. The first time I was able > to get a server with UEFI was in 2014. Maybe I don't correctly understand the "Legacy BIOS support is not removed, but new non-UEFI installation is not supported on those platforms." quoted from the the change description, but if you have your system installed, it should keep working. You just keep updating. IOW as long as you don't reinstall the system, you are fine and you don't have to be concerned. If you really have a need to reinstall such machine, you'll take the F36 image and upgrade to F37+ and you should still be good.

> If you really have a need to reinstall such machine, you'll take the F36 > image and upgrade to F37+ and you should still be good. > This is not a deprecation change, this is effectively a removal change. By removing the packages and the tooling support for legacy BIOS, it makes several scenarios (including recovery) harder. Moreover, it puts the burden on people to figure out if their hardware can boot and install Fedora when we clearly haven't reached a critical mass yet for doing so, like we did when we finally removed the i686 kernel build. I'm personally a fan of using UEFI instead of BIOS. Heck, I implemented support for UEFI in Fedora's cloud images when other people told me it was not possible, while preserving BIOS support. I've been trying to figure out the roadmap for BIOS deprecation for a year now, and the reason *I* didn't propose a Change yet is because I have not sufficiently determined that it was reasonable to do so. I'm particularly upset about this Change because it feels like a hostage change where the proposal owners blithely ignore what we're saying as unimportant or irrelevant and abuse our principles to do things that are clearly against what the community feels is right. I have been trying in the background for years to try to figure out solutions for usability problems in Fedora Linux on UEFI because *I want our experience to be good there*. But it's extremely hard when: 1. Bugs and feature requests around UEFI related features are ignored 2. The packages are locked down so there is no way for the community to help 3. At various times, people have explicitly said "patches NOT welcome" I'm angry because we're doing this without any real thought around the consequences for the user experience, and we should not do that as a premier Linux distribution.

I agree 100%. I think this is actually getting to the crux of the issue, which is that while we have a lot of people that want BIOS support to continue, we effectively have nobody that wants to do the work to make it happen.

Moreover, it puts the burden on people to figure out if their hardware can boot and install Fedora when we clearly haven't reached a critical mass yet for doing so, like we did when we finally removed the i686 kernel build.

Hi, <to be clear I'm replying on a personal title here, not on behalf of my employer (Red Hat)> On 4/5/22 16:52, Ben Cotton wrote: > https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS <snip> > Fedora already requires a 2GHz dual core CPU at minimum (and therefore > mandates that machines must have been made after 2006). But machines made between 2006-2012 generally did not have EFI support, anf for example at home I still have several machines from that era which are BIOS only in active use: 1. My daughter's workstation is an i5-2400 with 8G RAM, this is a 3.1 GHz base-freq quad-core processor very easily matching Fedora's minimal requirements. Currently running Fedora 35 just fine. Making it impossible to keep using this in the future is just causing unnecessary ewaste for no good reason IMHO. 2. My wife's workstation is a Core 2 Duo E6600 2.4 Ghz dual core machine with 4G RAM, which also still works fine for what she uses it for. 3. The living room laptop is another Core 2 Duo machine with 4G RAM. Looking specifically at fixed PCs and not laptops this proposal would (eventually) turn 2/5 PCs in my home unusable, which really is unacceptable IMHO. Also note that all these machines use somewhat older Intel integrated graphics. As he has already mentioned on this this thread, Dave Airlie has just spend a lot of time on making sure those iGPU-s will work with a gallium driver so that the classic mesa code can be removed and it seems rather silly to drop support for this hw after just investing a significant chunk of time to breathe new live into their GPU support. So a big -1 from me for this proposal as it stand. ### But I do completely understand that there is a workload issue for the bootloader team and the proposal also mentions: > == Contingency Plan == > Leave things as they are. Code continues to rot. Community > assistance is required to continue the status quo. Current owners > plan to orphan some packages regardless of whether the proposal is > accepted. If the current owners no longer want to support some packages which are only necessary for legacy BIOS support, then orphaning these seems completely reasonable to me. Maybe you can provide a list of these pkgs before hand so that people can already volunteer as co-maintainers now and then when they are orphaned, instead of orphaning them they can be directly handed over (using the "give away" button) to the new maintainers ? > Another fallback option could be, if a Legacy BIOS SIG organizes, to > donate the relevant packages there and provide some initial mentoring. I believe that that is a great idea, I hereby volunteer to try and setup such a SIG. If anyone reading this is interested in joining such a SIG please drop me an email. I realize that there have been similar attempts around keeping 32 bit x86 alive and that those have failed, but I believe that this is different for a number of reasons: 1. i686 support required making sure that *all* of Fedora kept working on i686, the problem was not just the kernel breaking sometimes, but also that huge projects like libreoffice would no longer start on i686 (at least on some of my machines). Legacy BIOS boot support is basically only about the image-creation tools + the bootloader. As various people have mentioned in the thread BIOS support is still very much a thing in data-centers, so I expect the upstream kernel community to keep the kernel working with this for at least a couple of years. Where as both the kernel + many userspace apps were breaking on i686. 2. I personally basically gave up on i686 support also because there was very little 32 bit only x86 hw around remaining in active use when it was dropped. And what was still on active use was getting close to unusable from a performance pov. Where as here we are talking about up to 2nd and 3th gen core i5 / i7 machines which are still quite performant. Esp. the 2nd gen core machines (Sandy Bridge) are still quite popular and lots of people have hung on to desktops with those because the CPU performance increase in generations after SNB have been rather underwhelming. > Longer term, packages that cannot be wholly donated could be split, > though it is unclear whether the synchronization thereby required > would reduce the work for anyone. I've been thinking about how this could be done for grub; also because of the issue that the EFI builds of grub need to be signed with Fedora's secure boot keys, which means only a few people can do grub2 builds atm. One option which I think we should consider is sticking with a single downstream git fork (until we have managed to get everything we need upstream), so stick with: https://github.com/rhboot/grub2/ As the Source0 provider for the packages and then next to: https://src.fedoraproject.org/rpms/grub2 Add a: https://src.fedoraproject.org/rpms/grub2-bios And moving the build of all sub-packages which are only necessary for BIOS support to the second src.rpm. This way the Legacy BIOS SIG could maintain the grub2-bios src.rpm (and binary pkgs it builds). The SIG _must_ then of course still submit pull-reqs to: https://github.com/rhboot/grub2/ for any changes. But in case of e.g. a beta blocking BIOS only bug they could solve that with a patch in the src.rpm and kickof a build right away without blocking on the bootloader team and thus without causing a spike in work-pressure/load for the bootloader team. And then once the pull-req is merged (possibly a revised version of it) the next build of the grub2-bios src.rpm can pull in the new Source0 and drop its local changes (IOW grub2-bios _must_ not become a separate fork).

hi, could someone kindly tell me if my toshiba l750 machine has EFI support? i'm blind and efi/bios screens are in accessible.

This is not a deprecation change, this is effectively a removal change. By removing the packages and the tooling support for legacy BIOS, it makes several scenarios (including recovery) harder. Moreover, it puts the burden on people to figure out if their hardware can boot and install Fedora when we clearly haven't reached a critical mass yet for doing so, like we did when we finally removed the i686 kernel build.

2. The packages are locked down so there is no way for the community to help

3. At various times, people have explicitly said "patches NOT welcome"

Those figures are recommended minimums, not requirements. I have a single core F35 machine which works fine.

Neal Gompa <ngompa13(a)gmail.com&gt; writes: > This is not a deprecation change, this is effectively a removal > change. By removing the packages and the tooling support for legacy > BIOS, it makes several scenarios (including recovery) harder. > Moreover, it puts the burden on people to figure out if their hardware > can boot and install Fedora when we clearly haven't reached a critical > mass yet for doing so, like we did when we finally removed the i686 > kernel build. I've stated in the change that the intent is to eventually remove legacy entirely - so there's no sleight of hand here. The rest is a semantic issue which I don't care to argue. > 2. The packages are locked down so there is no way for the community to help I've replied to this when you said it before, but no, this is misinformation, and I'd appreciate if you stop spreading it. Bootloader packages are available for PRs, same as every other package in the distro. Our bugzilla issues are as open as any other package in the distro. Quite simply, being able to make official builds isn't a requirement to help with any package in the distro, bootloader or otherwise. And to peek behind the curtain a bit, running `fedpkg build` is not even close to the hardest or most time-consuming part of working on bootloader packages. > 3. At various times, people have explicitly said "patches NOT welcome" I see no evidence of this having happened, and it's definitely not something I've said.

On Wed, Apr 6, 2022 at 7:14 AM John Boero <boeroboy(a)gmail.com&gt; wrote: > > I can fully understand why this would be done. As per the original > discussion when Peter Robinson mentioned a Spin to deprecate BIOS, > would anybody else be interested in helping with a Spin for legacy > BIOS support? I agree with the e-waste comments and it seems a shame > to trash some perfectly viable kiosks or old IoT which gave new life > to old kit. I just got done knocking Windows 11 for deprecating > support for fairly new hardware but now realize Fedora is doing > something similar (though not as drastic). Is a spin worth > exploring? Volunteers welcome. The pull request to delete the code for BIOS support in lorax means that we can't produce media with BIOS support at all once that's merged. They've tied dropping syslinux to dropping BIOS support entirely. It is also unclear that they'd take a contribution to rewire lorax to produce media with BIOS support using GRUB like we do for UEFI.

On Wed, Apr 6, 2022 at 10:59 AM Robbie Harwood <rharwood(a)redhat.com&gt; wrote: > Neal Gompa <ngompa13(a)gmail.com&gt; writes: > >> 3. At various times, people have explicitly said "patches NOT >> welcome" > > I see no evidence of this having happened, and it's definitely not > something I've said. The grub2 package had pull requests disabled until last year. That's a pretty obvious hammer to indicate patches are not welcome. That's why I couldn't send PRs to add the protected.d files for grub and had to wait for someone else to do it by filing a BZ.

On Wed, Apr 6, 2022 at 8:04 AM Vít Ondruch <vondruch(a)redhat.com&gt; wrote: > > > Dne 05. 04. 22 v 17:08 Neal Gompa napsal(a): > > On Tue, Apr 5, 2022 at 10:54 AM Ben Cotton <bcotton(a)redhat.com&gt; wrote: > >> https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS > >> > >> == Summary == > >> Make UEFI a hardware requirement for new Fedora installations on > >> platforms that support it (x86_64). Legacy BIOS support is not > >> removed, but new non-UEFI installation is not supported on those > >> platforms. This is a first step toward eventually removing legacy > >> BIOS support entirely. > >> > >> == Owner == > >> * Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří > >> Konečný]], [[User:bcl| Brian C. Lane]] > >> * Email: rharwood(a)redhat.com > >> > >> > >> == Detailed Description == > >> UEFI is defined by a versioned standard that can be tested and > >> certified against. By contrast, every legacy BIOS is unique. Legacy > >> BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) > >> and on its way out. As it ages, maintainability has decreased, and > >> the status quo of maintaining both stacks in perpetuity is not viable > >> for those currently doing that work. > >> > >> It is inevitable that legacy BIOS will be removed in a future release. > >> To ease this transition as best we can, there will be a period (of at > >> least one Fedora release) where it will be possible to boot using the > >> legacy BIOS codepaths, but new installations will not be possible. > >> While it would be easier for us to cut support off today, our hope is > >> that this compromise position will make for a smoother transition. > >> Additional support with issues during the transition would be > >> appreciated. > >> > >> While this will eventually reduce workload for boot/installation > >> components (grub2 reduces surface area, syslinux goes away entirely, > >> anaconda reduces surface area), the reduction in support burden > >> extends much further into the stack - for instance, VESA support can > >> be removed from the distro. > >> > >> Fedora already requires a 2GHz dual core CPU at minimum (and therefore > >> mandates that machines must have been made after 2006). Like the > >> already accepted Fedora 37 change to retire ARMv7 support, the > >> hardware targeted tends to be rather underpowered by today’s > >> standards, and the world has moved on from it. Intel stopped shipping > >> the last vestiges of BIOS support in 2020 (as have other vendors, and > >> Apple and Microsoft), so this is clearly the way things are heading - > >> and therefore aligns with Fedora’s “First” objective. > >> > >> == Feedback == > >> Dropping legacy BIOS was previously discussed (but not proposed) in 2020: > >> https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject... > >> > >> Important, relevant points from that thread (yes, I reread the entire > >> thread) that have informed this change: > >> > >> * Some machines are BIOS-only. This change does not prevent their use > >> yet, but they are effectively deprecated. grub2 (our default > >> bootloader) is already capable of both BIOS and UEFI booting. > >> * Drawing a clear year cutoff, let alone a detailed list of hardware > >> this change affects, is basically impossible. This is unfortunate but > >> unlikely to ever change. > >> * There is no migration story from Legacy BIOS to UEFI - > >> repartitioning effectively mandates a reinstall. As a result, we > >> don’t drop support for existing Legacy BIOS systems yet, just new > >> installations. > >> * There is no way to deprecate hardware without causing some amount of friction. > >> * While at the time AWS did not support UEFI booting, that is no > >> longer the case and they support UEFI today. > >> > >> == Benefit to Fedora == > >> UEFI is required for many desirable features, including applying > >> firmware updates (fwupd) and supporting SecureBoot. As a standalone > >> change, it reduces support burden on everything involved in installing > >> Fedora, since there becomes only one way to do it per platform. > >> Finally, it simplifies our install/live media, since it too only has > >> to boot one way per arch. Freedom Friends Features First - this is > >> that last one. > >> > >> == Scope == > >> * Proposal owners: > >> ** bootloaders: No change (existing Legacy BIOS installations still supported). > >> ** anaconda: No change (there could be only optional cleanups in the > >> code). However, it needs to be verified. > >> ** Lorax: Code has already been written: > >> https://github.com/weldr/lorax/pull/1205 > >> > > This pull request primarily drops legacy BIOS support by dropping > > syslinux/isolinux. We don't necessarily have to drop legacy BIOS > > support there if we reuse GRUB there too. Other distributions > > (openSUSE and Mageia, notably) both use GRUB for both BIOS and UEFI on > > live media. > > > >> * Other developers: > >> ** libvirt: UEFI works today, but is not the default. UEFI-only > >> installation is needed for Windows 11, and per conversations, libvirt > >> is prepared for this change. > >> ** Virtualbox: UEFI Fedora installs are working and per virtualbox > >> team, UEFI will be/is the default in 7.0+. > >> ** The Hardware Overview page should be updated to mention the UEFI > >> requirement: https://docs.fedoraproject.org/en-US/fedora/rawhide/release-notes/welcome... > >> > >> * Release engineering: [https://pagure.io/releng/issue/10738 #Releng > >> issue 10738] > >> > >> * Policies and guidelines: N/A (not needed for this Change) > >> > >> * Trademark approval: N/A (not needed for this Change) > >> > >> * Alignment with Objectives: N/A > >> > >> == Upgrade/compatibility impact == > >> Systems currently using Legacy BIOS for booting on x86_64 will > >> continue to do so. > >> > >> However, this modifies the baseline Fedora requirements and some > >> hardware will no longer be supported for new installations. > >> > >> == How To Test == > >> UEFI installation has been supported for quite a while already, so > >> additional testing there should not be required. > >> > >> == User Experience == > >> Installs will continue to work on UEFI, and will not work on Legacy > >> BIOS. Our install media is already UEFI-capable. > >> > >> == Dependencies == > >> None > >> > >> == Contingency Plan == > >> Leave things as they are. Code continues to rot. Community > >> assistance is required to continue the status quo. Current owners > >> plan to orphan some packages regardless of whether the proposal is > >> accepted. > >> > >> Another fallback option could be, if a Legacy BIOS SIG organizes, to > >> donate the relevant packages there and provide some initial mentoring. > >> Longer term, packages that cannot be wholly donated could be split, > >> though it is unclear whether the synchronization thereby required > >> would reduce the work for anyone. > >> > >> * Contingency mechanism: Delay until next release. > >> * Contingency deadline: Beta freeze > >> * Blocks release? No > >> > >> == Documentation == > >> See release notes. > >> > >> == Release Notes == > >> Fedora 37 marks legacy BIOS installation as deprecated on x86_64 in > >> favor of UEFI. While systems already using Legacy BIOS to boot are > >> still supported, new legacy BIOS installations on these architectures > >> are no longer possible. Legacy BIOS support will be removed entirely > >> in a future Fedora. > >> > >> (Additionally, the Hardware Overview page should be updated to mention > >> the UEFI requirement.) > >> > > While I'm sympathetic to this Change, I think this is way too early to > > do across the board. UEFI came onto the scene in the PC space in > > 2011~2012 with Windows 8, and even to this day, there are sufficiently > > buggy hardware platforms that Linux does not boot in UEFI mode: > > https://twitter.com/VKCsh/status/1511132132885815307 > > > > I even have one such machine, an HP desktop machine that came with > > Windows 8. My current desktop PC has problems booting Linux UEFI as > > well, though I've done "clever" things to work around that. I don't > > expect most users to be able to deal with that. Server platforms were > > *worse* as they were slower to offer UEFI. The first time I was able > > to get a server with UEFI was in 2014. > > > Maybe I don't correctly understand the "Legacy BIOS support is not > removed, but new non-UEFI installation is not supported on those > platforms." quoted from the the change description, but if you have your > system installed, it should keep working. You just keep updating. IOW as > long as you don't reinstall the system, you are fine and you don't have > to be concerned. > > If you really have a need to reinstall such machine, you'll take the F36 > image and upgrade to F37+ and you should still be good. > This is not a deprecation change, this is effectively a removal change. By removing the packages and the tooling support for legacy BIOS, it makes several scenarios (including recovery) harder. Moreover, it puts the burden on people to figure out if their hardware can boot and install Fedora when we clearly haven't reached a critical mass yet for doing so, like we did when we finally removed the i686 kernel build. I'm personally a fan of using UEFI instead of BIOS. Heck, I implemented support for UEFI in Fedora's cloud images when other people told me it was not possible, while preserving BIOS support. I've been trying to figure out the roadmap for BIOS deprecation for a year now, and the reason *I* didn't propose a Change yet is because I have not sufficiently determined that it was reasonable to do so. I'm particularly upset about this Change because it feels like a hostage change where the proposal owners blithely ignore what we're saying as unimportant or irrelevant and abuse our principles to do things that are clearly against what the community feels is right.

solutions for usability problems in Fedora Linux on UEFI because *I want our experience to be good there*. But it's extremely hard when: 1. Bugs and feature requests around UEFI related features are ignored

3. At various times, people have explicitly said "patches NOT welcome"

consequences for the user experience, and we should not do that as a premier Linux distribution. -- 真実はいつも一つ！/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel(a)lists.fedoraproject.org To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

The grub2 package had pull requests disabled until last year. That's a pretty obvious hammer to indicate patches are not welcome. That's why I couldn't send PRs to add the protected.d files for grub and had to wait for someone else to do it by filing a BZ.

On Tue, Apr 5, 2022 at 6:39 PM Chris Murphy <lists(a)colorremedies.com&gt; wrote: > > On Tue, Apr 5, 2022 at 3:08 PM Jared Dominguez <jaredz(a)redhat.com&gt; wrote: > > > The security of UEFI systems is immeasurably better. Standardized firmware updates, support for modern secure TPMs, OS protection from firmware (SMM mitigations), HTTP(S) boot support, largely shared and open sourced firmware codebases that aren't a pile of assembly code, and a lot of other features are UEFI-only. > > When users have a suboptimal experience by default, it makes Fedora > look bad. We can't have security concerns overriding all other > concerns. But it's really pernicious to simultaneously say security is > important, but we're also not going to sign proprietary drivers. This > highly incentivizes the user to disable Secure Boot because that's so > much easier than users signing kernel modules and enrolling keys with > the firmware, and therefore makes the user *less safe*. > > > >> And the amount of resistance to improving UEFI experience for hardware > >> is amazingly awful. The workstation working group has tried to figure > >> out ways to improve the experience, only to be simultaneously stymied > >> by the UEFI firmware management tools and unwillingness by anyone > >> involved to even consider that we should make this better. > > > > > > Which tools? What specific efforts have been stymied? How is any of this specific to UEFI versus trying to deal with things that aren't supported by someone? > > Namely, Fedora signing NVIDIA's proprietary driver. > > Apple and Microsoft signing NVIDIA's proprietary driver doesn't at all > indicate Apple and Microsoft trust the driver itself. It is trusting > the providence of the blob, in order to achieve an overall safer > ecosystem for their users. > > We either want users with NVIDIA hardware to be inside the Secure Boot > fold or we don't. I want them in the fold *despite* the driver that > needs signing is proprietary. That's a better user experience across > the board, including the security messaging is made consistent. The > existing policy serves no good at all and is double talk. If we really > care about security more than ideological worry, we'd sign the driver. At the very least, it would require that Fedora have a separate key that is trusted and not the same one used for shim/grub/kernel. We certainly aren't proposing that we use the standard Fedora keys to sign a binary blob that runs in kernel space from a company who was most recently hacked last month?

Woah, what happened here? Why would any Fedora package ever disable pull requests?

On Wed, Apr 6, 2022 at 8:20 AM Neal Gompa <ngompa13(a)gmail.com&gt; wrote: > > On Wed, Apr 6, 2022 at 8:04 AM Vít Ondruch <vondruch(a)redhat.com&gt; wrote: > > > > > > Dne 05. 04. 22 v 17:08 Neal Gompa napsal(a): > > > On Tue, Apr 5, 2022 at 10:54 AM Ben Cotton <bcotton(a)redhat.com&gt; wrote: > > >> https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS > > >> > > >> == Summary == > > >> Make UEFI a hardware requirement for new Fedora installations on > > >> platforms that support it (x86_64). Legacy BIOS support is not > > >> removed, but new non-UEFI installation is not supported on those > > >> platforms. This is a first step toward eventually removing legacy > > >> BIOS support entirely. > > >> > > >> == Owner == > > >> * Name: [[User:rharwood| Robbie Harwood]], [[User:jkonecny| Jiří > > >> Konečný]], [[User:bcl| Brian C. Lane]] > > >> * Email: rharwood(a)redhat.com > > >> > > >> > > >> == Detailed Description == > > >> UEFI is defined by a versioned standard that can be tested and > > >> certified against. By contrast, every legacy BIOS is unique. Legacy > > >> BIOS is widely considered deprecated (Intel, AMD, Microsoft, Apple) > > >> and on its way out. As it ages, maintainability has decreased, and > > >> the status quo of maintaining both stacks in perpetuity is not viable > > >> for those currently doing that work. > > >> > > >> It is inevitable that legacy BIOS will be removed in a future release. > > >> To ease this transition as best we can, there will be a period (of at > > >> least one Fedora release) where it will be possible to boot using the > > >> legacy BIOS codepaths, but new installations will not be possible. > > >> While it would be easier for us to cut support off today, our hope is > > >> that this compromise position will make for a smoother transition. > > >> Additional support with issues during the transition would be > > >> appreciated. > > >> > > >> While this will eventually reduce workload for boot/installation > > >> components (grub2 reduces surface area, syslinux goes away entirely, > > >> anaconda reduces surface area), the reduction in support burden > > >> extends much further into the stack - for instance, VESA support can > > >> be removed from the distro. > > >> > > >> Fedora already requires a 2GHz dual core CPU at minimum (and therefore > > >> mandates that machines must have been made after 2006). Like the > > >> already accepted Fedora 37 change to retire ARMv7 support, the > > >> hardware targeted tends to be rather underpowered by today’s > > >> standards, and the world has moved on from it. Intel stopped shipping > > >> the last vestiges of BIOS support in 2020 (as have other vendors, and > > >> Apple and Microsoft), so this is clearly the way things are heading - > > >> and therefore aligns with Fedora’s “First” objective. > > >> > > >> == Feedback == > > >> Dropping legacy BIOS was previously discussed (but not proposed) in 2020: > > >> https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject... > > >> > > >> Important, relevant points from that thread (yes, I reread the entire > > >> thread) that have informed this change: > > >> > > >> * Some machines are BIOS-only. This change does not prevent their use > > >> yet, but they are effectively deprecated. grub2 (our default > > >> bootloader) is already capable of both BIOS and UEFI booting. > > >> * Drawing a clear year cutoff, let alone a detailed list of hardware > > >> this change affects, is basically impossible. This is unfortunate but > > >> unlikely to ever change. > > >> * There is no migration story from Legacy BIOS to UEFI - > > >> repartitioning effectively mandates a reinstall. As a result, we > > >> don’t drop support for existing Legacy BIOS systems yet, just new > > >> installations. > > >> * There is no way to deprecate hardware without causing some amount of friction. > > >> * While at the time AWS did not support UEFI booting, that is no > > >> longer the case and they support UEFI today. > > >> > > >> == Benefit to Fedora == > > >> UEFI is required for many desirable features, including applying > > >> firmware updates (fwupd) and supporting SecureBoot. As a standalone > > >> change, it reduces support burden on everything involved in installing > > >> Fedora, since there becomes only one way to do it per platform. > > >> Finally, it simplifies our install/live media, since it too only has > > >> to boot one way per arch. Freedom Friends Features First - this is > > >> that last one. > > >> > > >> == Scope == > > >> * Proposal owners: > > >> ** bootloaders: No change (existing Legacy BIOS installations still supported). > > >> ** anaconda: No change (there could be only optional cleanups in the > > >> code). However, it needs to be verified. > > >> ** Lorax: Code has already been written: > > >> https://github.com/weldr/lorax/pull/1205 > > >> > > > This pull request primarily drops legacy BIOS support by dropping > > > syslinux/isolinux. We don't necessarily have to drop legacy BIOS > > > support there if we reuse GRUB there too. Other distributions > > > (openSUSE and Mageia, notably) both use GRUB for both BIOS and UEFI on > > > live media. > > > > > >> * Other developers: > > >> ** libvirt: UEFI works today, but is not the default. UEFI-only > > >> installation is needed for Windows 11, and per conversations, libvirt > > >> is prepared for this change. > > >> ** Virtualbox: UEFI Fedora installs are working and per virtualbox > > >> team, UEFI will be/is the default in 7.0+. > > >> ** The Hardware Overview page should be updated to mention the UEFI > > >> requirement: https://docs.fedoraproject.org/en-US/fedora/rawhide/release-notes/welcome... > > >> > > >> * Release engineering: [https://pagure.io/releng/issue/10738 #Releng > > >> issue 10738] > > >> > > >> * Policies and guidelines: N/A (not needed for this Change) > > >> > > >> * Trademark approval: N/A (not needed for this Change) > > >> > > >> * Alignment with Objectives: N/A > > >> > > >> == Upgrade/compatibility impact == > > >> Systems currently using Legacy BIOS for booting on x86_64 will > > >> continue to do so. > > >> > > >> However, this modifies the baseline Fedora requirements and some > > >> hardware will no longer be supported for new installations. > > >> > > >> == How To Test == > > >> UEFI installation has been supported for quite a while already, so > > >> additional testing there should not be required. > > >> > > >> == User Experience == > > >> Installs will continue to work on UEFI, and will not work on Legacy > > >> BIOS. Our install media is already UEFI-capable. > > >> > > >> == Dependencies == > > >> None > > >> > > >> == Contingency Plan == > > >> Leave things as they are. Code continues to rot. Community > > >> assistance is required to continue the status quo. Current owners > > >> plan to orphan some packages regardless of whether the proposal is > > >> accepted. > > >> > > >> Another fallback option could be, if a Legacy BIOS SIG organizes, to > > >> donate the relevant packages there and provide some initial mentoring. > > >> Longer term, packages that cannot be wholly donated could be split, > > >> though it is unclear whether the synchronization thereby required > > >> would reduce the work for anyone. > > >> > > >> * Contingency mechanism: Delay until next release. > > >> * Contingency deadline: Beta freeze > > >> * Blocks release? No > > >> > > >> == Documentation == > > >> See release notes. > > >> > > >> == Release Notes == > > >> Fedora 37 marks legacy BIOS installation as deprecated on x86_64 in > > >> favor of UEFI. While systems already using Legacy BIOS to boot are > > >> still supported, new legacy BIOS installations on these architectures > > >> are no longer possible. Legacy BIOS support will be removed entirely > > >> in a future Fedora. > > >> > > >> (Additionally, the Hardware Overview page should be updated to mention > > >> the UEFI requirement.) > > >> > > > While I'm sympathetic to this Change, I think this is way too early to > > > do across the board. UEFI came onto the scene in the PC space in > > > 2011~2012 with Windows 8, and even to this day, there are sufficiently > > > buggy hardware platforms that Linux does not boot in UEFI mode: > > > https://twitter.com/VKCsh/status/1511132132885815307 > > > > > > I even have one such machine, an HP desktop machine that came with > > > Windows 8. My current desktop PC has problems booting Linux UEFI as > > > well, though I've done "clever" things to work around that. I don't > > > expect most users to be able to deal with that. Server platforms were > > > *worse* as they were slower to offer UEFI. The first time I was able > > > to get a server with UEFI was in 2014. > > > > > > Maybe I don't correctly understand the "Legacy BIOS support is not > > removed, but new non-UEFI installation is not supported on those > > platforms." quoted from the the change description, but if you have your > > system installed, it should keep working. You just keep updating. IOW as > > long as you don't reinstall the system, you are fine and you don't have > > to be concerned. > > > > If you really have a need to reinstall such machine, you'll take the F36 > > image and upgrade to F37+ and you should still be good. > > > > This is not a deprecation change, this is effectively a removal > change. By removing the packages and the tooling support for legacy > BIOS, it makes several scenarios (including recovery) harder. > Moreover, it puts the burden on people to figure out if their hardware > can boot and install Fedora when we clearly haven't reached a critical > mass yet for doing so, like we did when we finally removed the i686 > kernel build. > > I'm personally a fan of using UEFI instead of BIOS. Heck, I > implemented support for UEFI in Fedora's cloud images when other > people told me it was not possible, while preserving BIOS support. > I've been trying to figure out the roadmap for BIOS deprecation for a > year now, and the reason *I* didn't propose a Change yet is because I > have not sufficiently determined that it was reasonable to do so. > > I'm particularly upset about this Change because it feels like a > hostage change where the proposal owners blithely ignore what we're > saying as unimportant or irrelevant and abuse our principles to do > things that are clearly against what the community feels is right. This strikes me as a very negative view of what we're trying to do. We're trying to figure out a timeline for deprecation and openly discuss, which is why this change proposal is here now. Support for legacy x86 boot is rapidly vanishing across the industry. Code is rotting in Fedora. The Red Hat team doing the work in the bootloader space doesn't have capacity for continuing support for legacy x86 boot anyway. We're attempting to communicate boundaries and available commitment and work in the community on a workable plan. This proposal includes a call for community assistance if there's sufficient desire to maintain the status quo longer. You are welcome to constructively help with that. Hearing accusations of folks, who are operating on good faith, engaging in "abuse" and executing a "hostage change" feels concerning to me. > I have been trying in the background for years to try to figure out > solutions for usability problems in Fedora Linux on UEFI because *I > want our experience to be good there*. But it's extremely hard when: > > 1. Bugs and feature requests around UEFI related features are ignored Per my reply to you yesterday, I would be grateful if you would list out examples here. This is the second time I've heard this, and it's not concrete enough for a constructive conversation on that topic.

2 - How is this our problem to solve? NVIDIA are the ones with the private source code.

On Wed, Apr 6, 2022 at 12:04 AM Gary Buhrmaster <gary.buhrmaster(a)gmail.com&gt; wrote: > > On Wed, Apr 6, 2022 at 12:59 AM Demi Marie Obenour > <demiobenour(a)gmail.com&gt; wrote: >> >> On 4/5/22 19:38, Chris Murphy wrote: >>> We either want users with NVIDIA hardware to be inside the Secure Boot >>> fold or we don't. I want them in the fold *despite* the driver that >>> needs signing is proprietary. That's a better user experience across >>> the board, including the security messaging is made consistent. The >>> existing policy serves no good at all and is double talk. If we really >>> care about security more than ideological worry, we'd sign the driver. >> >> I agree with this. Sign the driver. > > Nvidia has their driver signed for their > Windows drivers. That they choose > not to do so for Linux is their right, > even if some wish they did. > > It should be noted that while many > might wish nvidia chose a different > way, that is completely orthogonal > to bios vs uefi. Linux, like Windows, requires the distribution vendor to sign modules for automatic trust. There are a number of complicated issues that make it difficult for us to sign this particular driver, though. Notably, NVIDIA themselves acknowledges that it infringes on the GPL to redistribute built kernel module blobs of nvidia.ko[1], so that means any method of signing it needs to be done locally, which means we *need* the local signing path to be improved. [1]: https://imgur.com/LUCQ3WW

On Wed, Apr 6, 2022 at 10:18 AM Hans de Goede <hdegoede(a)redhat.com&gt; wrote: > > Hi, > > <to be clear I'm replying on a personal title here, not on > behalf of my employer (Red Hat)> > > On 4/5/22 16:52, Ben Cotton wrote: >> https://fedoraproject.org/wiki/Changes/DeprecateLegacyBIOS > > <snip> > >> Fedora already requires a 2GHz dual core CPU at minimum (and therefore >> mandates that machines must have been made after 2006). > > But machines made between 2006-2012 generally did not have > EFI support, anf for example at home I still have several > machines from that era which are BIOS only in active use: > > 1. My daughter's workstation is an i5-2400 with 8G RAM, this > is a 3.1 GHz base-freq quad-core processor very easily > matching Fedora's minimal requirements. Currently running > Fedora 35 just fine. Making it impossible to keep using this > in the future is just causing unnecessary ewaste for no good > reason IMHO. > > 2. My wife's workstation is a Core 2 Duo E6600 2.4 Ghz dual > core machine with 4G RAM, which also still works fine for > what she uses it for. > > 3. The living room laptop is another Core 2 Duo machine with > 4G RAM. > > Looking specifically at fixed PCs and not laptops this > proposal would (eventually) turn 2/5 PCs in my home > unusable, which really is unacceptable IMHO. > > Also note that all these machines use somewhat older Intel > integrated graphics. As he has already mentioned on this > this thread, Dave Airlie has just spend a lot of time on > making sure those iGPU-s will work with a gallium driver > so that the classic mesa code can be removed and it seems > rather silly to drop support for this hw after just investing > a significant chunk of time to breathe new live into their > GPU support. > > So a big -1 from me for this proposal as it stand. > > ### > > But I do completely understand that there is a workload issue > for the bootloader team and the proposal also mentions: > >> == Contingency Plan == >> Leave things as they are. Code continues to rot. Community >> assistance is required to continue the status quo. Current owners >> plan to orphan some packages regardless of whether the proposal is >> accepted. > > If the current owners no longer want to support some packages > which are only necessary for legacy BIOS support, then orphaning > these seems completely reasonable to me. > > Maybe you can provide a list of these pkgs before hand so that > people can already volunteer as co-maintainers now and then > when they are orphaned, instead of orphaning them they can > be directly handed over (using the "give away" button) to the > new maintainers ? > >> Another fallback option could be, if a Legacy BIOS SIG organizes, to >> donate the relevant packages there and provide some initial mentoring. > > I believe that that is a great idea, I hereby volunteer to > try and setup such a SIG. If anyone reading this is interested > in joining such a SIG please drop me an email. > > I realize that there have been similar attempts around keeping > 32 bit x86 alive and that those have failed, but I believe that > this is different for a number of reasons: > > 1. i686 support required making sure that *all* of Fedora kept > working on i686, the problem was not just the kernel breaking > sometimes, but also that huge projects like libreoffice would > no longer start on i686 (at least on some of my machines). > > Legacy BIOS boot support is basically only about the image-creation > tools + the bootloader. As various people have mentioned in the > thread BIOS support is still very much a thing in data-centers, > so I expect the upstream kernel community to keep the kernel > working with this for at least a couple of years. Where as both > the kernel + many userspace apps were breaking on i686. > > 2. I personally basically gave up on i686 support also because > there was very little 32 bit only x86 hw around remaining in > active use when it was dropped. And what was still on active > use was getting close to unusable from a performance pov. > Where as here we are talking about up to 2nd and 3th gen > core i5 / i7 machines which are still quite performant. > > Esp. the 2nd gen core machines (Sandy Bridge) are still > quite popular and lots of people have hung on to desktops > with those because the CPU performance increase in generations > after SNB have been rather underwhelming. > >> Longer term, packages that cannot be wholly donated could be split, >> though it is unclear whether the synchronization thereby required >> would reduce the work for anyone. > > I've been thinking about how this could be done for grub; also > because of the issue that the EFI builds of grub need to be > signed with Fedora's secure boot keys, which means only a few > people can do grub2 builds atm. > > One option which I think we should consider is sticking with > a single downstream git fork (until we have managed to get > everything we need upstream), so stick with: > > https://github.com/rhboot/grub2/ > > As the Source0 provider for the packages and then next to: > > https://src.fedoraproject.org/rpms/grub2 > > Add a: > > https://src.fedoraproject.org/rpms/grub2-bios > > And moving the build of all sub-packages which are > only necessary for BIOS support to the second src.rpm. > > This way the Legacy BIOS SIG could maintain > the grub2-bios src.rpm (and binary pkgs it builds). > The SIG _must_ then of course still submit pull-reqs to: > https://github.com/rhboot/grub2/ for any changes. > > But in case of e.g. a beta blocking BIOS only bug they > could solve that with a patch in the src.rpm and kickof > a build right away without blocking on the bootloader > team and thus without causing a spike in > work-pressure/load for the bootloader team. > > And then once the pull-req is merged (possibly > a revised version of it) the next build of > the grub2-bios src.rpm can pull in the new Source0 > and drop its local changes (IOW grub2-bios _must_ > not become a separate fork). > Constructively speaking, I would prefer to drop syslinux regardless, and porting lorax templates to use GRUB for BIOS boot for live media instead of syslinux as other distributions have done would drastically reduce the burden of things. Syslinux is a special burden in itself and I'd rather have it gone.

Per my reply to you yesterday, I would be grateful if you would list out examples here. This is the second time I've heard this, and it's not concrete enough for a constructive conversation on that topic. > 2. The packages are locked down so there is no way for the community to help > 3. At various times, people have explicitly said "patches NOT welcome" Robbie already responded to this, but I would like to add that if any of this ever actually becomes true, I would like to know so that I can address any such issue with this Red Hat team. From what I've seen, we very much welcome community involvement. In fact, we are collaborating on a daily basis with the bootloader community on grub2 and shim development.

On 4/5/22 12:29, Michael Catanzaro wrote: > On Tue, Apr 5 2022 at 11:56:07 AM -0400, Robbie Harwood > <rharwood(a)redhat.com&gt; wrote: >> Users wishing to use NVIDIA hardware have the following options: >> >> - Use nouveau (free, open source, cool) >> - Sign their own copy of the proprietary driver (involves messing with >> certificates, so not appropriate for all users) >> - Disable Secure Boot (note that this is still UEFI) >> >> The NVIDIA driver is proprietary, so of course it's not going to get >> signed. > > The user experience requirement is: user searches for NVIDIA in GNOME > Software and clicks Install. No further action should be > necessary. We didn't make the NVIDIA driver available from the > graphical installer with the intention that arcane workarounds would > be required to use it. Bingo. None of the three options Robbie suggested are reasonable for non-technical users.

On 4/6/22 06:43, Neal Gompa wrote: > On Wed, Apr 6, 2022 at 12:04 AM Gary Buhrmaster > <gary.buhrmaster(a)gmail.com&gt; wrote: >> >> On Wed, Apr 6, 2022 at 12:59 AM Demi Marie Obenour >> <demiobenour(a)gmail.com&gt; wrote: >>> >>> On 4/5/22 19:38, Chris Murphy wrote: >>>> We either want users with NVIDIA hardware to be inside the Secure Boot >>>> fold or we don't. I want them in the fold *despite* the driver that >>>> needs signing is proprietary. That's a better user experience across >>>> the board, including the security messaging is made consistent. The >>>> existing policy serves no good at all and is double talk. If we really >>>> care about security more than ideological worry, we'd sign the driver. >>> >>> I agree with this. Sign the driver. >> >> Nvidia has their driver signed for their >> Windows drivers. That they choose >> not to do so for Linux is their right, >> even if some wish they did. >> >> It should be noted that while many >> might wish nvidia chose a different >> way, that is completely orthogonal >> to bios vs uefi. > > Linux, like Windows, requires the distribution vendor to sign modules > for automatic trust. There are a number of complicated issues that > make it difficult for us to sign this particular driver, though. > Notably, NVIDIA themselves acknowledges that it infringes on the GPL > to redistribute built kernel module blobs of nvidia.ko[1], so that means > any method of signing it needs to be done locally, which means we > *need* the local signing path to be improved. > > [1]: https://imgur.com/LUCQ3WW Can we get NVIDIA to make the module build reproducible? If so, we could distribute a detached signature.

On 4/6/22 16:59, Robbie Harwood wrote: > Demi Marie Obenour <demiobenour(a)gmail.com&gt; writes: > >> On 4/5/22 12:29, Michael Catanzaro wrote: >>> On Tue, Apr 5 2022 at 11:56:07 AM -0400, Robbie Harwood >>> <rharwood(a)redhat.com&gt; wrote: >>>> Users wishing to use NVIDIA hardware have the following options: >>>> >>>> - Use nouveau (free, open source, cool) >>>> - Sign their own copy of the proprietary driver (involves messing with >>>> certificates, so not appropriate for all users) >>>> - Disable Secure Boot (note that this is still UEFI) >>>> >>>> The NVIDIA driver is proprietary, so of course it's not going to get >>>> signed. >>> >>> The user experience requirement is: user searches for NVIDIA in GNOME >>> Software and clicks Install. No further action should be >>> necessary. We didn't make the NVIDIA driver available from the >>> graphical installer with the intention that arcane workarounds would >>> be required to use it. >> >> Bingo. None of the three options Robbie suggested are reasonable for >> non-technical users. > > No, I don't think that's right. It's been a bit since I've run nvidia > hardware, but I'm pretty sure using nouveau is the default. It's less > powerful than the proprietary driver, but if it works out of the box, > it's really difficult to argue with that user experience. Nouveau does not support any graphics acceleration on Ampere, and its performance is very poor on Maxwell and later.

On Tue, Apr 5, 2022 at 8:54 AM Ben Cotton <bcotton(a)redhat.com&gt; wrote: >syslinux goes away entirely If the installation media used BIOS GRUB, syslinux could still go away. What consideration has occurred to switch from syslinux to BIOS GRUB for installation media? Is BIOS GRUB being deprecated? Or is it being discontinued in Fedora?

> Apple and Microsoft signing NVIDIA's proprietary driver doesn't at all > indicate Apple and Microsoft trust the driver itself. It is trusting > the providence of the blob, in order to achieve an overall safer > ecosystem for their users. > > We either want users with NVIDIA hardware to be inside the Secure Boot > fold or we don't. I want them in the fold *despite* the driver that > needs signing is proprietary. That's a better user experience across > the board, including the security messaging is made consistent. The > existing policy serves no good at all and is double talk. If we really > care about security more than ideological worry, we'd sign the driver. At the very least, it would require that Fedora have a separate key that is trusted and not the same one used for shim/grub/kernel.

We certainly aren't proposing that we use the standard Fedora keys to sign a binary blob that runs in kernel space from a company who was most recently hacked last month?

On the cloud side, it's been very difficult to articulate any benefits for supporting UEFI when the majority of the consumers of Fedora Cloud don't have any pressing need to do it and things like hibernation and snapshotting are non-functional. Last year, I changed Fedora Cloud to hybrid boot[6] so that our image artifacts support both boot modes.

> Akamai owns Linode, which is a prominent VPS that focuses on Linux > (Linode is a contraction meaning "Linux Node"). +1 > DigitalOcean similarly is Linux centric and so Windows doesn't matter. +1 > Most web hosting providers and VPSes are Linux-centric and so Windows > doesn't matter. +1 Ironic that Windows11 compat is being floated as any kind of rationale here.

Irrespective of this change, I would flat-out oppose moving to sd-boot. In any case, you can't use sd-boot for live media. If we were going to move to pure EFI boot manager, I'd rather use one that has a decent user experience and not a barebones crappy one.

On Wed, Apr 6, 2022 at 2:26 PM Michael Catanzaro <mcatanzaro(a)gnome.org&gt; wrote: > On Wed, Apr 6 2022 at 01:57:00 PM -0400, Neal Gompa > <ngompa13(a)gmail.com&gt; wrote: > > Moving past the Big Three(tm), the actual > > cloud providers that matter from a Fedora context are the smaller > > outfits that principally serve Linux users. These are companies like > > DigitalOcean, Linode (Akamai), Hetzner, VexxHost, and others who > > graciously do offer Fedora Linux in their platforms. All of their > > virtualization platforms are BIOS only right now, and getting them to > > switch requires them to uplift their platforms to support UEFI in the > > first place. This seems like a strong assumption to me considering that aside from the largest cloud providers (with whom Red Hat is directly working with on UEFI boot features and bug reports), cloud providers are using off-the-shelf hypervisors that support UEFI boot.

> I suppose we should consider that all or most of these platforms are > likely to drop Fedora as a supported option if we proceed with this > change proposal. > Why? VMware vSphere dropped legacy x86 boot support recently too. We already know that Windows 11 requires UEFI. We (Red Hat) are actively working with several cloud providers on UEFI-related features, some of which are not possible with legacy x86 boot. I find it much more likely that smaller cloud providers will update their software to support UEFI rather than drop OS's that require it, at least if they want to remain competitive.

On Tue, Apr 5, 2022 at 9:56 AM Florian Weimer <fweimer(a)redhat.com&gt; wrote: > > * Peter Robinson: > > > This is out of context here because you can disable Secure Boot but > > still use UEFI to make that work. You're trying to link to different > > problems together. > > I think there's firmware out there which enables Secure Boot > unconditionally in UEFI mode, but still has CSM support. The UEFI spec makes CSM and Secure Boot mutually exclusive. CSM enabled renders Secure Boot impossible. So I'm not sure how the firmware can simultaneously enforce Secure Boot, but then permit the loading of non-compliant bootloaders.

Hi, > On the cloud side, it's been very difficult to articulate any benefits > for supporting UEFI when the majority of the consumers of Fedora Cloud > don't have any pressing need to do it and things like hibernation and > snapshotting are non-functional. Last year, I changed Fedora Cloud to > hybrid boot[6] so that our image artifacts support both boot modes. Any chance for regular anaconda installs doing a hybrid boot setup too? The installed systems will look pretty much the same (gpt with both bios-boot and efi-esp partition) no matter how they where installed, and it'll be trivial to switch from BIOS to UEFI without reinstalling the system. We can fade out some stuff already (mbr support), and painless switching to UEFI for systems which where installed in BIOS mode for whatever reason should also help UEFI adaption.

On Apr 7, 2022, at 2:31 AM, Neal Gompa <ngompa13(a)gmail.com&gt; wrote: On Thu, Apr 7, 2022 at 2:20 AM Gerd Hoffmann <kraxel(a)redhat.com&gt; wrote: > > Hi, > >> On the cloud side, it's been very difficult to articulate any benefits >> for supporting UEFI when the majority of the consumers of Fedora Cloud >> don't have any pressing need to do it and things like hibernation and >> snapshotting are non-functional. Last year, I changed Fedora Cloud to >> hybrid boot[6] so that our image artifacts support both boot modes. > > Any chance for regular anaconda installs doing a hybrid boot setup too? > > The installed systems will look pretty much the same (gpt with both > bios-boot and efi-esp partition) no matter how they where installed, > and it'll be trivial to switch from BIOS to UEFI without reinstalling > the system. > > We can fade out some stuff already (mbr support), and painless switching > to UEFI for systems which where installed in BIOS mode for whatever > reason should also help UEFI adaption. > Anaconda can absolutely do it, after all, the cloud image build currently runs Anaconda (!!!) to build the image. In this scenario, grub2-pc, shim, and grub2-efi always get installed, too. This became possible with the unified config introduced in Fedora Linux 34. The problem is that right now Anaconda has some hardwired assumptions about what kind of bootloader and partitioning to request for all the default partitioning modes. It shouldn't be difficult to fix, though. Additionally, by switching to GPT by default for everything, we probably want to replace inst.gpt with inst.mbr for forcing legacy MBR. If we did this now (in F37), we could then more easily fade out BIOS support when the adoption curve is better off.

It is easier to tell people to boot the media in BIOS mode in some cases than it is to figure out how to turn off Secure Boot.

- Use nouveau (free, open source, cool)

- Sign their own copy of the proprietary driver (involves messing with certificates, so not appropriate for all users)

The user experience requirement is: user searches for NVIDIA in GNOME Software and clicks Install. No further action should be necessary. We didn't make the NVIDIA driver available from the graphical installer with the intention that arcane workarounds would be required to use it.

Put more concretely in terms of user experience: nouveau causes regular, random, immediate system freezes with RTX 20 series and RTX 30 series GPUs.

On Wed, Apr 6, 2022 at 6:31 PM Chris Murphy <lists(a)colorremedies.com&gt; wrote: > > On Wed, Apr 6, 2022 at 10:23 AM Justin Forbes <jmforbes(a)linuxtx.org&gt; wrote: > > > > Apple and Microsoft signing NVIDIA's proprietary driver doesn't at all > > > indicate Apple and Microsoft trust the driver itself. It is trusting > > > the providence of the blob, in order to achieve an overall safer > > > ecosystem for their users. > > > > > > We either want users with NVIDIA hardware to be inside the Secure Boot > > > fold or we don't. I want them in the fold *despite* the driver that > > > needs signing is proprietary. That's a better user experience across > > > the board, including the security messaging is made consistent. The > > > existing policy serves no good at all and is double talk. If we really > > > care about security more than ideological worry, we'd sign the driver. > > > > At the very least, it would require that Fedora have a separate key > > that is trusted and not the same one used for shim/grub/kernel. > > If Fedora is going to sign it, rather than improving the local signing > experience, absolutely it should be signed with a separate key. The > design should assume a revocation is going to happen at some point. > > > We > > certainly aren't proposing that we use the standard Fedora keys to > > sign a binary blob that runs in kernel space from a company who was > > most recently hacked last month? > > No way. > > I don't think there's a mechanism for it, but I'd prefer Fedora sign > the 3rd party's key rather than their binary. Maybe it's a small > distinction at the end of the day. We have not set up an infrastructure for it, but in all honesty, there is no technical reason that any 3rd party repository building and packaging the driver could not have done such a thing a couple of years ago. The mechanism has been there, pesign can sign modules. Now, asking Fedora to trust that key is a different issue, but users have to reboot after installing the nvidia drivers anyway, so clicking to accept the key isn't too much of a hurdle to jump through at that point.

Apple and Microsoft signing NVIDIA's proprietary driver doesn't at all indicate Apple and Microsoft trust the driver itself.

On Wed, 2022-04-06 at 21:03 -0500, Justin Forbes wrote: > On Wed, Apr 6, 2022 at 6:31 PM Chris Murphy <lists(a)colorremedies.com&gt; wrote: > > > > On Wed, Apr 6, 2022 at 10:23 AM Justin Forbes <jmforbes(a)linuxtx.org&gt; wrote: > > > > > > Apple and Microsoft signing NVIDIA's proprietary driver doesn't at all > > > > indicate Apple and Microsoft trust the driver itself. It is trusting > > > > the providence of the blob, in order to achieve an overall safer > > > > ecosystem for their users. > > > > > > > > We either want users with NVIDIA hardware to be inside the Secure Boot > > > > fold or we don't. I want them in the fold *despite* the driver that > > > > needs signing is proprietary. That's a better user experience across > > > > the board, including the security messaging is made consistent. The > > > > existing policy serves no good at all and is double talk. If we really > > > > care about security more than ideological worry, we'd sign the driver. > > > > > > At the very least, it would require that Fedora have a separate key > > > that is trusted and not the same one used for shim/grub/kernel. > > > > If Fedora is going to sign it, rather than improving the local signing > > experience, absolutely it should be signed with a separate key. The > > design should assume a revocation is going to happen at some point. > > > > > We > > > certainly aren't proposing that we use the standard Fedora keys to > > > sign a binary blob that runs in kernel space from a company who was > > > most recently hacked last month? > > > > No way. > > > > I don't think there's a mechanism for it, but I'd prefer Fedora sign > > the 3rd party's key rather than their binary. Maybe it's a small > > distinction at the end of the day. > > > We have not set up an infrastructure for it, but in all honesty, there > is no technical reason that any 3rd party repository building and > packaging the driver could not have done such a thing a couple of > years ago. The mechanism has been there, pesign can sign modules. > Now, asking Fedora to trust that key is a different issue, but users > have to reboot after installing the nvidia drivers anyway, so clicking > to accept the key isn't too much of a hurdle to jump through at that > point. There is potentially an even easier solution. Ideally dkms (or whatever) could simply generate a key, sign the module and manage to get the public key in the right place so that the module can be verified. But this is hard work I guess, and nobody cares about Secure Boot enough to do it?

Once upon a time, Simo Sorce <simo(a)redhat.com&gt; said: > Ideally dkms (or whatever) could simply generate a key, sign the module > and manage to get the public key in the right place so that the module > can be verified. That's not possible, is it? I assume the user has to interact with the firmware at some point to install a new key. Otherwise, the whole thing would be a waste of time.

As Robbied said, I added the /etc/dnf/protected.d/grub2-*.conf to the grub2

Do you think the user experience with grub was*good*? Turing complete language? Scripts that generate scripts that generate scripts?

> Am 07.04.2022 um 00:25 schrieb Neal Gompa <ngompa13(a)gmail.com&gt;: > > It would be useful if we do indeed get a x86 BIOS SIG as Hans de Goede > proposed. I think Fedora Server and Fedora Cloud would be interested > in such a thing, given all the caveats right now with dropping BIOS > support for server-class hardware. As the soul who currently coordinates and moderates the work of the Server WG, I would be very much in favor of such a SIG as a possible way out. If it's good enough, that is. Just coming up with the idea of removing the (new) installation of such a central part from one release to the next leaves me speechless. That's tens of thousands of devices / users affected and we don't even know how many tens of thousands. And then phrases like "..will remove it anyway". What else is there to say? I'm afraid just creating an x86 BIOS SIG is not sufficient anymore. We need a completely different spirit in this area. Don’t get me wrong. Lack of resources to maintain something is completely legitimate. But I expect more open-mindedness and willingness for constructive alternatives. And none of that is evident in the Change proposal, nor in the discussion here (by the change proposal authors). And it is OK for me to migrate to UEFI only in the long run. But not that way.

When users have a suboptimal experience by default, it makes Fedora look bad. We can't have security concerns overriding all other concerns. But it's really pernicious to simultaneously say security is important, but we're also not going to sign proprietary drivers. This highly incentivizes the user to disable Secure Boot because that's so much easier than users signing kernel modules and enrolling keys with the firmware, and therefore makes the user *less safe*.

On Wed, Apr 6, 2022 at 12:15 PM Josh Boyer <jwboyer(a)fedoraproject.org&gt; wrote: > I agree 100%. I think this is actually getting to the crux of the > issue, which is that while we have a lot of people that want BIOS > support to continue, we effectively have nobody that wants to do the > work to make it happen. In a previous thread about bios support, there was a discussion about (a mythical) someone resurrecting DUET to provide a transition path. To the best of my knowledge, no one stepped up to do that work[0]. Gary [0] Quite honestly, given that DUET was removed upstream, I would have thought looking instead at Clover (which is still supported) would be a better option, but better only in some theoretical sense, as there was no one to do that work either.

On Di, 05.04.22 17:38, Chris Murphy (lists(a)colorremedies.com) wrote: > When users have a suboptimal experience by default, it makes Fedora > look bad. We can't have security concerns overriding all other > concerns. But it's really pernicious to simultaneously say security is > important, but we're also not going to sign proprietary drivers. This > highly incentivizes the user to disable Secure Boot because that's so > much easier than users signing kernel modules and enrolling keys with > the firmware, and therefore makes the user *less safe*. Let me stress one thing though: Fedora *has* *no* working SecureBoot implementation. The initrd is not authenticated. It has no signatures, nothing.

By disabling SecureBoot you effectively lose exactly nothing in terms of security right now. What good is a trusted boot loader or kernel if it then goes on loading an initrd that is not authenticated, super easy to modify (I mean, seriously, any idiot script kiddie can unpack a cpio, add some shell script and pack it up again, replacing the original one) – and it's the component that actually reads your FDE LUKS password. I mean, let's not pretend unsigned drivers were a big issue for security right now. They are now, we have much much much wider gaping holes in our stack. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel(a)lists.fedoraproject.org To unsubscribe send an email to devel-leave(a)lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

majid hussain <mhussaincov93(a)gmx.com&gt; writes: > hi, > could someone kindly tell me if my toshiba l750 machine has EFI support? > i'm blind and efi/bios screens are in accessible.

Easiest is probably to do: ls /sys/firmware/efi This tells you whether the machine booted using UEFI. anaconda will set up a UEFI-capable system if booted that way, unless partitioning is overridden to prevent that. If it didn't boot using UEFI today, that doesn't mean it can't (you could check with a live image as well). UEFI tends to be enabled on machines made these days by default for Windows logo requirements, but this is firmware land, and there are no absolutes.

Changing UEFI setting in the firmware is a big problem. We know that a) it can only be done by tweaking settings in the firmware interface which looks different on every machine, b) users find it very hard in general, and c) for blind users it's virtually impossible.

On 07/04/2022 10:43, Lennart Poettering wrote: > Do you think the user experience with grub was*good*? Turing complete > language? Scripts that generate scripts that generate scripts? +1. Current GRUB2 is a collection of hacks. Even the upstream abandoned it, and it currently maintained mainly in downstream.

On Wed, Apr 6 2022 at 03:35:38 PM -0400, Jared Dominguez <jaredz(a)redhat.com&gt; wrote: > This seems like a strong assumption to me considering that aside from > the largest cloud providers (with whom Red Hat is directly working > with on UEFI boot features and bug reports), cloud providers are > using off-the-shelf hypervisors that support UEFI boot. I'm going to ask the proposal authors to at least mention this as a risk in the Feedback section of the change proposal. Maybe cloud providers will all see this as a good opportunity to enable UEFI on their platforms, and we'll be perfectly fine. I rather suspect it's not going to happen quite so smoothly, though....

We have not set up an infrastructure for it, but in all honesty, there is no technical reason that any 3rd party repository building and packaging the driver could not have done such a thing a couple of years ago. The mechanism has been there, pesign can sign modules. Now, asking Fedora to trust that key is a different issue, but users have to reboot after installing the nvidia drivers anyway, so clicking to accept the key isn't too much of a hurdle to jump through at that point.

On Thu, 2022-04-07 at 16:16 +0200, Zbigniew Jędrzejewski-Szmek wrote: > On Thu, Apr 07, 2022 at 10:58:29AM +0200, Peter Boy wrote: > > > > > > > Am 07.04.2022 um 00:25 schrieb Neal Gompa <ngompa13(a)gmail.com&gt;: > > > > > > It would be useful if we do indeed get a x86 BIOS SIG as Hans de Goede > > > proposed. I think Fedora Server and Fedora Cloud would be interested > > > in such a thing, given all the caveats right now with dropping BIOS > > > support for server-class hardware. > > > > As the soul who currently coordinates and moderates the work of the Server WG, I would be very much in favor of such a SIG as a possible way out. If it's good enough, that is. > > > > Just coming up with the idea of removing the (new) installation of such a central part from one release to the next leaves me speechless. That's tens of thousands of devices / users affected and we don't even know how many tens of thousands. And then phrases like "..will remove it anyway". What else is there to say? > > > > I'm afraid just creating an x86 BIOS SIG is not sufficient anymore. We need a completely different spirit in this area. > > > > Don’t get me wrong. Lack of resources to maintain something is completely legitimate. But I expect more open-mindedness and willingness for constructive alternatives. And none of that is evident in the Change proposal, nor in the discussion here (by the change proposal authors). > > > > And it is OK for me to migrate to UEFI only in the long run. But not that way. > > This summarizes my feelings about the proposal very well. > > We should look to the Xorg → Wayland transition for inspiration: > it's long, it's messy, it requires a lot of effort from people doing > the work, and it's still not finished. Those are the downsides. But > the big upside is that we're not leaving users who need Xorg in the > ditch. > > A similar pattern should be followed here: encourage users to switch, > fix bugs so that $new is better than $old in all cases we care about, > iterate until the number of users on $old is negligible, > *then* announce that $old is not supported, but keep it working, > and only after that start cutting off parts of $old. > > The proposed plan seems to be to jump to the last two steps before the > middle parts have been done. Based on the examples posted to this > thread, it'd leave our users and developers with 10%–30% of hardware > unsupported by the next installer. It also depends on changes that are > only *planned* in external projects like VirtualBox and libvirt. > > Sorry, but the plan needs to be inverted to at least make sure that > the UEFI works for all the cloud providers and virtualization software > in a testable way, and then switch to UEFI as the default in as many > places as possible. Then we can talk about dropping support for BIOS, > taking into account how many users are still left with BIOS-only > hardware. FWMOIW this sounds like the most reasonable comment I have seen here. The plan is nice, it is just trying to get to the end goal too fast, more nuanced steps are necessary and more time. Too many users would be left behind otherwise.

This is a proposal. Nothing has changed yet. The choice is now whether to go forward with it or come together with a cohesive alternative, including one of the two listed in the proposal. But we need a solution that accounts for the existing maintainers not having capacity to continue maintaining legacy code. I've seen responses from

On 05/04/2022 17:44, Neal Gompa wrote: > It is easier to tell people to boot the media in BIOS mode in some > cases than it is to figure out how to turn off Secure Boot. Legacy boot on modern hardware is a hack[1]. Some hardware manufactures even doesn't test CSM support.