The Good:
- GPT is a much needed replacement for the old msdos partition table. None of the other partition tables caught on, and it really took some strong concerted effort to get us to move away from that archaic mess (4 primary partitions, oh humor). It supports enough primary partitions to never have to think about logical ones again, it has a redundant backup copy of the partition table in case the front one becomes corrupted or damaged so partitions can be recovered, and it doesn't have an unnecessary mess of bootloader space resting inside it, which means Grub can't stuff its bloated mass into the partition table as well.
- The traditional firmware -> payload a disk -> load a bootloader to load an OS on that disk -> execute OS payload model of exection is kind of dumb. UEFI eliminates the need for a bit of this work by making the firmware partition aware and letting it payload an executable directly. EFIStub Linux kernels or Windows 7+ can act as UEFI executables.
- They use file extensions! EFI payload binaries are .efi files. Good someone has some static typing sense.
- Secure boot. The given reason behind it is to protect from malignant bootable executables replacing bootloaders or kernel payloads to run malicious software. In reality, modern operating systems are (and if not, should be, your fault for installing a crummy OS) very protective of their bootloaders and essential system files already. It requires root permissions on Linux and a bunch of security prompts on Windows to alter the device contents referring to kernels and bootloaders. In reality, secure boot is just a wall to walled-garden the space of executable programs on UEFI equipped devices. Especially because fucking Microsoft is the certificate authority to key EFI binaries. Come the fuck on. If it had been an independent consortium (given the track record for key signing independent sources isn't that great either.. Verisign, ugh) it might have looked less obviously like Microsoft was trying to lock down consumer hardware.
- There is effectively no cross-platform inherent support for backwards compatability with msdos disks, ahci boot options, and UEFI doesn't by default provide a boot device selection option, just the EFI shell.
- The EFI shell is dumb for a plethora of reasons. One, you don't need a freaking shell on top of a configurable firmware interface. You don't need to have arbitrary executables in the firmware. You don't need a dozen utility applications that are useless when every operating system provides their own. People are inertial and keep using what they know best, even if having an efi memtest, prime95, meminfo, cpuinfo, etc would be nice in theory, the shell was not well thought out and is mostly a rip of Windows powershell. Hint: terminals in NT based oses (and dos ones too) were shit. You want hardware configuration options in an ncurses interface like every bios before had, and the ability to select from all reachable EFI binaries what to run. That would have been great.
- EFI still doesn't solve the age old problem of device initialization. Every modern OS still has to re-probe every bus and device hub to figure out what is available, even after the POST test already found everything and handled it. The firmware of EFI must have its own video driver somewhere, since it uses almost any graphics out solution there is. But the NT and Linux kernels will always use their own drivers then, instead. The real problem is that the firmware on the mobo is fixed sized small and flashable ROM, whereas the OS kernels are loading device drivers from disk since they can only situationally flash the board rom. In a perfect world, the board firmware would provide the device drivers to the OS and those could be updated from firmware or OS without having to reflash the whole of the onboard memory. We have great toggle nand now, we should put that on instead. This way, the firmware and operating systems could get drivers from one place and the OS could use alternatives if it really wanted to. (note, I am a hypocrit because I was just talking about interia and transferring the entire architecture of kernel mod drivers from being on disk to being a payload of EFI firmware is ridiculously complex). My point is that it is very dumb that the firmware will initialize almost every device with its own drivers (usb ports, ps2 ports, networking, and video devices at least, because it needs to probe disks, find input devices, download its own updates over dhcp networks, and display the firmware interface) and then the OS will also use its own device drivers for the same hardware that was already initialized.
The Stupid:
- Graphical interfaces. While not an inherent EFI standard, every major mobo manufacturer got the bright idea to at least quadruple firmware size to support vector graphics, gifs (I'd imagine?) transparency, fidelity, and a bunch of other eye candy features to give users gui programs for firmware. I am a stick in the mud here - and the efi configuration utilities don't add any real value to the experience. The old ncurses style bios utilities that required keyboard naviagation had the exact same usability sans the mouse clicking these uefi firmwares do, without all the graphics crap making payloading take microseconds longer than is necessary.
- Secure Boot. Because its not just bad, its stupid, because Microsoft will never get away with their master plan of locking down OEM hardware.
- FAT32 being the efi partition standard. It is an old piece of crap that is the product of Microsofts filesystem ingenuity. They should have developed a specialized simple low overhead filesystem for the efi system partition that was an open standard. Because we should have been using fat16(or another 16 bit sector pointer), not fat32, but Microsoft requires it to install Windows 7 in efi mode, because there is dumb overhead of 32 bit sector pointers on partitions that should never be over 256mb in size in any practical use case.
I 'd say EFI or UEFI or whatever is at most a rant by several manufacturers. I am not a firmware-bootloader expert, but I wonder what are the reasons for not having the BIOS incremented with better options instead of reinventing the wheel and call it EFI. Maybe that was a way for Intel to approach Apple and sell them their CPUs, and at the same time a way for Apple to approach Intel so that Intel would not have to worry by using Open Firmware. But in the end, who cares for Apple? What is the point of polluting the IBM PC space with such a crap? In the same way of doing business, they could have gone for more: they could have called GPUs something such as "R.R.P.U" where R.R. stands for Reality Replacers, and the list could go on for ever. So I would say that manufacturers should stick to what they know better and not attempting all the time to monopolize markets; we all know by now what happened to the glorified Intel SSD controllers, to say the least
ReplyDeleteIts nice seeing a three year old ranty blog post seeing comments!
ReplyDeleteUEFI became a thing solely because the old bios model was pretty broken. It was primitive, and while for personal computing primitive was fine, there was (and is) industry pressure for things like signed bootloaders, pre-boot shell environments, and such. Of course, all of this could have been accomplished easily with coreboot payloads.
If you spend time working on and with the hardware scene (pretty much anything above a iommu board) you quickly figure out that one of the greatest weapons in silicon warfare is IP and patents, even worse than software patents, and to a degree where controlling the firmware is just a natural extension of aggressive IP warfare at the fab level. It is really surprising that AMD even tries, considering every other player in the market loves maximing what they can control, firmware being at the top of the list.
Open firmware just does not make much business sense in a world where people just do not care about it. The only reason we have projects like royalty free media codecs or open source video card drivers with documentation is because there is a demand for it. And nowadays the only way to talk with your wallet on the topic of firmware is to basically just buy AMD boards supported by coreboot, which for a lot of use cases just is not a good enough option.
Hello again, nive blog by the way :) I am thinking I was a bit harsh in my first post - I mean I had a sudden starting writing off my "essay", so apologies for that. Anyway, if you wonder how it happened that I commented on your aged post, is that I am near upgrading (finally) my setup, as I did not have any money so far and I was looking at PCIe SSDs, or should I say NVMe and how they are supposed to require UEFI to work. That seemed strange to me and I may say bugged me somehow, so on to Google and your blog :) Regarding the IP warfare and that stuff, I am almost sure myself as well that controlling silicon is much more powerfull than controlling software. Seeing how complicated CPUs have been, reverse engineering designs may be non practical, even for most governments - but I may be completely wrong here. My main point is that consumer designs could be very well not as nearly as complicated and/or fast as some of the technology available to some governments. For example, I remember how the american Navy is supposed to have ordered some of the first quantum computers available; obviously, is nice to have raw power at your disposal.
ReplyDeleteWell, enough said about hardware, as for open source software, I believe also that having open source may be a good thing especially for starters, to make digital information and logic more "approachable". Sooo, I stop here; thanks alot for the info about coreboot and that stuff. It may come handy the moment I am going to purchase my new computer as I am not really having a good feel about efi/uefi (for all the reasons I described in my first post)
best regards
P.S. I reposted for typos and syntax :)