What are the broader implications when it comes to access, security, vulnerabilities, etc?

  • Ret2libsanity@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    I’m not sure I completely understand the question.

    But vendor / custom UEFI implementations could obviously pass around whatever structures they want.

    The EFI RUNTIME services - for example - could expose custom functions in a proprietary UEFI implementation. Though in my experience this usually is not the case.

    Grub should run as an EFI bootloader binary after core UEFI is done. Afaik there is no particular ring / exception level required here. It could vary depending on UEFI implantation.

    on android arm32/64 devices I obviously don’t see grub, but core EFI handles and services are not modified much. If anything it’s just expanded to support the next bootloader stage and handle stuff like key combos to select next boot image

  • segfault@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    coreboot isn’t a UEFI implementation. It is comparable to the UEFI SEC+PEI phases. It then hands off control to a payload. If you want UEFI, that’s going to still be edk2.

    • j4k3@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      What is a typical real world application for tianocore/edk2? Like who is using this and where/why? Like is this for custom hardware projects, servers, hardware hackers, OEMs?

      • segfault@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        edit-2
        1 year ago

        All UEFI system firmware uses edk2. It’s not just the reference implementation; Pragmatically, it’s the only implementation. Independent BIOS vendors (IBVs) like AMI, Phoenix, and Insyde have built all their tooling for and around edk2. Companies like System76 and Purism use it as a UEFI payload for their coreboot based firmware.