[Oberon] Re (2): Re (2): UEFI
Liam Proven
lproven at gmail.com
Tue Jun 15 18:57:17 CEST 2021
On Tue, 15 Jun 2021 at 18:11, <peter at easthope.ca> wrote:
>
> IME is separate from UEFI. Correct?
Yes. Separate from and totally unrelated to.
UEFI is system firmware: the onboard software in non-volatile memory
that allows the computer to start up, perform some self-tests,
initialise the hardware and load an OS. On x86-64 PCs, it replaced the
traditional PC BIOS. On Intel Macs, it replaced OpenFirmware as used
on PowerPC Macs. It runs on the main CPU when the computer is powered
on, and after the computer boots an OS the UEFI is no longer doing
anything very important -- the OS calls it for some power-management
functions but little else. Some OSes of course do not have any power
management so do not even do this.
It is extremely roughly analogous to the starter motor in a petrol or
diesel engined vehicle.
Some form of firmware is an absolute requirement and without it a
computer cannot boot an OS. It cannot readily be replaced.
IME is an embedded system-management OS running on a dedicated,
separate processor within all modern Intel CPUs. It is intended for
remote management of servers. It is running all the time that the
computer is on, but does not directly interact with the OS. Mostly,
older computers did not have this at all -- it used to be purely for
remote management of server hardware.
It is extremely roughly analogous to the little CPU managing the
electronic dashboard of a modern car: it may be able to control some
functions of the vehicle (entertainment system,
heating/air-conditioning, maybe even indicators or reversing cameras)
but it is not powering the vehicle in any way and it is entirely
possible that it could be ripped out but still leave the vehicle
usable.
> IME provides another way that an external party might access a machine
> for a purpose unwanted by the machine owner.
It does.
> UEFI imposes another layer of complexity not intrisic to the user
> objective but requiring attention for the machine to serve a purpose.
Not really, no.
Very early minicomputers had no firmware at all, but had toggle
switches on the front panel so that you could directly enter
instructions in binary and place them in memory. To load an OS or
program from tape, you had to manually enter in a boot loader, dozens
or even hundreds of instructions.
This was very tedious and required careful expert knowledge -- very
few people were able to do it from memory, but it did happen.
It took 10-15min of work to enter the code and then you could start your OS.
Modern computers have no front panel like this. Without some firmware
in a ROM chip, you could not use the computer _at all_. The firmware
is what loads your OS from disk.
You need it. UEFI is the modern replacement for what 20th century PCs
used to call the BIOS.
It is not optional. It cannot be replaced with anything else.
Some late BIOS-era computers, e.g. early Lenovo Thinkpads, can have
their firmware replaced with a FOSS equivalent:
https://coreboot.org/
You need to open up your machine and connect another computer to it in
order to be able to write code to the flash ROM that the manufacturer
did not authorise.
I do not know of any UEFI machines where this is possible. (I could be
wrong.) I don't think I know of any new hardware that comes with
Coreboot or similar instead of UEFI. (I would be happy to be wrong.)
So, whether we like UEFI or not, it is here, it is part of all native
64-bit PCs and Macs, and it is part of the computer industry. We have
no choice over this.
> In the Oberon philosophy, neither of those is desirable.
IME may not be. (Choose an AMD machine if you prefer.)
UEFI is not a choice; there is no other option if you want a modern
x86 computer.
The Raspberry Pi does not include UEFI but it does have very simple
firmware. The Zero and RasPi 1/2/3 loaded this from microSD card. The
RasPi 4 has a tiny bit of it onboard.
However, in the RasPi, the ARM CPU is not the master controlling CPU
of the computer. That is the GPU. The RasPi GPU is what boots the
computer: it loads `kernel.img` from micro SD, puts it in RAM, then
the GPU starts the ARM core and hands control over to it.
The GPU runs ThreadX and again there is no choice about this. There
was a FOSS effort to replace it, but it stalled and is incomplete.
https://github.com/christinaa/rpi-open-firmware
You can put UEFI onto a MicroSD card and boot that if you wish, then
load an OS from it, but this has limitations.
https://github.com/pftf/RPi4
However, you can run whatever OS you want on a RasPi. Alongside dozens
of Linux distros, it also runs Plan 9 (that is, Unix 2.0), OpenBSD,
FreeBSD, NetBSD, and RISC OS Open.
RISC OS is totally non-Unix-like and is essentially a 32-bit port of
the early-1980s Acorn BBC Micro's MOS operating system to the newer
Archimedes range. RISC OS was the first ARM OS and is today FOSS.
Interesting historical footnote: Acorn developed & took RISC OS to
market because its internal effort to build an all-new OS failed. This
OS was to be called ARX and was written in Modula-2. So, in a way,
Oberon and A2 are much like what Acorn _intended_ the Archimedes to
run.
--
Liam Proven – Profile: https://about.me/liamproven
Email: lproven at cix.co.uk – gMail/gTalk/gHangouts: lproven at gmail.com
Twitter/Facebook/LinkedIn/Flickr: lproven – Skype: liamproven
UK: +44 7939-087884 – ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053
More information about the Oberon
mailing list