This hard codes the size of the EFI fat partition. Ideally, we'd stat the boot1.efifat file and use its size.

Even better would be to allocate 5MB of space, newfs_msdos it and copy /boot/boot1.efi to there
as efi\boot\bootx64.efi so that people have a little bit of extra space for upgrades to their BIOSes and
such. OTOH, this may be too esoteric to do by default. So if you don't do this, at least do the stat thing.

However here I'd be tempted to leave this as is because the boot blocks can grow up to about 540k in size before there's issues with boot1. boot1.efi can be substantially larger before there's an issue, but boot1 really can't.

Rather than calling partcode_path() twice, save the result here and reuse it below..

This space (1MB -> 2MB) is for...?

Add a comment explaining why the two cases are handled differently

imp

TBH, I never understood why we created boot1.efifat in the first place, rather than just using 'newfs_msdos' and 'cp'.

the bookcode grew. It was 512 or 800kb, it is now 512+800kb.

my understanding was that our newfs_msdos did not always produce a file system that all computer could boot from. I am not sure the details, maybe emaste knows

See the other revision for why this is a bad idea from a security POV. Please keep this in a separate patch for the time being until our boot loaders can handle this case properly.

We're making boot1.efifat to simplify the logic in the installer. The EFI boot partition is not mounted anywhere in the current scheme of things and we have no other platforms with per-platform file system requirements. Thus, making it with newfs_msdos would require a great deal of specialty logic not otherwise required.

@allanjude newfs_msdos can create them: the boot1.efifat images are created with newfs_msdos -F 12 -L EFI $DEVICE. See sys/boot/efi/boot1/generate-fat.sh.

I do think we want some improved logic for handling the ESP as part of broader installer improvements - ideally the installer could find an existing ESP on the target device and offer to install boot1.efi into it. The pre-canned FAT image was a convenient way to fit EFI into the existing installer/gpart infrastructure, but there's no reason it has to be done that way.

Some ARM SoCs require a FAT partition with UBOOT (and often other) images on it. We currently kinda hack around that by DDing images created by NanoBSD, Crochet, or the release process onto an SD card. It's a flaw that the installer doesn't support creating them, but since there's usually only one device, you'd have to netboot the installer, which on many SoCs requires those fat partition and files. The UEFI support is just another instance where that's required, but with different files required.

@imp We'll probably want at least a 200 MB EFI FAT partition, since there's normally only one per system and it gets used in multi-boot scenarios.

https://wiki.archlinux.org/index.php/EFI_system_partition says:

To avoid potential problems with some UEFI implementations, the ESP should be formatted with FAT32 and the size should be at least 512 MiB. 550 MiB is recommended to avoid MiB/MB confusion and accidentally creating FAT16 [1], although larger sizes are fine.

According to a Microsoft note[2], the minimum size for the EFI system partition (ESP) would be 100 MiB, though this is not stated in the UEFI Specification. Note that for Advanced Format 4K Native drives (4-KiB-per-sector) drives, the size is at least 256 MiB, because it is the minimum partition size of FAT32 drives (calculated as sector size (4KiB) x 65527 = 256 MiB), due to a limitation of the FAT32 file format.

This diff is old, currently we create a 200MB FAT16. For many images, 500+MB is getting to be a rather large bit of the available space, especially for VMs and USB images etc.

Oh, thanks. Good point about VMs etc., I agree 500+ MB is rather large for them.

The UEFI 2.3.1 specification mandates the use of FAT32 though, so FAT16 is non-standard:

EFI encompasses the use of FAT32 for a system partition, and FAT12 or FAT16 for removable media. The FAT32 system partition is identified by an OSType value other than that used to identify previous versions of FAT. This unique partition type distinguishes an EFI defined file system from a normal FAT file system. The file system supported by EFI includes support for long file names.

(seen via https://bugs.launchpad.net/ubuntu/+source/partman-efi/+bug/811485)