Why does FreeBSD-SA-17:04.ipfilter update /boot/loader.efi ?

I ran freebsd-update for the FreeBSD-SA-17:04.ipfilter update and noticed that /boot/loader.efi was also one of the files that was updated. I don't understand how an ipfilter patch also requires changes to a boot loader file.
 
I don't understand how an ipfilter patch also requires changes to a boot loader file.

loader.efi is what actually loads the kernel. I'm not sure but the reason it was updated may be due to Secure Boot.
 
getopt As you can understand I am trolling.

I feel very sarcastic today because after many years I had to install Windows in order to connect to a Vmware ESXi host.
 
loader.efi is what actually loads the kernel. I'm not sure but the reason it was updated may be due to Secure Boot.

Even if that is the reason, why is it only delivered via freebsd-update? Why is it not reflected in the svn revision?
 
Even if that is the reason, why is it only delivered via freebsd-update? Why is it not reflected in the svn revision?
Just speculation adding to previous speculation - because source code doesn't change at all, only hashes of the loaded binaries which are not known until the build phase, when they may be inserted into the loader binary?
 
Back
Top