Source: efivar Version: 38-3.1 Severity: minor Tags: patch X-Debbugs-Cc: [email protected], [email protected]
Dear Maintainer, In efivar upstream there is an outstanding patch to enable storing the EFI variables in the ESP. The description of the patch is as follows: EFI is becoming more common on embedded boards with the embracing of SystemReady-IR. U-Boot which is the most commonly used firmware, is usually storing the EFI variables in a file in the ESP since [1]. That makes it impossible to support SetVariable at Runtime reliably, since the OS doesn't know how to access, read or write that file. OSes usually need SetVariable at runtime for three reasons: - Set the BootOrder - Enable UEFI Secure Boot - OSIndication to signal capsule updates on-disk. Since the variables are stored in a file U-Boot enables SetVariable at runtime in the EFI config table and stores any updates in RAM. At the same file it creates 2 volatile variables: - RTStorageVolatile is the location of the file relative to the ESP - VarTofile contains a binary dump of the EFI variables that need to be preserved on the file (BS, RT, NV) - U-Boot fills in the VarToFile dynamically on reads and that includes any updates the OS did in the meantime. The patch updates efivar to do the same thing. Once a variable is written to the efivarfs, make sure efivars is mounted as rw and scan for the file "RTStorageVolatile". If we find that, copy the "VarToFile" contents in a file and preserve the variables across reboots. In theory this change is transparant to the user, as the code path will only be used if the file exists on the ESP, thus shouldn't introduce any new bugs. I would like this to get into trixie before the freeze, then once the patch is merged upstream drop it. We are struggling to install Debian using the installer ISO on SystemReady-IR targets due to D-I complaining because the installer installs grub and sets Boot0000 as the default boot option, which fails because SetVariable at runtime isn't supported. With this patch applied, SetVariable becomes supported on SystemReady-IR platforms. I can (and will if no objections to this bug) do the work here to: 1) update efivar 39 from upstream. 2) apply the patch[1]. Please let me know of any objections. Cheers! Chris [0]: https://github.com/rhboot/efivar/pull/267 [1]: https://lore.kernel.org/u-boot/[email protected]/T/ -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.12.21-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
