On 13.07.22 14:50, 'Tobias Schmidl' via EFI Boot Guard wrote: > Hi all, > > Jan and I have been discussing the need for a configuration file format > for efibootmgr. I've looked into different options: > > > ## INI ## > > There is a small [1] library which adds around 1500 LOCs (MIT License). > Additionally, a small parser could be written by ourself. > > Pros: > - Simple > - Easy parsable > > Cons: > - There isn't really any "standard" for an INI file. [2] has some of the > varying features. > - This means, we would also document *our* supported features. > > > ## systemd's Boot Loader Specification [3] ## > > systemd basically invented their own configuration format. > > Pros: > - Fairly well documented. Since they opened systemd.io, the > documentation of systemd improved quite a bit. > > Cons: > - There doesn't seem to be a concise and simple library for parsing > their format. This *could* be taken from the systemd source code [4], > but this is not trivial. > > > ## TOML ## > > TOML was explicitly designed to be a replacement for INI. That also > means we could sell our config format as a "well defined INI format". > > Pros: > - Well documented [5]. > - There's already a library [6], which is MIT licensed and would add > around 2550 LOCs. > > Cons: > - More complex, which *might* add a bigger attack surface. I've looked > for current CVEs and didn't find any. > > So far my recommendation would be to use TOML. > > Kind regards, > > Tobias > > [1]: https://github.com/ndevilla/iniparser > [2]: https://en.wikipedia.org/wiki/INI_file#Varying_features > [3]: https://systemd.io/BOOT_LOADER_SPECIFICATION/ > [4]: https://github.com/systemd/systemd/blob/main/src/boot/bootctl.c > [5]: https://github.com/toml-lang/toml/wiki > [6]: https://github.com/cktan/tomlc99 >
I think we should give a very simple solution a try first. That can be including some helpful lib for an established format, but my feelings say that implementing a few lines for something along option 1 might be even simpler. Jan -- Siemens AG, Technology Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/53feae6e-db97-64f1-b53f-370cc5889414%40siemens.com.
