Hi, > > Jan and I have been discussing the need for a configuration file format > > for efibootmgr. I've looked into different options: > > > > > > ## INI ## > > > > There is a small [1] library which adds around 1500 LOCs (MIT License). > > Additionally, a small parser could be written by ourself. > > > > Pros: > > - Simple > > - Easy parsable > > > > Cons: > > - There isn't really any "standard" for an INI file. [2] has some of the > > varying features. > > - This means, we would also document *our* supported features. > > > > > > ## systemd's Boot Loader Specification [3] ## > > > > systemd basically invented their own configuration format. > > > > Pros: > > - Fairly well documented. Since they opened systemd.io, the > > documentation of systemd improved quite a bit. > > > > Cons: > > - There doesn't seem to be a concise and simple library for parsing > > their format. This *could* be taken from the systemd source code [4], > > but this is not trivial. > > > > > > ## TOML ## > > > > TOML was explicitly designed to be a replacement for INI. That also > > means we could sell our config format as a "well defined INI format". > > > > Pros: > > - Well documented [5]. > > - There's already a library [6], which is MIT licensed and would add > > around 2550 LOCs. > > > > Cons: > > - More complex, which *might* add a bigger attack surface. I've looked > > for current CVEs and didn't find any. > > > > So far my recommendation would be to use TOML. > > > > Kind regards, > > > > Tobias > > > > [1]: https://github.com/ndevilla/iniparser > > [2]: https://en.wikipedia.org/wiki/INI_file#Varying_features > > [3]: https://systemd.io/BOOT_LOADER_SPECIFICATION/ > > [4]: https://github.com/systemd/systemd/blob/main/src/boot/bootctl.c > > [5]: https://github.com/toml-lang/toml/wiki > > [6]: https://github.com/cktan/tomlc99 > > > > I think we should give a very simple solution a try first. That can be > including some helpful lib for an established format, but my feelings > say that implementing a few lines for something along option 1 might be > even simpler.
Well, this is just a list of configuration (file) formats. Usually, it's the other way round: You define what you actually want to configure, the semantics of this, and in what scopes it is used. Then you filter the available configuration (file) formats by their scope and fitness for your needs (e.g. expressiveness, simplicity, licenses, ...) and choose one or make your own if there's none available. So, can we have a specification or a (ranked) requirements list to what the configuration (file) format should actually be able configure, also to not miss something out and to be future-proof to not switch formats again? Kind regards, Christian -- Dr. Christian Storm Siemens AG, Technology, T CED SES-DE Otto-Hahn-Ring 6, 81739 München, Germany -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/20220725092453.av62xl24zvsz3vg7%40MD1ZFJVC.ad001.siemens.net.
