| 1 |
On Thu, 13 Jul 2017 07:54:44 -0400 Rich Freeman wrote: |
| 2 |
[...] |
| 3 |
> >> Presumably you'd only want to remount it if it was mounted ro to |
| 4 |
> >> start, since it sounds like openrc will be diverging from systemd |
| 5 |
> >> behavior here. |
| 6 |
> >> |
| 7 |
> >> While it seems like a good idea I'm not sure how big an improvement it |
| 8 |
> >> is in the larger scheme. We're worried about root accidentially |
| 9 |
> >> modifying efivars, but we have no safeguards against root writing to |
| 10 |
> >> /dev/sda, and the latter seems much more likely to cause harm, and is |
| 11 |
> >> harder to fix. |
| 12 |
> > |
| 13 |
> > Writing to /dev/sda may kill data stored there, but hardware itself |
| 14 |
> > will survive. Writing to efivars kills hardware and this is the |
| 15 |
> > motivation for this change. See [1] and [2] for details. Poettering |
| 16 |
> > says this is OK to hard brick device, well fine, this is systemd |
| 17 |
> > way. OpenRC is smarter here and protects users from unintended |
| 18 |
> > disaster. |
| 19 |
> |
| 20 |
> Reading through those apparently bricking is considered to be a |
| 21 |
> hardware bug. Granted, it is still desirable to avoid. |
| 22 |
|
| 23 |
Yes, it can be considered as a hardware bug, as well as thousands |
| 24 |
of other issues, look at how many quirks are inside the kernel. |
| 25 |
This is how it works: software works around hardware bugs, because |
| 26 |
software is so much easier to update than hardware. |
| 27 |
|
| 28 |
> In any case, tools would still need to be compatible with both |
| 29 |
> approaches. Apparently there are commands like systemctl reboot |
| 30 |
> --firmware-setup that expect this to be writable. If we aren't going |
| 31 |
> to make the default ro under systemd then tools will need to handle |
| 32 |
> both cases. If we decide to change the default for systemd (or put a |
| 33 |
> line in the default fstab) then this issue would go away. |
| 34 |
|
| 35 |
I see no problems with compatibility. In case of software needs to |
| 36 |
write to efivars (bootloader installation, etc) algo is simple: |
| 37 |
|
| 38 |
flag = false; |
| 39 |
if (mounted(efivars) == RO) { remount(efivars, RW); flag = true; } |
| 40 |
do_usual_stuff(); |
| 41 |
if (flag) remount(efivars, RO); |
| 42 |
|
| 43 |
Best regards, |
| 44 |
Andrew Savchenko |
Archives