| 1 |
On Thu, 13 Jul 2017 07:09:45 -0400 Rich Freeman wrote: |
| 2 |
> On Thu, Jul 13, 2017 at 2:30 AM, Andrew Savchenko <bircoph@g.o> wrote: |
| 3 |
> > On Wed, 12 Jul 2017 17:42:50 -0700 Matt Turner wrote: |
| 4 |
> >> On Wed, Jul 12, 2017 at 5:29 PM, Lucas Ramage <ramage.lucas94@×××××.com> wrote: |
| 5 |
> >> > What needs to be changed for the bootloaders? I may be able to assist. |
| 6 |
> >> |
| 7 |
> >> The documentation should be updated to say that with OpenRC 0.28 that |
| 8 |
> >> you'll have to remount efivars as RW before you can install the |
| 9 |
> >> bootloader (e.g., grub-install) |
| 10 |
> >> |
| 11 |
> >> The command I use locally to remount rw (since I have configured |
| 12 |
> >> efivars to be mounted read-only in fstab) is |
| 13 |
> >> |
| 14 |
> >> mount -o remount,rw /sys/firmware/efi/efivars |
| 15 |
> > |
| 16 |
> > We don't have that much efi bootloaders. Maybe it will be better |
| 17 |
> > to update their scripting to remount efivars rw and back ro when |
| 18 |
> > needed? The same way we have non-efi bootloaders to mount /boot |
| 19 |
> > partition when needed. |
| 20 |
> > |
| 21 |
> |
| 22 |
> Presumably you'd only want to remount it if it was mounted ro to |
| 23 |
> start, since it sounds like openrc will be diverging from systemd |
| 24 |
> behavior here. |
| 25 |
> |
| 26 |
> While it seems like a good idea I'm not sure how big an improvement it |
| 27 |
> is in the larger scheme. We're worried about root accidentially |
| 28 |
> modifying efivars, but we have no safeguards against root writing to |
| 29 |
> /dev/sda, and the latter seems much more likely to cause harm, and is |
| 30 |
> harder to fix. |
| 31 |
|
| 32 |
Writing to /dev/sda may kill data stored there, but hardware itself |
| 33 |
will survive. Writing to efivars kills hardware and this is the |
| 34 |
motivation for this change. See [1] and [2] for details. Poettering |
| 35 |
says this is OK to hard brick device, well fine, this is systemd |
| 36 |
way. OpenRC is smarter here and protects users from unintended |
| 37 |
disaster. |
| 38 |
|
| 39 |
Data can be restored from backup, but hard bricked hardware may |
| 40 |
become completely dead beyond repair or require a very complicated |
| 41 |
soldering. So I see this issue much more serious than writing |
| 42 |
to /dev/sda. |
| 43 |
|
| 44 |
[1] https://github.com/openrc/openrc/issues/134 |
| 45 |
[2] https://github.com/systemd/systemd/issues/2402 |
| 46 |
|
| 47 |
Best regards, |
| 48 |
Andrew Savchenko |
Archives