[U-Boot] efi_loader: implementing non-volatile UEFI variables

Wolfgang Denk wd at denx.de
Mon Jun 24 10:23:31 UTC 2019


Dear Heinrich,

In message <83a2d8c5-1b06-c502-8a63-dc3ca307deb8 at gmx.de> you wrote:
> 
> thanks a lot for the good online meeting this morning together with your
> colleague Suggan where we discussed the requirements for the
> implementation of non-volatile variables in U-Boot.
> 
> Currently UEFI variables are stored in U-Boot variables. Saving the
> U-Boot variables will persist all UEFI variables in the environment both
> volatile and non-volatile. This does not conform the the UEFI standard.

Is this the only problem of using the environment as storage?

> To provide a secure storage Linaro is considering to implement an OP-TEE
> module for variable storage and as alternative to this OP-TEE module a
> standalone MM service which will be a BL32 ATF module.
> 
> So in future we will have possibly three alternative drivers for UEFI
> variables:
> 
> - U-Boot only implementation
>   (what is now in lib/efi_loader/efi_variable.c)
> - OP-TEE module
> - standalone MM service
> 
> And maybe a fourth dummy one implementing no variable service at all.

Is this really a good idea?


If the volatile / non-volatile behaviour is the onlyh problem you
see with using environment variables, would it then not make much
more sense to extend the environment flags concept by adding a
"volatile" flag, with the meaing that such variables don;t get
written by "env save"?

This would also make sense in some other places - for example, the
"filesize" variable is a perfect candidate to be flagged as
"volatile".  There is absolutely no use in saving it persistently.


So such an extension would be useful for others, too, and might
eventually avoid so many different implementations for the same
task?  Also, the implementation should be straightforward...

Best regards,

Wolfgang Denk

-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
Accident: A condition in which presence of mind is good, but  absence
of body is better.


More information about the U-Boot mailing list