[PATCH 10/16] efi_loader: UEFI variable persistence
Punit Agrawal
punit1.agrawal at toshiba.co.jp
Mon Mar 30 12:03:27 CEST 2020
Heinrich Schuchardt <xypron.glpk at gmx.de> writes:
> On 3/27/20 9:07 AM, Punit Agrawal wrote:
>> Heinrich Schuchardt <xypron.glpk at gmx.de> writes:
>>
>>> Persist non-volatile UEFI variables in a file on the EFI system partition.
>>>
>>> The file is written:
>>>
>>> * whenever a non-volatile UEFI variable is changed after initialization
>>> of the UEFI sub-system.
>>> * upon ExitBootServices()
>>
>> I might be missing something but how does this cope with the ESP being
>> on a storage medium access to which is owned by the OS at runtime? e.g.,
>> partition on eMMC or SATA drive.
>
> This development does not guard against manipulation by the OS.
>
> Ilias is cureently working on a solution for ATF based devices that will
> provide secure storage for variables.
Thanks for the clarification.
So the current patches are more RFC material - as it would be worth
seeing the whole picture before things start getting baked in.
I only recently started looking at EFI features in u-boot and am trying
to piece the story together based on the patches in-flight.
Thanks,
Punit
[...]
More information about the U-Boot
mailing list