On Friday, 3 July 2020 03:05:34 BST Andrew Udvare wrote: > On 02/07/2020 06:56, Peter Humphrey wrote: > > But then, > > # bootctl set-default 30-gentoo-5.7.7.conf > > Failed to update EFI variable: Invalid argument > > Probably the kernel is blocking write access to EFI. This is on purpose > for safety as you can damage your firmware quite easily. systemd-boot > and others do not have this restriction.
Is there some way for me to remove this restriction temporarily? > You also should be careful writing to the EFI too much as the NVRAM flash may > not be of high quality. Yes, I do only write to it when I have to. I hope Asus would use decent- quality components though. > https://lwn.net/Articles/674940/ Interesting - thanks. > You can try using `chattr -i` against the files like: > > chattr -i /sys/firmware/efi/efivars/Boot* > > Then you can try with bootctl and others, but this is not guaranteed to > work. Those files were already among the 17 that were mutable. It seems I need to find which of the other 117 files I need to make mutable. > On my ASUS motherboard I haven't been able to write to EFI variables > from within Linux for a long time. I have to add my keys in the BIOS and > set the default in systemd-boot. Looks like I'm in the same boat. Except that setting the default in systemd- boot is exactly what I can't do! > The logic to write to a file in efivars is here: > > https://github.com/torvalds/linux/blob/master/fs/efivarfs/file.c#L15 > > If you use strace with bootctl you'll probably see one of these errno > values. I think what I'm seeing comes from this: if (attributes & ~(EFI_VARIABLE_MASK)) return -EINVAL; Perhaps I should just stop here and revert to setting the default at the UEFI boot-choice screen. Many thanks for your help, Andrew. -- Regards, Peter.
