Dear Felix On Fri, 10 Jan 2025 15:51:30 +0200 Roman Riabenko via <[email protected]> wrote: > On Thu, 09 Jan 2025 13:45:03 -0800 > Felix Lechner <[email protected]> wrote: > > > Hi Roman, > > > > On Thu, Jan 09 2025, Roman Riabenko wrote: > > > > > some distributions turn this backend off by default to prevent users > > > from getting into a trap. However, they seem to turn it off when > > > packaging the software, not via a kernel argument. > > > > It's in the kernel's configuration, i.e. the first hit here. [1] > > > > I looped in Leo and Wilko. (EFI dump files exhaust space on the ESP.) > > > > Kind regards > > Felix > > > > [1] https://codesearch.debian.net/search?q=pstore_disable&literal=1 > > Indeed, in the current kernel configuration, the option is not set. > > $ gunzip < /proc/config.gz | grep PSTORE | grep EFI > CONFIG_EFI_VARS_PSTORE=m > # CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE is not set
Debian maintainers rejected a request to set the option in the past: https://bugs-devel.debian.org/cgi-bin/bugreport.cgi?bug=924794 I downloaded the current Debian kernels from the stable release (Bookworm) and Sid and checked that it does not have the option set. Instead, Fedora has the option set to disable this backend by default: https://src.fedoraproject.org/rpms/kernel/blob/rawhide/f/kernel-x86_64-fedora.config#_2098 Arch Linux has a similar issue report undecided: https://bugs.archlinux.org/task/70140 It appears, that the objective of introducing the option was to maintain the existing behaviour but allow the user to override it on problematic hardware: https://lore.kernel.org/lkml/20130312211417.GC16558@thinkpad-t410/ It looks like there are some advantages and disadvantages to setting the option. The difference seems to be in distributions' approaches to what they think their users would want. 1. The default is to enable the backend so that the users can troubleshoot kernel issues. Turning the backend off is considered optional for faulty UEFI implementations. 2. Instead, some distributions want to limit writing to EFI variables to prevent issues with faulty UEFI implementations from happening at all. What kind of distribution is Guix System? Maybe a third option of not trusting the proprietary UEFI? Kind regards Roman
