On Fri, 12 Feb, at 11:27:12AM, Matt Fleming wrote: > From: Peter Jones <pjo...@redhat.com> > > "rm -rf" is bricking some peoples' laptops because of variables being > used to store non-reinitializable firmware driver data that's required > to POST the hardware. > > These are 100% bugs, and they need to be fixed, but in the mean time it > shouldn't be easy to *accidentally* brick machines. > > We have to have delete working, and picking which variables do and don't > work for deletion is quite intractable, so instead make everything > immutable by default (except for a whitelist), and make tools that > aren't quite so broad-spectrum unset the immutable flag. > > Signed-off-by: Peter Jones <pjo...@redhat.com> > Tested-by: "Lee, Chun-Yi" <j...@suse.com> > Acked-by: Matthew Garrett <mj...@coreos.com> > Signed-off-by: Matt Fleming <m...@codeblueprint.co.uk> > --- > Documentation/filesystems/efivarfs.txt | 7 +++ > drivers/firmware/efi/vars.c | 87 > +++++++++++++++++++------- > fs/efivarfs/file.c | 70 +++++++++++++++++++++ > fs/efivarfs/inode.c | 30 +++++---- > fs/efivarfs/internal.h | 3 +- > fs/efivarfs/super.c | 9 ++- > include/linux/efi.h | 2 + > tools/testing/selftests/efivarfs/efivarfs.sh | 19 +++++- > tools/testing/selftests/efivarfs/open-unlink.c | 72 ++++++++++++++++++++- > 9 files changed, 258 insertions(+), 41 deletions(-)
Folks, please hold off on merging this patch as Laszlo has raised a good point about including the efi-pstore variables in the whitelist.
