On Mon, 16 Feb 2026 at 13:39, Heinrich Schuchardt <[email protected]> wrote: > > Am 16. Februar 2026 08:24:19 MEZ schrieb Michal Simek <[email protected]>: > > > > > >On 2/15/26 09:48, Heinrich Schuchardt wrote: > >> On 2/11/26 16:56, Michal Simek wrote: > >>> From: Shantur Rathore <[email protected]> > >>> > >>> Currently U-Boot uses ESP as storage for EFI variables. > >>> Devices with SPI Flash are used for storing environment with this > >>> commit we allow EFI variables to be stored on SPI Flash. > >>> > >>> https://github.com/rhboot/efivar > >>> is not updated to support this location that's why you can mimic it by > >>> running: > >>> dd > >>> if=/sys/firmware/efi/efivars/VarToFile-b2ac5fc9-92b7-4acd-aeac-11e818c3130c > >>> \ > >>> of=/tmp/vars skip=4 bs=1 > >>> flashcp /tmp/vars /dev/mtdX > >>> > >>> where mtdX should match location defined by > >>> CONFIG_EFI_VARIABLE_SF_OFFSET/CONFIG_EFI_VAR_BUF_SIZE. > >>> > >>> Signed-off-by: Shantur Rathore <[email protected]> > >>> Signed-off-by: Michal Simek <[email protected]> > >>> Tested-by: Neil Armstrong <[email protected]> # on AML-S905D3-CC > >>> Acked-by: Ilias Apalodimas <[email protected]> > >>> > >>> --- > >>> > >>> Changes in v8: > >>> - Add missing EFI_VARIABLE_SF_STORE dependency to > >>> EFI_VARIABLE_SF_DEVICE_INDEX > >>> > >>> Changes in v7: > >>> - sed -i 's/efi_var_from/efi_var_from_storage/g' > >>> > >>> Changes in v6: > >>> - sed -i 's/efi_var_read/efi_var_from/g' > >>> - sed -i 's/efi_var_write/efi_var_to_storage/g' > >>> > >>> Changes in v4: > >>> - Extend Kconfig description > >>> - Extend commit message and describe efivar missing part > >>> - use unify methods for reading/writing variable > >>> > >>> Changes in v3: > >>> - Fixed compiler warnings. > >>> > >>> Changes in v2: > >>> - Refactored efi_var_file to move common parts out as requested > >>> - Changed ifdefs to use CONFIG_IS_DEFINED > >>> - Fixed typos > >>> > >>> lib/efi_loader/Kconfig | 35 +++++++++++++- > >>> lib/efi_loader/Makefile | 1 + > >>> lib/efi_loader/efi_var_sf.c | 92 +++++++++++++++++++++++++++++++++++++ > >>> 3 files changed, 127 insertions(+), 1 deletion(-) > >>> create mode 100644 lib/efi_loader/efi_var_sf.c > >>> > >>> diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig > >>> index 579eed658801..0f6f927ddaf1 100644 > >>> --- a/lib/efi_loader/Kconfig > >>> +++ b/lib/efi_loader/Kconfig > >>> @@ -124,6 +124,24 @@ config EFI_VARIABLE_FILE_STORE > >>> Select this option if you want non-volatile UEFI variables to be > >>> stored as file /ubootefi.var on the EFI system partition. > >>> +config EFI_VARIABLE_SF_STORE > >>> + bool "Store non-volatile UEFI variables in SPI Flash" > >>> + depends on SPI_FLASH > >>> + help > >>> + Select this option if you want non-volatile UEFI variables to be > >>> + stored in SPI Flash. > >>> + > >>> + Define CONFIG_EFI_VARIABLE_SF_OFFSET as offset in SPI Flash to use > >>> as > >>> + the storage for variables. CONFIG_EFI_VAR_BUF_SIZE defines the > >>> space > >>> + needed. > >>> + > >>> + Note that SPI Flash devices have a limited number of program/erase > >>> + cycles. Frequent updates to UEFI variables may cause excessive wear > >>> + and can permanently damage the flash device, particularly on SPI > >>> NAND > >>> + or low-end SPI NOR parts without wear leveling. This option should > >>> be > >>> + used with care on such systems, and is not recommended for > >>> platforms > >>> + where UEFI variables are updated frequently. > >>> + > >>> config EFI_MM_COMM_TEE > >>> bool "UEFI variables storage service via the trusted world" > >>> depends on OPTEE > >>> @@ -153,7 +171,7 @@ endchoice > >>> config EFI_RT_VOLATILE_STORE > >>> bool "Allow variable runtime services in volatile storage (e.g RAM)" > >>> - depends on EFI_VARIABLE_FILE_STORE > >>> + depends on EFI_VARIABLE_FILE_STORE || EFI_VARIABLE_SF_STORE > >> > >> Hello Michal, > >> > >> If the backend store is SPI flash, we should not publish the variable > >> "RTStorageVolatile" at runtime as currently defined. > >> > >> For the background see this commit for the efivar library: > >> > >> https://github.com/rhboot/efivar/commit/68daa04654acbe1bbaa17ebfc23c371b39e69c6b > >> > >> The first three patches look correct to me and I will add them to a merge > >> request for efi-next. > > > >Do I read it that when I don't allow to select EFI_RT_VOLATILE_STORE you > >will be fine with the patch itself? > > This was my only concern.
Thinking about it again, this is the right thing to do right now. efivar will try to create a file in the ESP if the speacial variables in linux are found. So we are better off disabling this option for SPI variables atm Cheers /Ilias > > Maybe setting the file name to /dev/mtd/by-name/<partition name> would work > with efivar. But I have not tested it. > > In U-Boot we could replace EFI_VARIABLE_SF_DEVICE_INDEX, SIZE, and OFFSET by > a partition name, too. That way it would be the common device-tree for U-Boot > and Linux controlling the placement of the variables store. > > > > > > >> The usage of efi_var_mem_ins() and efi_var_mem_del() when SetVariable() > >> does not change anything is not flash-friendly. Michal, do you want to > >> have a look at this area? > > > >That's known limitation describe in EFI_VARIABLE_SF_STORE Kconfig Note. > > This could be a topic for future work. > > Best regards > > Heinrich >
