From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 68AF0139694 for ; Thu, 13 Jul 2017 12:15:01 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D34F127419E; Thu, 13 Jul 2017 12:14:54 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8112E27418A for ; Thu, 13 Jul 2017 12:14:54 +0000 (UTC) Received: from localhost (unknown [91.246.102.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: bircoph) by smtp.gentoo.org (Postfix) with ESMTPSA id 9D0E7341899 for ; Thu, 13 Jul 2017 12:14:52 +0000 (UTC) Date: Thu, 13 Jul 2017 15:14:48 +0300 From: Andrew Savchenko To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] newsitem: openrc-0.28 mounts efivars read only Message-Id: <20170713151448.3a6fbe712c5f58c116380a4b@gentoo.org> In-Reply-To: References: <20170712154236.GA10286@whubbs1.gaikai.biz> <20170712214408.GA13328@whubbs1.gaikai.biz> <20170713093021.2b0bcf21b6ebb6921245fbe0@gentoo.org> <20170713144308.3e0dd3139d5be936e28c3e7d@gentoo.org> X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.30; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="PGP-SHA512"; boundary="Signature=_Thu__13_Jul_2017_15_14_48_+0300_zgluDJteFuSNHXWm" X-Archives-Salt: 3dfbf070-9b84-40d9-94a5-958e7924364e X-Archives-Hash: 98b58a295c87ab126cf1a38384a9e3fb --Signature=_Thu__13_Jul_2017_15_14_48_+0300_zgluDJteFuSNHXWm Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, 13 Jul 2017 07:54:44 -0400 Rich Freeman wrote: [...] > >> Presumably you'd only want to remount it if it was mounted ro to > >> start, since it sounds like openrc will be diverging from systemd > >> behavior here. > >> > >> While it seems like a good idea I'm not sure how big an improvement it > >> is in the larger scheme. We're worried about root accidentially > >> modifying efivars, but we have no safeguards against root writing to > >> /dev/sda, and the latter seems much more likely to cause harm, and is > >> harder to fix. > > > > Writing to /dev/sda may kill data stored there, but hardware itself > > will survive. Writing to efivars kills hardware and this is the > > motivation for this change. See [1] and [2] for details. Poettering > > says this is OK to hard brick device, well fine, this is systemd > > way. OpenRC is smarter here and protects users from unintended > > disaster. >=20 > Reading through those apparently bricking is considered to be a > hardware bug. Granted, it is still desirable to avoid. Yes, it can be considered as a hardware bug, as well as thousands of other issues, look at how many quirks are inside the kernel. This is how it works: software works around hardware bugs, because software is so much easier to update than hardware. > In any case, tools would still need to be compatible with both > approaches. Apparently there are commands like systemctl reboot > --firmware-setup that expect this to be writable. If we aren't going > to make the default ro under systemd then tools will need to handle > both cases. If we decide to change the default for systemd (or put a > line in the default fstab) then this issue would go away. I see no problems with compatibility. In case of software needs to write to efivars (bootloader installation, etc) algo is simple: flag =3D false; if (mounted(efivars) =3D=3D RO) { remount(efivars, RW); flag =3D true; } do_usual_stuff(); if (flag) remount(efivars, RO); Best regards, Andrew Savchenko --Signature=_Thu__13_Jul_2017_15_14_48_+0300_zgluDJteFuSNHXWm Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE63ZIHsdeM+1XgNer9lNaM7oe5I0FAllnZDgACgkQ9lNaM7oe 5I3I4w/8DDNtaQgLqE27fymKPPc5ELXwtaefFx2438NltU+TEa0+OQeiOVIu98mH hUrwwDu7a/XHIzcDFiobnmEFMRi9fyyTAbm1F2yVP9QacvrdBTq48MFOD66wpP7b 7Br9G+2176l1OXzFXhBY4soSshQGeoU7V9UccuWKpahplvj3KDo0Wi0K4xBh8nV4 1wc+di5ur/pwLMKi7SM1u4mxBOYtRt6baBKuAqsrCz+7qVMFJ50FdD/jtftDz1TP Q7gyaeTn2ePRKsTKxfdAI93vy+0DvFHbihLUSHQTaIea9i35EiBMdfDDngTK7BFF /ZgST1Kbs7efvBkFXnveG8fIH3S0FZ3zSdQAHoymp22xkEryl7Zw9h+3GOE9rp/r cad8A/KivE02PAN8gBVYWmDdD2jgKrOkW6ug543EQVBAUC/tfxLgsBkdCJ38cuUQ PF/EvSesfVxljFuZaMMgtIs7BekOWJ7wXEzvie1XTi9zOg5Tr2+u5MhUAhIZ0vZq SPqoSzQqin4h3NDgV1ONJutxQBS7Ijon5l/tdzhbXa6ODR9h6fxTVwIn2KKp5BMA iXUqPKXO3Hhawx0dFcpMVenDh04xlP/RiBpV5/SBNzVyK6jvwVIuRKR9GGEFjM2m ozPqOIt/Hs9D5tBh3WZey0MvQuRp79Qp1f/Ci9R4fHXVuH9VdsY= =pkTk -----END PGP SIGNATURE----- --Signature=_Thu__13_Jul_2017_15_14_48_+0300_zgluDJteFuSNHXWm--