diff options
author | Ingo Molnar <mingo@kernel.org> | 2016-02-16 13:14:57 +0100 |
---|---|---|
committer | Ingo Molnar <mingo@kernel.org> | 2016-02-16 13:14:57 +0100 |
commit | 4682c211a80ee93214b72d95f861b0f6e90e5445 (patch) | |
tree | eac511760095ae87cce978b369c80c079d347448 /Documentation | |
parent | 1926e54f115725a9248d0c4c65c22acaf94de4c4 (diff) | |
parent | ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879 (diff) | |
download | linux-4682c211a80ee93214b72d95f861b0f6e90e5445.tar.bz2 |
Merge tag 'efi-urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi into x86/urgent
Pull EFI fixes from Matt Fleming:
* Prevent accidental deletion of EFI variables through efivarfs that
may brick machines. We use a whitelist of known-safe variables to
allow things like installing distributions to work out of the box, and
instead restrict vendor-specific variable deletion by making
non-whitelist variables immutable (Peter Jones)
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/filesystems/efivarfs.txt | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/Documentation/filesystems/efivarfs.txt b/Documentation/filesystems/efivarfs.txt index c477af086e65..686a64bba775 100644 --- a/Documentation/filesystems/efivarfs.txt +++ b/Documentation/filesystems/efivarfs.txt @@ -14,3 +14,10 @@ filesystem. efivarfs is typically mounted like this, mount -t efivarfs none /sys/firmware/efi/efivars + +Due to the presence of numerous firmware bugs where removing non-standard +UEFI variables causes the system firmware to fail to POST, efivarfs +files that are not well-known standardized variables are created +as immutable files. This doesn't prevent removal - "chattr -i" will work - +but it does prevent this kind of failure from being accomplished +accidentally. |