lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <516B1ED3.9040900@suse.cz>
Date:	Sun, 14 Apr 2013 23:25:39 +0200
From:	Jiri Slaby <jslaby@...e.cz>
To:	matthew.garrett@...ula.com
CC:	matt.fleming@...el.com, cbouatmailru@...il.com, ccross@...roid.com,
	keescook@...omium.org, Tony Luck <tony.luck@...el.com>,
	linux-efi@...r.kernel.org,
	Linux kernel mailing list <linux-kernel@...r.kernel.org>
Subject: Cannot add new efi boot entry

Hi,

after update to 3.8, every update of the kernel ends up in an unbootable
machine. It is due to the following commit:
commit 68d929862e29a8b52a7f2f2f86a0600423b093cd
Author: Matthew Garrett <matthew.garrett@...ula.com>
Date:   Sat Mar 2 19:40:17 2013 -0500

    efi: be more paranoid about available space when creating variables

efibootmgr which tries to add an entry and silently fails when writing
to /sys/firmware/efi/vars/new_var with -ENOSPC.

There are many entries in there:
# efibootmgr
BootCurrent: 000D
Timeout: 0 seconds
BootOrder:
0018,0000,0001,0002,0003,0007,0008,0009,000A,000B,000C,000D,000E,000F,0010,0011,0012
Boot0000  Setup
Boot0001  Boot Menu
Boot0002  Diagnostic Splash Screen
Boot0003  Lenovo Diagnostics
Boot0004  Startup Interrupt Menu
Boot0005  ME Configuration Menu
Boot0006  Rescue and Recovery
Boot0007* USB CD
Boot0008* USB FDD
Boot0009* ATAPI CD0
Boot000A* ATA HDD0
Boot000B* ATA HDD1
Boot000C* ATA HDD2
Boot000D* USB HDD
Boot000E* PCI LAN
Boot000F* ATAPI CD1
Boot0010  Other CD
Boot0011* ATA HDD3
Boot0012  Other HDD
Boot0013* IDER BOOT CDROM
Boot0014* IDER BOOT Floppy
Boot0015* ATA HDD
Boot0016* ATAPI CD:
Boot0017* PCI LAN
Boot0018* Linux


Remaining size is about 20k, added entry size is hundreds bytes, store
size is 64k.

Obviously lowering the limitation from 1/2 to 1/4 fixes the problem for
me because it always worked on my setup to store a new entry...

Any ideas how to overcome that? It would be better to blacklist bad
machines rather than whitelist good ones, right?

thanks,
-- 
js
suse labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ