Date: Mon, 30 Jul 2018 13:05:13 -0500 From: Kyle Evans <kevans@freebsd.org> To: Warner Losh <imp@bsdimp.com> Cc: Shawn Webb <shawn.webb@hardenedbsd.org>, src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r336919 - head/sys/dev/efidev Message-ID: <CACNAnaE2Pooy=%2By0X7GbzHz%2BO7w_nPigDwbAJnuFDsyXyunk5Q@mail.gmail.com> In-Reply-To: <CANCZdfq6dDVww9bSYTwZf7epRrNdQBEFsnjOf2p%2BDGPp=UcyhA@mail.gmail.com> References: <201807301740.w6UHeRM0077138@repo.freebsd.org> <20180730175923.vtha72pcvzilsspu@mutt-hbsd> <CANCZdfq6dDVww9bSYTwZf7epRrNdQBEFsnjOf2p%2BDGPp=UcyhA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 30, 2018 at 1:01 PM, Warner Losh <imp@bsdimp.com> wrote: > On Mon, Jul 30, 2018 at 11:59 AM, Shawn Webb <shawn.webb@hardenedbsd.org> > wrote: >> >> On Mon, Jul 30, 2018 at 05:40:27PM +0000, Kyle Evans wrote: >> > Author: kevans >> > Date: Mon Jul 30 17:40:27 2018 >> > New Revision: 336919 >> > URL: https://svnweb.freebsd.org/changeset/base/336919 >> > >> > Log: >> > efirt: Add tunable to allow disabling EFI Runtime Services >> > >> > Leading up to enabling EFIRT in GENERIC, allow runtime services to be >> > disabled with a new tunable: efi.rt_disabled. This makes it so that >> > EFIRT >> > can be disabled easily in case we run into some buggy UEFI >> > implementation >> > and fail to boot. >> > >> > Discussed with: imp, kib >> > MFC after: 1 week >> > >> > Modified: >> > head/sys/dev/efidev/efirt.c >> > >> > Modified: head/sys/dev/efidev/efirt.c >> > >> > ============================================================================== >> > --- head/sys/dev/efidev/efirt.c Mon Jul 30 17:03:15 2018 >> > (r336918) >> > +++ head/sys/dev/efidev/efirt.c Mon Jul 30 17:40:27 2018 >> > (r336919) >> > @@ -133,7 +133,12 @@ efi_init(void) >> > struct efi_md *map; >> > caddr_t kmdp; >> > size_t efisz; >> > + int rt_disabled; >> > >> > + rt_disabled = 0; >> > + TUNABLE_INT_FETCH("efi.rt_disabled", &rt_disabled); >> >> Would it be a good idea to document this tunable in loader(8)? >> >> Thanks, >> >> -- >> Shawn Webb >> Cofounder and Security Engineer >> HardenedBSD >> >> Tor-ified Signal: +1 443-546-8752 >> Tor+XMPP+OTR: lattera@is.a.hacker.sx >> GPG Key ID: 0x6A84658F52456EEE >> GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE > > It would be a good idea to make it like the other tuneables. > > efi.rt.enabled=0 would be the pattern. > In that case, I'll change this to efi.rt.disabled to more closely match newbus hinting, and I'll document it in loader(8) in the process.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACNAnaE2Pooy=%2By0X7GbzHz%2BO7w_nPigDwbAJnuFDsyXyunk5Q>