From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CD36140852; Fri, 29 Mar 2024 07:34:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711697682; cv=none; b=ikwOSE1fgGbG0RZtF+H8JCqvglQtJdaRmJS0bPNW3/3f3PImbDeHAa6MF45iKnGVk0L2QojAyv2Tbcd5Jctiik5k3YcDmq1pyT4CmEHjhJrg6O0DlAtH1/R/l2U8KMa4pYuoPFxz7GWtCqIxK7P189NYkJ6Ub05FaFmf8ed1AZc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711697682; c=relaxed/simple; bh=6FG3wosaxtyLrhKBe6+/jrm0xfxaIALs5W2/r51MfkA=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=FzGKElpSL6QyKGPDSnjq2/pnfBQ92YY/V9Sg5GZMQHwini6pCUOFoXRfRDS2NZcBLyG8C1QPNU2HGZc84FcNHgbO3O6BYiVVe4WA3HDYDxrrR5PcRG9IN9TgYnIvt/OWGbLR614FppPg4SeHRYFPVPdcldoFurR6GFHwjrjvCP8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kjKSfDUl; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kjKSfDUl" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5740DC433C7; Fri, 29 Mar 2024 07:34:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711697682; bh=6FG3wosaxtyLrhKBe6+/jrm0xfxaIALs5W2/r51MfkA=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=kjKSfDUlrcS0CpZtobwMc+OiCCECbiyslJkYRNNtRJDXSbFngdqFe2odOAuFpVBDf nfEOFqdSw3budycquk0WG4QgdG3kf50nNL5/+FUWipmjlibJAgQx0rSinFhXbpppJd NkKrUYWUhU+TlS1NYLAQqdm2Wi0AerI4PUYnIqYg/kdTNQmqMpODNylKtccbg1lteO tZsfvmvAXMhciiD1uS5T5u23Z0RFyQ7J8OkhFVW+eoXaTXxDP6IxUxpHvoqziMR8L8 sYgRRw4dCFkjevwzKBR1PjKGB64E/D2M9KNGjrjVO+f6VPaTB+p0kiT6foeZbOxqxr XoxpsLIpsB4YQ== Received: by mail-lj1-f175.google.com with SMTP id 38308e7fff4ca-2d4a8bddc21so22262981fa.0; Fri, 29 Mar 2024 00:34:42 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCWIMcRBZrWx6Ppfiwex+JfOyTwY4NfdETmpcX4/KvGPuDGQqy3/4O0KofVjCNfThQ2s3joWoD8WllfhiK+bbG/CvkFphgDcjbzVrXlInhFK X-Gm-Message-State: AOJu0YwKS3BSuSans2F7vjaOm9kdcoAHiUe7dm0yrWYgYu4Lq/YOPdiN tAd1i1/F8A0hPDEfQK/e40XnmOONlkRzsGnFIIfpkfrB1/s8m/bMu9p0N3hzV/aakfm84jt8K7N FI/JeKZEonRx10N671xBJaLdvnuA= X-Google-Smtp-Source: AGHT+IGOW+lpZSdg3nT58nShezLxHTQjE5g07mxmSQjt/giLHqglxYnQv7B5tT0rjUtg1S2PYRzoPu++OKH1xt2irgY= X-Received: by 2002:a2e:9e58:0:b0:2d6:f698:7ecf with SMTP id g24-20020a2e9e58000000b002d6f6987ecfmr875392ljk.9.1711697680655; Fri, 29 Mar 2024 00:34:40 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240315002616.422802-1-timschumi@gmx.de> <2a500ade-a91d-15f2-e5ae-7f261e6a84b4@igalia.com> In-Reply-To: <2a500ade-a91d-15f2-e5ae-7f261e6a84b4@igalia.com> From: Ard Biesheuvel Date: Fri, 29 Mar 2024 09:34:29 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 1/3] efi: pstore: Request at most 512 bytes for variable names To: "Guilherme G. Piccoli" Cc: linux-efi@vger.kernel.org, Tim Schumacher , Kees Cook , Tony Luck , linux-hardening@vger.kernel.org Content-Type: text/plain; charset="UTF-8" On Fri, 15 Mar 2024 at 21:46, Guilherme G. Piccoli wrote: > > On 15/03/2024 06:16, Ard Biesheuvel wrote: > > [...] > > As an aside, you really want to avoid EFI pstore in general, and > > specifically on such old systems with quirky UEFI implementations. > > > > Hi Ard, this comment made me very curious; apart from old quirky UEFI > implementations, what's the reason you see to avoid using efi-pstore in > general ? > > Thanks in advance for your insights! I'm just not impressed by the general quality of implementations - relying on this when the system is going down is a reasonable last resort, perhaps, but if other options are available, I'd prioritize those. And this is for the oops/panic logs only - other uses of pstore seem better served with ordinary file based persistence.