[Bug 1063061] Re: please backport support for EFI vars > 1KB

Jeremy Kerr jk at ozlabs.org
Wed Oct 10 01:03:46 UTC 2012 

Just committed this to sbsigntool, to use the updated mountpoint. v0.5
has this (and only this) change.

commit ab63e31bb8ba8ef4b51b8698cc5e89466e003989
Author: Jeremy Kerr <jeremy.kerr at canonical.com>
Date:   Mon Oct 8 12:07:43 2012 +0800

    sbkeysync: change default efivarfs mountpoint to /sys/.../efivars/
    
    Proposed changes to the kernel will establish /sys/firmware/efi/efivars
    as the canonical mountpoint for the efivars filesystem.
    
    Signed-off-by: Jeremy Kerr <jeremy.kerr at canonical.com>

diff --git a/NEWS b/NEWS
index b62c90a..786145f 100644
--- a/NEWS
+++ b/NEWS
@@ -1,2 +1,12 @@
+v0.5:
+       sbkeysync's default efivars mountpoint has been moved to
+       /sys/firmware/efi/efivars/. This is to match the proposed Linux kernel
+       patch for efivarfs, which provides this sysfs node for the purpose of
+       mounting efivarfs, and leaving the older ../vars/ interface for legacy
+       applications.
+
+       This default can be overridden using the --efivars-path option to
+       sbkeysync.
+
 v0.1:
        Initial version
diff --git a/src/sbkeysync.c b/src/sbkeysync.c
index d68f675..011004a 100644
--- a/src/sbkeysync.c
+++ b/src/sbkeysync.c
@@ -55,7 +55,7 @@
 #include "fileio.h"
 #include "efivars.h"
 
-#define EFIVARS_MOUNTPOINT     "/sys/firmware/efi/vars"
+#define EFIVARS_MOUNTPOINT     "/sys/firmware/efi/efivars"
 #define EFIVARS_FSTYPE         0x6165676C
 
 #define EFI_IMAGE_SECURITY_DATABASE_GUID \

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mountall in Ubuntu.
https://bugs.launchpad.net/bugs/1063061

Title:
  please backport support for EFI vars > 1KB

Status in “linux” package in Ubuntu:
  In Progress
Status in “mountall” package in Ubuntu:
  Fix Committed
Status in “linux” source package in Precise:
  Triaged
Status in “mountall” source package in Precise:
  Triaged
Status in “linux” source package in Quantal:
  In Progress
Status in “mountall” source package in Quantal:
  Fix Committed

Bug description:
  As of Linux 3.5, it is not possible to update the SecureBoot database
  from userspace because the sysfs implementation only supports variable
  data up to 1KB in size and this is exceeded by even a minimum key
  database of one key.

  Matt Fleming has accepted a patch from Matthew Garrett to add a new
  filesystem that supports larger variables.  Please consider
  backporting this (as an SRU) to both quantal and precise.

     https://lkml.org/lkml/2012/10/5/22

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1063061/+subscriptions

More information about the foundations-bugs mailing list