You are not logged in.
- Topics: Active | Unanswered
#26 2016-02-01 20:51:52
- Head_on_a_Stick
- Member
- From: London
- Registered: 2014-02-20
- Posts: 4,584
- Website
Re: Remounting efivars as ro to safeguard hardware. Best practice?
Does anyone know how this ro mounting of efivars compares to the kernel option "noefi" or to blacklisting the efivars module? It seems if one is paranoid, the latter options might be better as then the efivars don't need to be remounted ro as they are simply not mounted in the first place.
The noefi kernel parameter would disable all EFI runtime services support.
Just mounting /sys/firmware/efi read only at least gives the option of remounting it rw -- this would allow modification of the variables without rebooting.
Offline
#27 2016-02-02 07:50:55
- TheSaint
- Member
- From: my computer
- Registered: 2007-08-19
- Posts: 1,479
Re: Remounting efivars as ro to safeguard hardware. Best practice?
Anybody's trying to find side effects.
I think the only use on efivars are to change boot order or boot properties. So that's not a daily use.
do it good first, it will be faster than do it twice the saint 
Offline
#28 2016-02-02 08:11:29
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 9,578
- Website
Re: Remounting efivars as ro to safeguard hardware. Best practice?
Anybody's trying to find side effects.
I think the only use on efivars are to change boot order or boot properties. So that's not a daily use.
+1
My fstab has it ro since I posted and I have not found an side effect with normal use.
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#29 2016-02-02 21:19:02
- Soukyuu
- Member
- Registered: 2014-04-08
- Posts: 844
Re: Remounting efivars as ro to safeguard hardware. Best practice?
Same here. I've also forwarded the suggestion to my friends with UEFI boards and haven't heard anything (negative ) from them so far.
[ Arch x86_64 | linux | ThinkPad X220 | Intel Core i5 2540M@3.3Ghz | Intel HD3000 | 16GB RAM | Main, docked to 2 Monitors ]
[ Arch x86_64 | linux-ck-k10 | Custom-built | AMD Phenom II X4@3,5Ghz | nVidia 260 GTX | 12GB RAM | Retired ]
[ Arch x86_64 | linux | Custom-built | Intel Celeron G3920@2,99Ghz | iGPU | 8GB RAM | Home server ]
Offline
#30 2016-02-03 16:57:34
- Alad
- Wiki Admin/IRC Op/TU
- From: Bagelstan
- Registered: 2014-05-04
- Posts: 1,874
- Website
Re: Remounting efivars as ro to safeguard hardware. Best practice?
Mods are just community members who have the occasionally necessary option to move threads around and edit posts. -- Trilby
Honest Alad's Package Emporium—Now with added bugs! (Grand reopening: December 1st 2018)
Offline