On Mi, 16.11.22 17:16, Jason A. Donenfeld (Jason@xxxxxxxxx) wrote: > Commit messages are rather sparse at the moment. I'll fill those out for > the next non-RFC patchset if this idea isn't immediately demolished. > > The biggest consideration is wear leveling on the EFI variable flash > chips. However, EFI *already* winds up writing to non-volatile memory on > every single boot anyway, so maybe it's not actually a big deal? So as mentioned elsewhere: This might (probably more than) double the wear on the flash chips, since firmware is unlikely to batch these writes with the monotonic counter write. I have no idea how realistic these issues are, there's a lot of handwaving involved, but to sidestep the issue I put sd-boot's seed in a file on disk (which should not have issues that much with wear) instead of efi vars. Lennart
