On Wed, 2013-03-27 at 09:09 +0000, Matt Fleming wrote: > On 26/03/13 15:43, Matthew Garrett wrote: > > I'm not quite clear what you mean. We have a fairly solid idea as to > > what the underlying problem here is, and I don't think this makes any > > more assumptions than the existing code does. > > Right, it doesn't make more assumptions, but the assumptions that the > existing code makes is causing problems, hence the need for your updated > patch. I'm fully expecting that the updated patch will also cause us > problems/require additional patches. I really don't want to keep > patching/tweaking this all the way to -rc6 and beyond. > > Have you tested this patch against one of those machines that suffers > from the original bricking problem? Ben, does this patch fix your issue? It doesn't entirely fix it - that would require ignoring the max_size and remaining_size values, and only considering available_size. But it does mean that the system will only rarely get into a state where efibootmgr can't write variables, and that it should take only a few reboots to get out of that. [...] > Maybe we should leave the existing checks in place and create a > whitelist for those machines that absolutely must be able to write to > the variable store, e.g. to initiate garbage collection, or where > QueryVariableInfo() is known to be inaccurate, or where we know we can > have the full use of pstore without bricking the machine. Yes, we'll > have to maintain the whitelist and we'll no doubt get bug reports for > machines that need to be added to the list, but at least no one is going > to brick their laptops, and the fix is simply adding an ID to the list, > not reimplementing our workarounds with the risk of breaking X number of > machines that were previously working just fine. Let's also have a module parameter to set this behaviour, and some more useful error logging in check_var_size_locked() that can help people to determine the behaviour of their firmware. Ben. -- Ben Hutchings DNRC Motto: I can please only one person per day. Today is not your day. Tomorrow isn't looking good either.
Attachment:
signature.asc
Description: This is a digitally signed message part