efivarfs

This article is a stub. Please help out by expanding it - how to get started.

Other languages:

English

Resources

The efivarfs is a filesystem in the Linux kernel that enables users to create, delete, and modify (U)EFI variables. efivarfs is typically (and automatically) mounted to /sys/firmware/efi/efivars; if it needs to be mounted manually the following command can be used:

root #mount -t efivarfs none /sys/firmware/efi/efivars

Introduction

efivarfs was created to address the shortcomings of using entries in sysfs to maintain EFI variables: the old sysfs EFI variables code only supported variables of up to 1024 bytes. This was originally a limitation in version 0.99 of the EFI specification which was was removed before any full releases^[1].

Note
Due to the presence of numerous firmware bugs where removing non-standard UEFI variables causes the system firmware to fail to POST, efivarfs files that are not well-known standardized variables are created as immutable files. This doesn’t prevent removal—chattr -i will work—but it does prevent this from happening accidentally.

Tip
When the content of an UEFI variable in /sys/firmware/efi/efivars is viewed, pay attention to the first 4 bytes of the output - they represent the UEFI variable attributes, in little-endian format. As a practical matter, each efivar is in the following format: 4_bytes_of_attributes + efivar_data.

Kernel

CONFIG_EFIVAR_FS support needs to be enabled:

KERNEL Enable EFI Variable filesystem support

Device Drivers  --->
   Firmware Drivers  --->
      [ ] Disable EFI runtime services support by default
File systems  --->
   Pseudo filesystems  --->
       <*> EFI Variable filesystem

Troubleshooting

EFI-CSM: BIOS mode

On x86 UEFI replaced the legacy BIOS, to enable backwards compatibility during the transitional period, UEFI on x86 included a BIOS emulation, called Compatibility Support Module (CSM). When EFI-CSM is activated and in use, it will behave like a legacy BIOS, including hiding UEFI facilities from the operating system.

Tip
If this filesystem does not exist on UEFI-capable hardware it probably means that the hardware was booted in Legacy (BIOS) Mode i.e. EFI-CSM.

In most cases is a safe assumption that a computer or laptop manufactured after 2020 is a pure UEFI system that cannot be in BIOS mode; as an additional point of interest when Secure Boot is enabled EFI-CSM is automatically deactivated.

EFI runtime unavailable

All (U)EFI functions can be disabled with the kernel parameter efi=noruntime, or activated with efi=runtime. A kernel booted without EFI runtime functions will not be able to alter any EFI settings and variables, including the boot configuration.

References

↑ https://docs.kernel.org/6.1/filesystems/efivarfs.html

[Kernel_Docs-1] ttps://docs.kernel.org/6.1/filesystems/efivarfs.html

[1]