cleaning kernel dumps from UEFI BIOS NVRAM
Trying to install Secure Boot certificates into UEFI BIOS NVRAM, I hit a problem that there is no free space left in the NVRAM. Most solutions recommend just to delete files starting with dump in the directory /sys/firmware/efi/efivars. A virtual filesystem exposing UEFI BIOS NVRAM variables is mounted to this directory. Indeed, these files accounted for 100 of 130 kB of used space. However, working with this file system directly is dangerous because you can accidentally delete another variable and brick your motherboard. Hence I read a little about these dump files. They are used as a backend to the so called “Linux persistent storage filesystem pstore”. It can store kernel messages when a kernel panics. pstore is exposed in the directory /sys/fs/pstore. Hence a safe way to clean UEFI BIOS NVRAM would be through this directory. Also there is a systemd-pstore.service that moves these messages to the systemd journal. When I started it, it emptied /sys/fs/pstore, but dump files were not deleted from /sys/firmware/efi/efivars for some reason. After a reboot, voilà, there is no kernel garbage in UEFI BIOS NVRAM and will never be if this service is enabled.