Announcement

Collapse
No announcement yet.

GRUB2 EFI Support In Fedora 31 Likely To Include New Security Modules

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • GRUB2 EFI Support In Fedora 31 Likely To Include New Security Modules

    Phoronix: GRUB2 EFI Support In Fedora 31 Likely To Include New Security Modules

    Another change being sought for Fedora 31 is including some newer GRUB2 modules as part of the distribution's GRUB EFI boot-loader build to provide some additional security functionality...

    http://www.phoronix.com/scan.php?pag...odules-For-F31

  • #2
    They also want to simplify the options available on the grub menu, using https://wiki.gnome.org/Design/OS/Boo...ntative_Design as a tentative design
    https://fedoraproject.org/wiki/Changes/ImprovedGrubMenu

    To be honest I'd like to see them look at replacing GRUB with something else, e.g. systemd-boot (with ext4 driver?) or refind. We can already get the EFI firmware to boot the Linux kernel, kinda making most of GRUB irrelevant. Also GRUB can destroy the EFI framebuffer making smooth booting harder.

    Comment


    • #3
      Originally posted by Britoid View Post
      They also want to simplify the options available on the grub menu, using https://wiki.gnome.org/Design/OS/Boo...ntative_Design as a tentative design
      https://fedoraproject.org/wiki/Changes/ImprovedGrubMenu

      To be honest I'd like to see them look at replacing GRUB with something else, e.g. systemd-boot (with ext4 driver?) or refind. We can already get the EFI firmware to boot the Linux kernel, kinda making most of GRUB irrelevant. Also GRUB can destroy the EFI framebuffer making smooth booting harder.
      What is the benefit of systemd-boot over GRUB?
      And what about get the EFI firmware to boot the Linux kernel instead of using systemd-boot?
      Doesn't EFI firmware make the systemd-boot irrelevant in the same way as you argue it makes GRUB irrelevant?

      Comment


      • #4
        Originally posted by uid313 View Post

        What is the benefit of systemd-boot over GRUB?
        And what about get the EFI firmware to boot the Linux kernel instead of using systemd-boot?
        Doesn't EFI firmware make the systemd-boot irrelevant in the same way as you argue it makes GRUB irrelevant?
        You use systemd-boot to pass kernel args when telling the efi to launch linux, same with refind. They compliment the EFI firmware.

        They're boot managers, not boot loaders. Generally the boot managers that come with the EFI firmware are bad and more designed for booting USB sticks.

        Comment


        • #5
          Originally posted by Britoid View Post
          They also want to simplify the options available on the grub menu, using https://wiki.gnome.org/Design/OS/Boo...ntative_Design as a tentative design
          https://fedoraproject.org/wiki/Changes/ImprovedGrubMenu

          To be honest I'd like to see them look at replacing GRUB with something else, e.g. systemd-boot (with ext4 driver?) or refind. We can already get the EFI firmware to boot the Linux kernel, kinda making most of GRUB irrelevant. Also GRUB can destroy the EFI framebuffer making smooth booting harder.
          Well if you boot multiple OS, then Grub is invaluable. if it's just the one, then yes alternatives like systemd-boot and refind are a good idea.

          Edit: GRUB is also pretty useful if your system gets screwed up, and you need to change command line parameters to atleast boot to the command line and fix it.

          Comment


          • #6
            Originally posted by sandy8925 View Post

            Well if you boot multiple OS, then Grub is invaluable. if it's just the one, then yes alternatives like systemd-boot and refind are a good idea.

            Edit: GRUB is also pretty useful if your system gets screwed up, and you need to change command line parameters to atleast boot to the command line and fix it.
            Most of the time you dont NEED grub to manage multiple os booting on UEFI though. There is usually a key that you hit while on the manufacturer logo to pull up a menu that includes all possible boot items. So long as both Windows and Linux have been installed right as EFI variables then both should be there. More uncommon these days are boot screens or UEFI's that dont allow some form of this as its quite literally part of the spec

            Comment


            • #7
              Originally posted by sandy8925 View Post

              Well if you boot multiple OS, then Grub is invaluable. if it's just the one, then yes alternatives like systemd-boot and refind are a good idea.

              Edit: GRUB is also pretty useful if your system gets screwed up, and you need to change command line parameters to atleast boot to the command line and fix it.
              Which is why you have a Boot Manager like systemd-boot/refind.

              Comment


              • #8
                Originally posted by uid313 View Post

                What is the benefit of systemd-boot over GRUB?
                None, while grub allows you to even boot from an encrypted boot partition.
                ## VGA ##
                AMD: X1950XTX, HD3870, HD5870
                Intel: GMA45, HD3000 (Core i5 2500K)

                Comment


                • #9
                  Originally posted by darkbasic View Post

                  None, while grub allows you to even boot from an encrypted boot partition.
                  There is one major benefit that systemd-boot has over Grub -- booting from fully encrypted, no, completely full featured ZFS volumes. You can't do that from Grub...only from systemd-boot since Grub has to be installed to a legacy and limited dataset supporting minimal features. I think there's a similar situation with LUKS/LUKS2 with Grub and systemd-boot (Grub only supports LUKS).

                  Comment


                  • #10
                    Originally posted by skeevy420 View Post

                    There is one major benefit that systemd-boot has over Grub -- booting from fully encrypted, no, completely full featured ZFS volumes. You can't do that from Grub...only from systemd-boot since Grub has to be installed to a legacy and limited dataset supporting minimal features. I think there's a similar situation with LUKS/LUKS2 with Grub and systemd-boot (Grub only supports LUKS).
                    Grub only supports LUKS headers (no LUKS2 yet), but AFAIK systemd-boot doesn't support either.
                    If so, how is systemd-boot supposed to boot from a LUKS-encrypted boot partition?
                    It if really supports LUKS2 and native ZFS encryption I will switch for sure.
                    ZFS support looks especially unlikely to me, since encryption is only supported in the highly-experimental 0.8.x branch.
                    ## VGA ##
                    AMD: X1950XTX, HD3870, HD5870
                    Intel: GMA45, HD3000 (Core i5 2500K)

                    Comment

                    Working...
                    X