Announcement

Collapse
No announcement yet.

GRUB 2.12 Planned For Release This Year, Continues Improving Boot Security

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • GRUB 2.12 Planned For Release This Year, Continues Improving Boot Security

    Phoronix: GRUB 2.12 Planned For Release This Year, Continues Improving Boot Security

    One of the recurring FOSDEM talks we have come to enjoy has been Oracle's Daniel Kiper providing an annual update on the GRUB bootloader development efforts. This past weekend at FOSDEM 2022 was the latest on this leading open-source bootloader with recent accomplishments and plans for this year...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    Grub is a great OS. Can we now move on to anything efi?

    Comment


    • #3
      All great, but will it finally work reliably and not break during updates?! Crossing my fingers!

      http://www.dirtcellar.net

      Comment


      • #4
        Any news on making luks decryption in GRUB fast? It's abysmally slow. It takes like 20-30 seconds to decrypt root on a modern CPU.

        Comment


        • #5
          Originally posted by shmerl View Post
          Any news on making luks decryption in GRUB fast? It's abysmally slow. It takes like 20-30 seconds to decrypt root on a modern CPU.
          This is a chore for me, too. Setting ireration count to such that it takes one second on the OS, it's 10+ seconds in the bootloader. I think Manjaro default is something like 5s, which leads to a minute-long delay every reboot. Not cool.

          AFAIK it's because GRUB doesn't know how to use CPU acceleration in the decryption; it only uses basic x86-64 instructions.

          Comment


          • #6
            Originally posted by direc85 View Post
            AFAIK it's because GRUB doesn't know how to use CPU acceleration in the decryption; it only uses basic x86-64 instructions.
            Why can't it use more instructions like normal luks does? I don't think UEFI stops you from loading any code.

            Comment


            • #7
              a bit offtopic. sometimes i wonder, why distro still not confident enough of their distro stability that they show multiple boot entry in every boot. i mean, ms windows doesn't do that

              Comment


              • #8
                Originally posted by shmerl View Post
                Any news on making luks decryption in GRUB fast? It's abysmally slow. It takes like 20-30 seconds to decrypt root on a modern CPU.
                Another annoying issue is the totally unusable passphrase prompt when using full disk encryption. If you enter a wrong passphrase you have to wait excruciatingly long for decryption attempts and grub just drops to a rescue shell. Also on HiDPI displays the prompt is barely visible with tiny font.

                Comment


                • #9
                  Originally posted by mirmirmir View Post
                  a bit offtopic. sometimes i wonder, why distro still not confident enough of their distro stability that they show multiple boot entry in every boot. i mean, ms windows doesn't do that
                  Windows has its own "smash F8 during the boot to access failsafe mode". I think it is safe assumption that Linux users are mostly tinkerers and developers who often contribute to codebase so it would be reasonable to make switching kernels etc. easy out of the box.

                  Comment


                  • #10
                    GRUB shouldn't really be needed these days on modern systems with UEFI. I dont' understand why distributions have little support for unified kernel images out of the box. They make everything boot related much easier, you can get rid of separate /boot partitions completely, and as a side effect they allow for measured boot without any holes, like an unprotected initrd.

                    If you still want to use a boot manager with unified kernel images, you can use systemd-boot, which is orders of magnitude simpler than GRUB.

                    Comment

                    Working...
                    X