Show Your Support: Have you heard of Phoronix Premium? It's what complements advertisements on this site for our premium ad-free service. For less than $4 USD per month, you can help support our site while the funds generated allow us to keep doing Linux hardware reviews, performance benchmarking, maintain our community forums, and much more.
GRUB2 EFI Support In Fedora 31 Likely To Include New Security Modules
Peter Jones and Javier Martinez Canillas, both of Red Hat, are looking to have Fedora 31's GRUB2 EFI package include the verify, cryptodisk, and LUKS modules. This inclusion is being pursued since those using UEFI SecureBoot cannot manually insert modules not already in the grubx64.efi and thus losing out on these possible options for improving the integrity of the early-launch code.
"This change will allow users to gain trust in the integrity of early-launch code either through verification of signatures (particularly useful for initramfs, which is particularly vulnerable to possible offline modification) or encryption of the boot partition." More details on the plans via this change proposal.