Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

GRUB2 EFI Support In Fedora 31 Likely To Include New Security Modules

Written by Michael Larabel in Fedora on 26 March 2019 at 12:26 AM EDT. 24 Comments

FEDORA

Another change being sought for Fedora 31 is including some newer GRUB2 modules as part of the distribution's GRUB EFI boot-loader build to provide some additional security functionality.

Peter Jones and Javier Martinez Canillas, both of Red Hat, are looking to have Fedora 31's GRUB2 EFI package include the verify, cryptodisk, and LUKS modules. This inclusion is being pursued since those using UEFI SecureBoot cannot manually insert modules not already in the grubx64.efi and thus losing out on these possible options for improving the integrity of the early-launch code.

"This change will allow users to gain trust in the integrity of early-launch code either through verification of signatures (particularly useful for initramfs, which is particularly vulnerable to possible offline modification) or encryption of the boot partition." More details on the plans via this change proposal.

24 Comments

Related News

Fedora 39 To Raise Its vm.max_map_count To Satisfy Some Steam Play Games

Fedora Onyx To Become An Official Fedora Linux Immutable Variant

Fedora Developers Discuss An Idea For Using U-Boot On x86 BIOS Systems

Fedora To Further Evaluate vm.max_map_count Tuning For Better Linux Gaming Experience

Fedora 39 Looks To Ship mkosi-initrd As A Modern Alternative To Dracut

Fedora Onyx Aims To Be A New Fedora Linux Immutable Variant

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Red Hat To Stop Shipping LibreOffice In Future RHEL, Limiting Fedora LO Involvement

System76's Coreboot Open Firmware Manages To Disable Intel ME For Raptor Lake

FFmpeg Adds Support For Animated JPEG-XL

Debian 12 "Bookworm" Set For Release Next Week With Around 100 Known Bugs

AMD Ready For Ryzen Linux Systems To Use AMD P-State Active Mode By Default

Phoronix.com Turns 19 Years Old For Covering Linux Hardware, Open-Source News

One Of Intel's Newest Open-Source Projects Is A New Font For Developers

Steam On Linux Tries Again For Video Hardware Acceleration By Default On NVIDIA GPUs