GRUB2 EFI Support In Fedora 31 Likely To Include New Security Modules

Written by Michael Larabel in Fedora on 26 March 2019 at 12:26 AM EDT. 24 Comments
FEDORA
Another change being sought for Fedora 31 is including some newer GRUB2 modules as part of the distribution's GRUB EFI boot-loader build to provide some additional security functionality.

Peter Jones and Javier Martinez Canillas, both of Red Hat, are looking to have Fedora 31's GRUB2 EFI package include the verify, cryptodisk, and LUKS modules. This inclusion is being pursued since those using UEFI SecureBoot cannot manually insert modules not already in the grubx64.efi and thus losing out on these possible options for improving the integrity of the early-launch code.

"This change will allow users to gain trust in the integrity of early-launch code either through verification of signatures (particularly useful for initramfs, which is particularly vulnerable to possible offline modification) or encryption of the boot partition." More details on the plans via this change proposal.
24 Comments
Related News
Fedora Workstation 38 Is Shaping Up To Be Another Fantastic Release
Fedora 38 Beta Released With Many Exciting Updates
Incomplete Fedora 38 Changes Pushed Back, Including Dropping Legacy X.Org Drivers
Fedora Considers Dropping Delta RPMs
Fedora 39 Plots Path For Intel Threaded Building Blocks Upgrade
Fedora Planning Ahead For The Next 5 Years
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OBS Studio Lands AV1 & HEVC RTMP Streaming Support
Valve Officially Announces Counter-Strike 2
Raja Koduri Departing Intel To Start New Software Company
GNOME 44 Released With Many Desktop Enhancements
Linux 6.3-rc3 Released: It's "Fairly Big"
Framework Laptop Launches AMD Ryzen Upgradeable Laptop, Intel Raptor Lake Models Too
Mozilla Announces Mozilla.ai For "Trustworthy AI"
Proxmox VE 7.4 Released With Linux 5.15 LTS + Linux 6.2 Support, New Dark Theme