On Mi, 27.07.22 16:19, Chris Murphy (lists@xxxxxxxxxxxxxxxxx) wrote: > >> Boot Loader Spec defines $BOOT as either EFI System partition (ESP) or Extended Boot Loader Partition (XBOOTLDR), and in effect they need to be FAT in order to fulfill the interoperability intent of the spec, because it is a shared $BOOT across all distros. > > > > You can use any FS you want with efifs[1]. > > Yeah, but it's impractical: > > * $BOOT is supposed to be readable by all distros that share $BOOT Hmm, afaik fedora installs /boot/ currently as ext4, no? *Every* Linux OS should be able to mount that... > * efifs drivers must be signed in order to be loaded on UEFI Secure > Boot enabled systems Well, if fedora can sign a kernel PE image it can also sign an efifs PE image. The efifs code stems from Grub fs drivers. It's not new code. It's a small part of Grub code that has been considered to be good enough in the Grub status quo hence should not require major re-review when loaded as EFI module instead. > * shim is distro specific, and is what provides the key for efifs as > well as the 2nd stage bootloader > > There are already enough barriers to Boot Loader Spec adoption. But > this would be too big a barrier. Dunno. The fedora EFI signing infra shouldn't care if you give it a PE kernel image to sign or a PE efifs driver. I mean, the devil is certainly in the detail, but conceptionally these are not new codepaths, but new payloads used in existing codepaths. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
