On Mi, 27.07.22 16:50, Chris Murphy (lists@xxxxxxxxxxxxxxxxx) wrote: > > I prefer no shim in my computers. I'm using systemd-boot signed by my > > own CA. > > That is not a generic solution we can ship in Fedora. Since each > distro ships their own shim, they'd each have to ship their own > signed fsfs in order to read the shared a non-FAT $BOOT. It's too > high a barrier to adoption. Something we could add relatively easily to sd-boot is that it could look for drivers to load in one of its own PE sections (let's say a new section ".drivers"). Then Fedora could do something like this: 1. build ext4 efifs as UEFI PE binary (→ ext2_x64.efi) 2. build systemd-boot as UEFI PE binary (→ systemd-bootx64.efi) 3. use "objcopy --add-section .drivers=ext2_x64.efi systemd-bootx64.efi systemd-bootx64.withext4.efi" to embedd the ext4 driver inside systemd-boot 4. sign the resulting systemd-bootx64.withext4.efi via shim/… 5. profitt! now you have an sd-boot binary that can do ext4. yay. 6. ask relevant other distros to do the same. They are probably in a very similar situation as fedora is, given they typically all use Grub right now. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
