On Di, 20.12.22 13:56, Chris Murphy (lists@xxxxxxxxxxxxxxxxx) wrote: > > * Better secure boot support (specifically the initrd is covered by > > the signature). > > We need to solve the glaring hole that is the initrd. There's no > question about it. I can't really assess if this feature is the best > way to do that. Or if it would be adequate for dracut to self-sign > every locally generated initrd with a unique key pair and throw away > the private key after each initrd is generated. Or if we could do > enough strict standardization in the boot chain with a possibly > larger kernel to avoid needing an initrd, i.e. get to sysroot mount > faster thereby obviating the need for a large initrd. Systems without initrd are unrealistic outside of corner cases. I am pretty sure that if you care about SecureBoot then you must care about protecting the root fs somehow, too. Otherwise fixing the initrd hole is a pretty pointless excercise. Protecting the root fs means encryption/LUKS, Verity or dm-integrity in some way. But that implies an initrd, in particular if you want to hook that up with TPM or FIDO2 or so, which I am pretty sure should be considered a pretty common case sooner or later. I think initrd-less systems only make sense as a corner case for certain low-security systems, but certainly not as a default. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
