On 28.04.2022 10:54, Lennart Poettering wrote: > >> * systemd-boot is an additional bootloader, rather than replacing >> an existing one, thus increasing the attack surface. > > Hmm, what? "additional bootloader"? Are they suggesting you use grub > to start sd-boot? I mean, you certainly could do that, but the only > people I know who do that do that to patch around the gatekeeping that > the shim people are doing. Technically the boot chain should either be > [firmware → sd-boot → kernel] or [firmware → shim → sd-boot → kernel] > (if you buy into the shim thing), and nothing else. > I guess "additional bootloader" in this context means that distribution cannot use sd-boot as the only bootloader for obvious reason - it is EFI only. So distribution would need to keep currently used bootloader anyway. If current bootloader already works on platforms supported by distribution, what is gained by adding yet another one?
Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Andrei Borzenkov <arvidjaar@xxxxxxxxx>
- Date: Sat, 30 Apr 2022 08:08:12 +0300
- In-reply-to: <YmpIPH4LY/RCTeqx@gardel-login>
- References: <CAEg-Je_gcj_Nz6o6venEwefn7Q9K_1a9QoNGvT7RZ9SQ0NzJNw@mail.gmail.com> <YmkfViY7jf6S+aaT@krowka> <CAEg-Je9uf=9W1Obc+QyJ_pS8A65GZOcQz9owumn50co=voop7Q@mail.gmail.com> <YmlPYbFri+kgBzrQ@krowka> <CAGWsdOhFKYO9j5VuXmBEiVUtb94GhmqxbRmRiFKGf_J2MsDrYQ@mail.gmail.com> <CAJAOzpAbM2_dOFMsJEie15h0_9khVBO29EOoB+dtKTKq90W9Zg@mail.gmail.com> <CAGWsdOiByr-vsv-Xpyz15N4NguM99Bk7PBhbm60si5hpiY0nLA@mail.gmail.com> <CAGWsdOi+A68W=TUa4iqxsoa+Ub9nj1+5ja+gRRWAfM1YRYGFQg@mail.gmail.com> <YmpIPH4LY/RCTeqx@gardel-login>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1
- Follow-Ups:
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Lennart Poettering
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Jóhann B. Guðmundsson
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- References:
- Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Neal Gompa
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Zbigniew Jędrzejewski-Szmek
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Neal Gompa
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Zbigniew Jędrzejewski-Szmek
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Michael Biebl
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Dan Nicholson
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Michael Biebl
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Michael Biebl
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Lennart Poettering
- Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Prev by Date: Re: Antw: [EXT] [systemd‑devel] Query degraded state
- Next by Date: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Previous by thread: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Next by thread: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Index(es):
 |