On 30.4.2022 05:08, Andrei Borzenkov
wrote:
On 28.04.2022 10:54, Lennart Poettering wrote:* systemd-boot is an additional bootloader, rather than replacing an existing one, thus increasing the attack surface.Hmm, what? "additional bootloader"? Are they suggesting you use grub to start sd-boot? I mean, you certainly could do that, but the only people I know who do that do that to patch around the gatekeeping that the shim people are doing. Technically the boot chain should either be [firmware → sd-boot → kernel] or [firmware → shim → sd-boot → kernel] (if you buy into the shim thing), and nothing else.I guess "additional bootloader" in this context means that distribution cannot use sd-boot as the only bootloader for obvious reason - it is EFI only. So distribution would need to keep currently used bootloader anyway.
Distributions most certainly can become efi only if they chose to do so, there nothing technical that stands in that way.
If current bootloader already works on platforms supported by distribution, what is gained by adding yet another one?
Freedom of choice
If the distribution allows users the freedom to choose from a set
of components that the OS "made of" or runs, to fit the user use
cases or has targeted use cases ( which bootloaders such as
syslinux, u-boot, redboot etc. are aimed at ) then drawing the
line at bootloaders makes no sense.
If the distribution does not allow users the freedom to
choose, then it makes no sense to support multiple variants of
components that provide same/similar function in the
distribution.
JBG
