Lennart Poettering mzerqung@0pointer.de writes:
On Di, 05.07.22 01:44, Fedora Development ML (devel@lists.fedoraproject.org) wrote:
Also, if users have "special" hardware, shouldn't they also have security.
if you need a special kernel cmdline to get your system to boot, then that's a bug in the kernel, and should be fixed there. Adding a kernel cmdline option is a local hack at best, executable only by the most technically savvy of users, and I think for those it's totally OK if you have to disable SecureBoot if you hack around.
I think this overestimates the complexity required here. You follow the on-screen instructions to press 'e', arrow key to the end of the line, and type the parameters from the support forum or stackoverflow or wherever.
Kernels should work universally, and if the don't do that out-of-the-box on some very new or very exotic hardware, then the right fix is not to expect users to be technical enough to set a kernel cmdline, but to fix the kernel to apply the fix automatically where needed. The kernel has plenty infrastructure for that.
In an ideal world, perhaps. But kernel parameters are also used for things that have nothing to do with hardware, such as needing to drop to a root shell on boot to fix problems in early userspace (e.g., clobbered /etc/shadow).
Be well, --Robbie