On Wed, Dec 21, 2022 at 12:22:25PM +0100, Vitaly Zaitsev via devel wrote:
On 20/12/2022 19:56, Chris Murphy wrote:
> Great. The gotcha though is this in effect requires a change in the file system
currently mounted at /boot, which is ext4. And ext4 isn't supported by sd-boot or UEFI
firmware. So if you're going to support sd-boot, the installer needs to be aware that
either the ESP is big enough to be used as /boot, or if it's not big enough then it
will be mounted on /efi*and* a new partition XBOOTLDR formatted as FAT will be used as
/boot.
Nobody should use FAT for /boot. efifs[1] should be used instead.
Why shouldn't FAT be used for /boot. In an EFI world, /boot
is used for the same functional pupose as the ESP, which is
already going to use FAT.
systemd-boot can load these drivers from ESP out of the box[2].
Yes, you can, but there needs to be a compelling benefit to
adding this extra functionality, as opposed to using FAT
for /boot. Such drivers would need to be signed to be used
under SecureBoot, thus expanding the set of components you
need to audit & trust for security purposes.
With regards,
Daniel
--
|:
https://berrange.com -o-
https://www.flickr.com/photos/dberrange :|
|:
https://libvirt.org -o-
https://fstop138.berrange.com :|
|:
https://entangle-photo.org -o-
https://www.instagram.com/dberrange :|