[systemd-devel] [systemd-commits] 3 commits - .gitignore Makefile.am src/bootchart src/core src/efi-boot-generator src/shared

Kay Sievers kay at vrfy.org
Mon Jan 21 04:33:54 PST 2013 

On Mon, Jan 21, 2013 at 1:21 PM, Frederic Crozat <fcrozat at suse.com> wrote:
> Le lundi 21 janvier 2013 à 13:09 +0100, Kay Sievers a écrit :
>> On Mon, Jan 21, 2013 at 1:05 PM, Frederic Crozat <fcrozat at suse.com> wrote:
>> > Le lundi 21 janvier 2013 à 12:03 +0100, Kay Sievers a écrit :
>>
>> >> It's the simplest and most efficient setup a system can have.
>> >
>> > But this setup is not shim loader/"Secure Boot" compatible.
>>
>> Sure it is. Why not? It has nothing to do which filesystem /boot uses.
>
> the generator isn't a problem, I was commenting on the "simplest" part.
> You still need a shim loader there, since an EFI-stubed kernel can't be
> signed by UEFI Signing Service (I'm not discussing signing a kernel
> yourself or injecting its key into EFI firmware).

It's just a matter of the features of the EFI loader you use, it still
has absolutely nothing to do with how /boot looks like, or what its
filesystem is.

>> > And it will
>> > force most (if not all) distributions to probably "patch" (or disable)
>> > this generator so it behave as it is expected by them (ie /boot/efi).
>>
>> If you would have read the code or the commit or the wiki page, you
>> would have noticed that the generator never gets active in any other
>> setup.
>
> I read the code before commenting, and I noticed it won't quick in as
> long as /boot is not empty nor mounted in fstab. But you are still
> "deviating" from the common practice among distributions and to be
> useful and work "as expected" on such distributions, this generator
> should use /boot/efi instead. Obviously, you already made you mind, so I
> guess it is useless to argue anymore but I doubt it will be of great
> usage on most distributions.

Yes, we do not want to get into any grub2 business or any other
bootloader configuration. This is just an "option" that will not be
used by any current default setup.

The whole point of this thing is to not need "another OS" like grub2
to read all sorts of storage setups and filesystems, just to load a
kernel that does all the same stuff again, but properly, and for real.
We can just skip that whole nonsense by making /boot the EFI system
partition and store the kernel there.

Distribution with their getting-more-fragile-and-insane-every-week
boot setup can do their stuff and will not be affected in any way by
this.

Kay

More information about the systemd-devel mailing list