On Wed, Dec 21, 2022 at 12:22:25PM +0100, Vitaly Zaitsev via devel wrote: > On 20/12/2022 19:56, Chris Murphy wrote: > > Great. The gotcha though is this in effect requires a change in the file > > system currently mounted at /boot, which is ext4. And ext4 isn't supported > > by sd-boot or UEFI firmware. So if you're going to support sd-boot, the > > installer needs to be aware that either the ESP is big enough to be used as > > /boot, or if it's not big enough then it will be mounted on /efi*and* a > > new partition XBOOTLDR formatted as FAT will be used as /boot. > > Nobody should use FAT for /boot. efifs[1] should be used instead.
Why shouldn't FAT be used for /boot. In an EFI world, /boot is used for the same functional pupose as the ESP, which is already going to use FAT. > systemd-boot can load these drivers from ESP out of the box[2]. Yes, you can, but there needs to be a compelling benefit to adding this extra functionality, as opposed to using FAT for /boot. Such drivers would need to be signed to be used under SecureBoot, thus expanding the set of components you need to audit & trust for security purposes. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
