Gerd Hoffmann venit, vidit, dixit 2025-10-09 12:01:26:
> On Thu, Oct 09, 2025 at 01:24:24AM -0400, Chris Murphy wrote:
> >
> > XBOOTLDR is being formatted either ext4 or XFS for a while now in Fedora.
> >
> > UEFI spec supports file system drivers.
>
> Yea, and tianocore even has a ext4 driver (see edk2-ext4.rpm and
> https://github.com/tianocore/edk2-platforms/tree/master/Features/Ext4Pkg).
>
> But that helps how exactly?
>
> vfat is the only filesystem required by the spec, so that is the one you
> can rely on being universally supported. The ESP must be vfat anyway.
>
> You could place the ext4 driver on the ESP. Problem one is this is
> fragile. You must arrange for the driver getting loaded. Either via
> UEFI boot configuration (aka efi variables) which may get lost, or using
> bootloader specific ways to do so. Problem two is the drivers are not
> signed, so with secure boot turned on this will not work.
/dev/nvme0n1p1 on /boot/efi type vfat
/dev/nvme0n1p2 on /boot type ext4
System:
Firmware: n/a (n/a)
Firmware Arch: x64
Secure Boot: enabled (user)
TPM2 Support: yes
Measured UKI: no
Boot into FW: supported
Current Boot Loader:
Product: GRUB 2.12
So what are you saying with "so with secure boot turned on this will not
work."?
Note that I'm not against a vfat /boot nor revamping things. But we have
to get our reasoning clearer. Right now we have a rushed change which
does not solve the reported problems (existing installs) and only delays
problems with fresh installs (until 2GB is not enough) - hopefully it
does not hurt anybody (I don't think it will).
If the SPEC is clear about "vfat only" then we should stick to the spec
or admit that we don't (and refrain from claiming we do).
If we talk about changes for fresh installs (or reinstalls), we might as
well switch /boot to vfat now, though that is easier to to in-place than
resizing it.
But other than size and fs type of /boot (and, possibly, giving up on
the rescue entry), are there ways forward which would avoid the problem
all together and still support our typical use cases (including dual
boot, secure boot, encrypted root, bare metal firmware as well as
virtual)?
Michael
--
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
