On 21/12/2022 12:38, Daniel P. Berrangé wrote:
Why shouldn't FAT be used for /boot. In an EFI world, /boot
is used for the same functional pupose as the ESP, which is
already going to use FAT.
Doesn't support links, lournaling and ACLs.
Everyone can do whatever they want with the files, and a trivial power
outage can easily wipe out all of its contents.
Such drivers would need to be signed to be used
under SecureBoot, thus expanding the set of components you
need to audit & trust for security purposes.
These drivers are backports from the grub2 code. If we trust GRUB, we
can trust them too.
Fedora Infra can be configured to sign the contents of the efifs package
with a Fedora SB key.
--
Sincerely,
Vitaly Zaitsev (vit...@easycoding.org)
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
