This could affect people using 'non-standard' modules not included in the standard distribution. For example, I use NILFS2 for all my filesystems, and if the signed grubx64.efi does not include that, I won't be able to boot. It might be a bit esoteric, but it points to a general problem: either all possible modules are included in the signed grub64x.efi, which some people might object to on size and/or attack surface grounds, or some are omitted, causing problems for people who wish to boot securely with modules not included in the standard distribution.
I vote for including all modules, but I have no problems with the size grub64x.efi becomes, and I'm less worried about the attack surface than some others might be. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1565950 Title: Grub 2 fails to boot a kernel on a luks encrypted volume with Secure Boot enabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1565950/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
