juliank,
@juliank@mastodon.social avatar

We ship too many file systems in Debian grub and I think we probably should drop all except

ext2 for /boot
fat for ESP
hfsplus for ESP on legacy mactel
iso9660 for ISO images
squash4 for the embedded memdisk

No more btrfs, f2fs, jfs, ntfs, xfs, zfs.

Arguably we may be able to drop squash4 too and just compress the files in the memdisk; grub decompresses on open anyhow using file filters.

norbu,

@juliank sounds like a genius idea. Maybe even remove support for voting at all? Might solve many problems along the way.

juliank,
@juliank@mastodon.social avatar

@norbu It's important to minimize what we sign for secure boot and make choices. We need to minimize the attack surface, and everyone can use ext2 for /boot really.

The default signed binaries need to be opinionated. If you have different opinions, sign your own or don't run secure boot.

norbu,

@juliank Why is it important to minimize what we sign? Do you expect a higher attack surface when supporting btrfs versus whatever.

The signing process itself is automatic, as is (I suppose) the submission process.

juliank,
@juliank@mastodon.social avatar

@norbu revocations are a very complex process. The rotation is quick, but the revocation is very hard.

And yes, we expect substantially higher risk from file systems other than fat and ext2, especially btrfs and zfs.

Also the risks are additive. The more you sign the more places that can have security vulnerabilities.

Hence unnecessary file systems and stuff like themes and images need to go (or you sign themes and images but we don't have that, and themes are a horrible UX vs flicker free).

highvoltage,
@highvoltage@pleroma.debian.social avatar

@juliank Ufh. I really wouldn't want a seperate /boot partition in cases where I use btrfs as /

juliank,
@juliank@mastodon.social avatar

@highvoltage Optimally (for grub) we should converge on FAT for /boot. FAT is a trivial file system, and you can just reuse the ESP.

realmurphy,

@juliank

Given we use xfs for / and/or /boot a lot (at least on non-UEFI installed servers), my vote would be to keep xfs 🙂

juliank,
@juliank@mastodon.social avatar

@realmurphy optimally we make /boot a FAT partition and add native EFI fs drivers to grub and then you get (efidisk0,part1) or something and we can drop all disk, fs drivers.

But it's blocked on moving kernels out of there which is ongoing, and clearly needs some transition.

juliank,
@juliank@mastodon.social avatar

We also should remove support for graphics and theming. These are serious attack vectors as well.

GyrosGeier,
@GyrosGeier@hachyderm.io avatar

@juliank we could also switch to systemd-boot. And that's coming from me, who is using systemd-boot to get to sysvinit faster.

juliank,
@juliank@mastodon.social avatar

@GyrosGeier 👍

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • DreamBathrooms
  • mdbf
  • ngwrru68w68
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • osvaldo12
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • InstantRegret
  • tacticalgear
  • JUstTest
  • ethstaker
  • modclub
  • cisconetworking
  • tester
  • GTA5RPClips
  • cubers
  • everett
  • provamag3
  • anitta
  • Leos
  • normalnudes
  • megavids
  • lostlight
  • All magazines
    •