(Created page with "<!-- The actual name of your proposed change page should look something like: Changes/Your_Change_Proposal_Name. This keeps all change proposals in the same namespace --> = Rebase grub2 to 2.12 <!-- The name of your change proposal --> = {{Change_Proposal_Banner}} == Summary == Rebase grub2 to 2.12 release in F40, same as in F41 and current rawhide. == Owner == <!-- For change proposals to qualify as self-contained, owners of all affected packages need to be includ...") |
No edit summary |
||
Line 57: | Line 57: | ||
== Benefit to Fedora == | == Benefit to Fedora == | ||
Cleaner and safer backport of CVE fixes and additional fixes introduced in the new release (taken from repo): | |||
* GCC 13 support. | * GCC 13 support. | ||
* clang 14 support. | * clang 14 support. | ||
Line 105: | Line 106: | ||
== Scope == | == Scope == | ||
* Proposal owners: | * Proposal owners: Marta Lewandowska, Nicolas Frayer | ||
Marta Lewandowska | |||
Nicolas Frayer | |||
<!-- What work do the feature owners have to accomplish to complete the feature in time for release? Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?--> | <!-- What work do the feature owners have to accomplish to complete the feature in time for release? Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?--> | ||
Line 138: | Line 136: | ||
== How To Test == | == How To Test == | ||
Update your grub2 and report any regressions or other issues. | |||
<!-- REQUIRED FOR SYSTEM WIDE CHANGES --> | <!-- REQUIRED FOR SYSTEM WIDE CHANGES --> |
Revision as of 21:07, 18 February 2025
Rebase grub2 to 2.12
Summary
Rebase grub2 to 2.12 release in F40, same as in F41 and current rawhide.
Owner
- Name: Marta Lewandowska
- Email: <mlewando@redhat.com>
Current status
- Targeted release: Fedora Linux 40
- Last updated: 2025-02-18
- [<link to devel-announce post will be added by Wrangler> Announced]
- [<will be assigned by the Wrangler> Discussion thread]
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
Detailed Description
The embargo on 19 security vulnerabilities in the GRUB bootloader will be lifted on 18 February, and since F40 is still being maintained, the most robust way to address these is to backport the entire rebased GRUB 2.12 to F40. This 2.12 version is already in F41 and rawhide, so it is being tested by users, and is functioning well.
While it could be possible to backport the 60+ CVE patches, as well as other upstream patches that would be necessary for compatibility, it would be necessary to first revert other patches that have already been applied to the current stable F40 GRUB, apply all of the CVE patches, then reapply the reverted patches. The result would be a lot of work that could easily result in mistakes, new issues, etc.
The cleanest approach is to backport the rebased GRUB, so as to have the same version of the bootloader in all currently maintained Fedora releases.
Feedback
Benefit to Fedora
Cleaner and safer backport of CVE fixes and additional fixes introduced in the new release (taken from repo):
- GCC 13 support.
- clang 14 support.
- binutils 2.38 support.
- Unification of EFI Linux kernel loader across architectures.
- Transition to EFI Linux kernel stub loader for x86 architecture.
- Initial support for Boot Loader Interface.
- Support for dynamic GRUB runtime memory addition using firmware calls.
- PCI and MMIO UARTs support.
- SDL2 support.
- LoongArch support.
- TPM driver fixes.
- Many filesystems fixes.
- Many CVE and Coverity fixes.
- Debugging support improvements.
- Tests improvements.
- Documentation improvements.
- ...and tons of other fixes and cleanups...
Scope
- Proposal owners: Marta Lewandowska, Nicolas Frayer
- Other developers:
- Release engineering: #Releng issue number
- Policies and guidelines: N/A (not needed for this Change)
- Trademark approval: N/A (not needed for this Change)
- Alignment with the Fedora Strategy:
Upgrade/compatibility impact
Early Testing (Optional)
Do you require 'QA Blueprint' support? Y/N
How To Test
Update your grub2 and report any regressions or other issues.
User Experience
Dependencies
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
Documentation
N/A (not a System Wide Change)