From Fedora Project Wiki


Rebase grub2 to 2.12

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Rebase grub2 to 2.12 release in F40, same as in F41 and current rawhide.

Owner


Current status

  • Targeted release: Fedora Linux 40
  • Last updated: 2025-02-18
  • [<link to devel-announce post will be added by Wrangler> Announced]
  • [<will be assigned by the Wrangler> Discussion thread]
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

The embargo on 19 security vulnerabilities in the GRUB bootloader was lifted on 18 February, and since F40 is still being maintained, the most robust way to address these is to backport the entire rebased GRUB 2.12 to F40. This 2.12 version is already in F41 and rawhide, so it is being tested by users, and is functioning well.

While it could be possible to backport the 60+ CVE patches, as well as other upstream patches that would be necessary for compatibility, it would be necessary to first revert other patches that have already been applied to the current stable F40 GRUB, apply all of the CVE patches, then reapply the reverted patches. The result would be a lot of work that could easily result in mistakes, new issues, etc.

The cleanest approach is to backport the rebased GRUB, so as to have the same version of the bootloader in all currently maintained Fedora releases.

Feedback

Benefit to Fedora

Cleaner and safer backport of CVE fixes and additional fixes introduced in the new release (taken from repo):

  • GCC 13 support.
  • clang 14 support.
  • binutils 2.38 support.
  • Unification of EFI Linux kernel loader across architectures.
  • Transition to EFI Linux kernel stub loader for x86 architecture.
  • Initial support for Boot Loader Interface.
  • Support for dynamic GRUB runtime memory addition using firmware calls.
  • PCI and MMIO UARTs support.
  • SDL2 support.
  • LoongArch support.
  • TPM driver fixes.
  • Many filesystems fixes.
  • Many CVE and Coverity fixes.
  • Debugging support improvements.
  • Tests improvements.
  • Documentation improvements.
  • ...and tons of other fixes and cleanups...


Scope

  • Proposal owners: Marta Lewandowska, Nicolas Frayer
  • Other developers:
  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with the Fedora Strategy:

Upgrade/compatibility impact

Newer Fedora versions already contain GRUB 2.12

How To Test

Update your grub2 and report any regressions or other issues.


User Experience

Dependencies

Contingency Plan

  • Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
  • Contingency deadline: N/A (not a System Wide Change)
  • Blocks release? N/A (not a System Wide Change), Yes/No


Documentation

N/A (not a System Wide Change)

Release Notes

Retrieved from "https://fedoraproject.org/w/index.php?title=Changes/rebase_grub2_to_2_12&oldid=731133"