GRUB-free booting

Conclusions and Outlook

Fedora and Red Hat are working on a system without an external bootloader. The nmbl project, currently still in the concept phase, integrates the boot process into a single package and starts the kernel directly via an EFI stub. TPM 2.0 and optional Secure Boot offer the required protections.

Although the EFI stub approach has been around for years, it has remained impractical for the majority of users. If Fedora introduces nmbl as the standard method for system startup, users will not only benefit from improved security but also from shorter startup times. Plus, a kernel update will simply mean editing a UKI, without time-consuming bootloader configuration overhead.

Infos

  1. systemd-boot: https://wiki.archlinux.org/title/Systemd-boot
  2. "Brave New Trusted Boot World," Pid Eins, October 24, 2022: https://0pointer.de/blog/brave-new-trusted-boot-world.html
  3. TPM: https://en.wikipedia.org/wiki/Trusted_Platform_Module
  4. UAPI: https://uapi-group.org/
  5. UKI: https://uapi-group.org/specifications/specs/unified_kernel_image/
  6. systemd-stub: https://www.freedesktop.org/software/systemd/man/latest/systemd-stub.html
  7. ukify: https://www.freedesktop.org/software/systemd/man/latest/ukify.html
  8. "nmbl: We Don't Need a Bootloader," June 13, 2024: https://fizuxchyk.wordpress.com/2024/06/13/nmbl-we-dont-need-a-bootloader/
  9. kexec: https://wiki.archlinux.org/title/Kexec
  10. "How to Build and Boot nmbl on a Fedora Virtual Machine," June 13, 2024: https://fizuxchyk.wordpress.com/2024/06/13/how-build-and-boot-nmbl-on-a-fedora-virtual-machine/
  11. nmbl on GitHub: https://github.com/rhboot/nmbl-poc

The Author

Ferdinand Thommes lives and works as a Linux developer, freelance writer, and tour guide in Berlin.

« Previous 1 2

Buy this article as PDF

Download Article PDF now with Express Checkout
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
SUBSCRIPTIONS
Print Subscriptions
Digital Subscriptions

Related content

  • Linux Boot Process

    If you want to troubleshoot startup issues, you need a clear understanding of how Linux boots.

    more »
  • GRUB 2

    Deeper knowledge of the GRUB 2 bootloader will help you with troubleshooting and customizing your Linux boot environment.

    more »
  • The State of Secure Boot

    Opinions differ on the UEFI boot security system, but one thing is certain: Secure Boot is here to stay. We thought it was time to ask, "How hard is it to boot a popular Linux distribution in a UEFI Secure Boot environment?"

    more »
  • UEFI and Secure Boot

    The coming Windows 8 implementation of UEFI with Secure Boot adds an extra layer of complexity for some Linux users. We look at the problem and two solutions from Fedora and Canonical.

    more »
  • Win8/Linux Dual-Boot

    Although getting Windows to play nice with an existing Linux installation is difficult, with a few tricks, you can set up Windows 8 to dual-boot with Linux.

    more »
comments powered by Disqus