Speaker
Description
We are working on a new scheme to replace the GRUB boot loader with a fast, secure, Linux-based, user-space solution: nmbl (for no more boot loader).
GRUB is a powerful, flexible, fully-featured boot loader used on multiple architectures, but its features create complexity that is difficult to maintain, and that both duplicate and lag behind the Linux kernel while also creating numerous security holes. On the other hand, the Linux kernel, which has a large developer base, benefits from fast feature development, quick responses to vulnerabilities and greater overall scrutiny.
Our solution is to use the Linux kernel as its own boot loader. Loaded by the EFI stub on UEFI, and packed into a signed unified kernel image (UKI), the kernel, initramfs, and kernel command line contain everything they need to reach the final boot target. All necessary drivers, filesystem support, and networking are already built in and code duplication is avoided.
We will discuss the work done so far, as well as challenges and future plans, and would be grateful for your feedback and use cases.