Path: csiph.com!weretis.net!feeder8.news.weretis.net!srl.newsdeef.eu!news.corradoroberto.it!bofh.it!news.nic.it!robomod From: Ben Hutchings Newsgroups: linux.debian.kernel,linux.debian.maint.boot Subject: Re: [RFC] Using SimpleDRM in the initramfs Date: Mon, 11 May 2026 19:00:01 +0200 Message-ID: References: X-Mailbox-Line: From debian-kernel-request@lists.debian.org Mon May 11 16:53:01 2026 Old-Return-Path: X-Amavis-Spam-Status: No, score=-115.217 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, DKIMWL_WL_HIGH=-0.445, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FOURLA=0.1, LDO_WHITELIST=-5, MD5_SHA1_SUM=-1, PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-2.3, SARE_MSGID_LONG40=0.637, UNPARSEABLE_RELAY=0.001, USER_IN_DKIM_WELCOMELIST=-0.01, USER_IN_DKIM_WHITELIST=-100] autolearn=unavailable autolearn_force=no Organization: Debian Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-DjDaqPWspvvwAJmPFA1W" User-Agent: Evolution 3.56.2-9 MIME-Version: 1.0 X-Debian-User: benh X-Mailing-List: archive/latest/155210 List-ID: List-URL: List-Archive: https://lists.debian.org/msgid-search/ff080feb4ce6cb08a45d21bbc1ade1d6967e96fe.camel@debian.org Approved: robomod@news.nic.it Lines: 78 Sender: robomod@news.nic.it X-Original-Cc: Debian kernel maintainers , Debian installer maintainers , GRUB Maintainers , plymouth@packages.debian.org, Luca Boccassi , NoisyCoil X-Original-Date: Mon, 11 May 2026 18:52:31 +0200 X-Original-Message-ID: X-Original-References: <7e451300e9129f9a466548a3d0b771b236e1b36b.camel@debian.org> <20260511142753.4093672-1-safinaskar@gmail.com> Xref: csiph.com linux.debian.kernel:92461 linux.debian.maint.boot:77477 --=-DjDaqPWspvvwAJmPFA1W Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, 2026-05-11 at 17:27 +0300, Askar Safin wrote: > Ben Hutchings : > > - In the kernel, we cannot assume that an EFI framebuffer is always > > usable. In particular, older versions of GRUB may break it by using > > a native graphics driver, but without clearing whatever signals the > > kernel that it is available. This was fixed upstream in the default > > config for GRUB 2.14 but we cannot assume that the config change > > actually gets applied to existing installations. >=20 > It WILL be applied to existing installations. That depends on just how much customisation was done. > Here is upstream commit in question: > https://cgit.git.savannah.gnu.org/cgit/grub.git/commit/?id=3Dea0b76dc4a00= 3f2b7f828ef0c24cc8227148b2f8 >=20 > It changed file util/grub.d/00_header.in in the repo. It corresponds to > /etc/grub.d/00_header in installed system. It is script, which is used > when generating /boot/grub/grub.cfg . >=20 > /etc/grub.d/00_header is present in output of > "dpkg-query -W -f=3D'${Conffiles}\n' grub-*", but I think that this is > highly unlikely that users manually edited that file. It is a conffile, therefore we support users modifying it. So if we want to make a switch on upgrade we'll have to check the GRUB configuration to figure out whether that is safe. That's not actually possible because the configuration is a script and not static definitions. The best I think we can do is "if the GRUB configuration is unmodified from the shipped files, we can safely switch". > So the file will be simply replaced on upgrade, and then new /boot/grub/g= rub.cfg > will be generated from it. >=20 > Also note that I only was able to reproduce that GRUB bug in Qemu only. > And I was not able to reproduce it on real hardware. [...] But why does that matter? There are a lot of Debian systems running in VMs and some fraction of those do have people looking at their graphical output. Ben. --=20 Ben Hutchings - Debian developer, member of kernel, installer and LTS teams --=-DjDaqPWspvvwAJmPFA1W Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmoCCU8ACgkQ57/I7JWG EQm/ow//Q06lxilmwgl57/TF15Ja7+QUstdzUA6CXH+FinH3a7YBv55HoB4KrMGx EalYW94yEuHYeVhLrt59jGlWCt66CehiWk1Dpu3QlsxxxRhzoVO85eT7mz4WGDlr 4QRQ7DnOJhduFCs5ESLy9UNB6hDs0kpK9za5uYYp/Iy1tKPXLne+JN2Vn7UNYZ4o R+1q9Jwfn6MH9dhm3h1VN3xLN2ucWmMRWKhsMYQeD/F/7dpvTczZrB7tbh2mlwcl hIsOaflLxQntFEtlfCy0rQLx6qwDQirq3VzHz6g+j1j1bf8rY68ERSrl3SvxZjCE 8rhNdICkNUoxpN0mUYNMBN1RPh0OlZBJpMXAIg+AEOcnctJDEq8f6S5fjg0w6hNt 2d//sy+AeAHCt+E3JBzw57qheyhc4MGZ8NM8K1t7tUR1vOAm5zMxJlNR+hLqKBql f/aKKxMenSuAa6XuX6osv7Huq0zvSHOtPy4YkSKiX10VfTVl8kE6qSH9W8B1mMH5 pGLLpoUHpVgT3tso1WLLuAaKBfu74p5D2mG6rTWh2slJV5CCdFRKGX7jcbwi6eSE OlNn7ii2y93pyHwbuGaiWL4Id4IU+Q2Dmq7eXabDMXaFVqch0uPtp7w2HdPebXkV b5u08c4y+n6MgO3H8CT+WUnLGodc3ksjef///7b9SOYYjVyIqv4= =8xK4 -----END PGP SIGNATURE----- --=-DjDaqPWspvvwAJmPFA1W--