GNU GRUB 2, mostly just referred to as GRUB these days, is the most widely used boot loader for x86_64 Linux systems. It supports reading from a vast selection of filesystems, handles booting modern systems with UEFI or legacy systems with a BIOS, and even allows users to customize the “splash” image displayed when a system boots. Alas, all of those features come with a price; GRUB has had a parade of security vulnerabilities over the years. To mitigate some of those problems, Ubuntu core developer and Canonical employee Julian Andres Klode has proposed removing a number of features from GRUB in Ubuntu 26.10 to improve GRUB’s security profile. His proposal has not been met with universal acclaim; many of the features Klode would like to remove have vocal proponents.
Ubuntu provides two versions of GRUB: one for UEFI systems that enables Secure Boot (referred to as the “signed” builds), and another for systems with legacy BIOS or systems that otherwise don’t support Secure Boot (the “unsigned” builds). The unsigned GRUB builds from Ubuntu would continue to have the existing set of features, but Klode is looking to strip quite a bit out of signed GRUB builds; he proposes removing support for reading /boot partitions that use Btrfs, HFS+, XFS, or ZFS filesystems. That would leave ext4, FAT, ISO 9660, and SquashFS. He also wants to disable features to use custom PNG and JPEG splash images, and strip out support for “complex partition setups such as LVM, md-raid (except raid1), and LUKS-encrypted /boot” because those were not tested nor used by the Ubuntu installer
https://lemy.lol/u/cm0002 posted on Apr 4, 2026 15:58