Home Linux GRUB Project Update 2025
LinuxAnnouncementsNewsOpensource

GRUB Project Update 2025

By sk
Written by sk 292 views 4 mins read

The GRUB (GRand Unified Bootloader) project continues to evolve, bringing new features, security improvements, and optimizations. This article provides a brief look at the latest developments in GRUB, based on the recent project status report from FOSDEM 2025, presented by Daniel Kiper, a GRUB upstream maintainer from Oracle. The event took place in Brussels on 1 February 2025.

What is GRUB?

GNU GRUB Boot Loader
GNU GRUB Boot Loader

GRUB (GRand Unified Bootloader) is a powerful and flexible bootloader used by most Linux distributions. It is responsible for loading the operating system when a computer starts. GRUB allows users to choose between multiple operating systems, configure boot parameters, and manage system recovery options.

Key Updates in GRUB

1. Updates in Last Year

In the past year, GRUB has integrated several new capabilities to improve system security and performance:

  • EROFS Support: GRUB now includes support for the Enhanced Read-Only File System (EROFS), offering better performance and space efficiency for read-only partitions.
  • Improved Security Controls: If GRUB is built with --disable-cli, command-line access and menu entry editing will be disabled, reducing attack vectors.
  • Core NX Support for EFI: GRUB now supports the Non-Executable (NX) bit on EFI platforms, enhancing memory security.
  • Stricter PE File Section Alignment: GRUB enforces alignment with the page size (minimum 4KB), ensuring better compatibility with modern hardware and security standards.
  • Better Memory Protection: GRUB now prevents sections from being both writable and executable, adhering to security best practices.
  • SBAT Support for ELF Files: This enhances Secure Boot handling, improving system integrity.
  • TPM2-Based Automatic Disk Unlocking: Users on EFI and IEEE1275 PowerPC platforms can now benefit from seamless disk unlocking using TPM2.
  • Enhanced Font Detection: The build system now has improved font detection for better UI rendering.
  • Better Upstream Patch Management: More downstream patches are being incorporated into upstream GRUB, reducing fragmentation.

2. Current Year Developments in the GRUB Project

The GRUB team is currently working on several exciting features and improvements:

  1. Shim Loader Protocol Support for EFI Platforms: This will enhance compatibility with secure boot implementations.
  2. TrenchBoot Support for x86 Architectures: TrenchBoot, a project for securing the boot process, is being integrated for both Intel and AMD systems.
  3. BLS and UKI Support: Boot Loader Specification (BLS) and Unified Kernel Image (UKI) support are being added to streamline boot processes.
  4. Appended Signature Secure Boot for PowerPC: This feature will improve secure boot capabilities on PowerPC systems.
  5. Library Updates: Embedded libraries, including libgcrypt (required for Argon2 KDF), are being updated to their latest versions.
  6. Downstream Patch Forward Porting: The team continues to integrate patches from downstream distributions into the upstream codebase.
  7. CI Infrastructure Setup: A Continuous Integration (CI) system is being developed to automate testing and improve code quality.
  8. Next Code Freeze and Release: A code freeze is planned in the coming months, followed by a new GRUB release.

Fedora's Downstream GRUB Patches

Alec Brown from Oracle provided statistics on Fedora’s downstream GRUB patches. Here’s a breakdown:

  • GRUB 2.02: Over 11 Fedora versions (21 to 31), the number of patches grew from 151 to 370, with many backported and new patches added.
  • GRUB 2.04: Fedora 32 and 33 saw a total of 437 patches, with 28 backported and 67 new patches.
  • GRUB 2.06: From Fedora 34 to 40, the patch count increased to 544, with 84 patches backported and 98 new patches added.

These numbers highlight the collaborative effort between the GRUB upstream team and Fedora to improve the bootloader.

These numbers also show that while Fedora contributes significantly to GRUB, many of its patches are now making their way upstream, reducing the need for separate downstream fixes.

What’s Next for GRUB?

With continuous improvements, GRUB remains the most widely used bootloader in Linux systems. The team is working towards:

  • Further upstreaming of Fedora patches.
  • Enhancing security features, particularly for Secure Boot and TPM-based authentication.
  • Improving the testing framework to ensure GRUB remains reliable on modern hardware.

Please read the full presentation for more details.

Related Read:

Senthilkumar Palani (aka SK) is the Founder and Editor in chief of OSTechNix. He is a Linux/Unix enthusiast and FOSS supporter. He lives in Tamilnadu, India.

You May Also Like

How To Configure VLAN Tagging In Linux [A...

How To Configure SSH Key-based Authentication In Linux

Pilet: A Modular, Portable Mini-Computer Powered by Raspberry...

Install Linux Kernel 4.7 in openSUSE

Install Apache, MariaDB, PHP (LAMP Stack) In CentOS...

How To Configure Static IP Address In Linux...

1 comment

M March 6, 2025 - 2:18 am

Not true. Unfortunately most distros now use crappy grub2 instead of grub 🙁

Reply

Leave a Comment

Save my name, email, and website in this browser for the next time I comment.

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More