On Mon, Mar 5, 2012 at 12:32 PM, Paul Fox <p...@laptop.org> wrote: > and if i don't, the machine will be unbootable, i guess?
Yes. > is there a way to fall back on the signed zip version of the initrd > if there's no "plain" version? We did try to do this, back in the thread "OFW unsecure kernel/initramfs load from zip file", but it was messy, and the final cleaner version doesn't do this, in the interests of boot code unification between secure/unsecure boot. So I think the answer is "no" there, unfortunately. Mitch, what are your thoughts? This is the case where we want to load the kernel from vmlinuz, but the initramfs from runrd.zip (without signature checking). >From my perspective, the most ideal thing would to be able to do: " last:\boot\runrd.zip" to ramdisk But I don't know of the challenges behind this. And even if that were implemented now, we'd then have to require a new firmware for unsecure boots - I'm not sure if that is something we would accept. > it would be nice if the script didn't clobber existing plain kernel > and/or initrd files by default -- then one could install one's new > kernel and run the script in either order. Good idea. > is the duplication problem greater than simply the waste of disk space? The primary motivation is the space-saving. There is also the smaller issue that we duplicate boot code in 2 places (e.g. the firmware update code in olpc.fth in addition to the firmware). Daniel _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel