On Thu, 9 Dec 2021 at 10:02, Julian Andres Klode <julian.kl...@canonical.com> wrote:
> On Thu, Dec 09, 2021 at 09:21:35AM +1300, Michael Hudson-Doyle wrote: > > On Thu, 9 Dec 2021 at 08:52, Julian Andres Klode < > julian.kl...@canonical.com> > > wrote: > > > > > The most interesting solution would be to create the cpip archive > > > dynamically by giving cpio a list of files over a pipe that we create > > > dynamically in the hooks as we copy files in, then pipe that to zstd > > > --adapt; then it would all work super nicely. > > > > > > > If we're going to spend significant effort, I think I'd prefer we try to > > find a way to not recompress the modules when making the initrd at all, > at > > least for MODULES=most builds. We could just ship a zstd -19'ed > > MODULES=most cpio archive in the kernel packaging and have four layers of > > initrd (intel firmware, amd64 firmware, modules, everything else) but > that > > would bloat the kernel package rather a lot... > > I'd kind of like us to ship "default" initramfs in like > linux-initrd-$uname-r > and linux-initrd-generic and so on. Maybe even signed somehow so that > the kernel can verify its integrity when booting. Such that booting with > authenticated FDE is fully authenticated. > > But oh well, those are all long term wishes :) > Yeah, let's not let that sort of thing distract us from fixing the issues that lead to this thread (but also let's not put *too* much effort into this). Cheers, mwh
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel