Unified Kernel Support Phase 2
Summary
Improve support for unified kernels in Fedora.
Owner
- Name: Gerd Hoffmann
- Email: kraxel@redhat.com
Current status
- Targeted release: Fedora Linux 40
- Last updated: 2023-10-12
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
Detailed Description
See Changes/Unified_Kernel_Support_Phase_1 for overview and Phase 1 goals.
Phase 2 goals:
- Add support for booting UKIs directly.
- Boot path is shim.efi -> UKI, without any boot loader (grub, sd-boot) involved.
- The UEFI boot configuration will get an entry for each kernel installed.
- Newly installed kernels are configured to be booted once (via BootNext).
- Successful boot of the system will make the kernel update permanent (update BootOrder).
- Enable UKIs for aarch64.
- Should be just flipping the switch, dependencies such as kernel zboot support are merged.
- Add a UEFI-only cloud image variant which uses UKIs.
- Also suitable for being used in confidential VMs.
- Cover both x86_64 and aarch64.
Feedback
Benefit to Fedora
Scope
- Proposal owners:
- Other developers:
- Release engineering: #Releng issue number
- Policies and guidelines: N/A (not needed for this Change)
- Trademark approval: N/A (not needed for this Change)
- Alignment with Objectives:
Upgrade/compatibility impact
How To Test
Needs up-to-date Fedora 39 or Rawhide.
1. dnf install --enable-repo=updates-testing virt-firmware uki-direct
- The uki-direct package contains the kernel-install plugin and systemd unit needed to automatically manage kernel updates.
- You should have version 23.10 or newer.
2. sh /usr/share/doc/python3-virt-firmware/experimental/fixup-partitions-for-uki.sh
- Workaround for bug 2160074 (anaconda not setting up discoverable partitions).
3. dnf install kernel-uki-virt
4. kernel-bootcfg --show
- optional step, shows UEFI boot configuration, the new UKI should be added as BootNext
$ kernel-bootcfg --show # C - BootCurrent, N - BootNext, O - BootOrder # -------------------------------------------- # N - 0008 - 6.5.7-300.fc39.x86_64 # C O - 0007 - 6.5.6-300.fc39.x86_64 # O - 0006 - Fedora # O - 0001 - UEFI QEMU QEMU HARDDISK [ ... ]
5. reboot
6. kernel-bootcfg --show
- optional again, after successful boot the new kernel should be first in BootOrder.
$ kernel-bootcfg --show # C - BootCurrent, N - BootNext, O - BootOrder # -------------------------------------------- # C O - 0008 - 6.5.7-300.fc39.x86_64 # O - 0007 - 6.5.6-300.fc39.x86_64 # O - 0006 - Fedora # O - 0001 - UEFI QEMU QEMU HARDDISK [ ... ]
User Experience
Dependencies
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
Documentation
N/A (not a System Wide Change)