From Fedora Project Wiki


Unified Kernel Support Phase 2

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Improve support for unified kernels in Fedora.

Owner


Current status

  • Targeted release: Fedora Linux 40
  • Last updated: 2023-10-12
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

See Changes/Unified_Kernel_Support_Phase_1 for overview and Phase 1 goals.

Phase 2 goals:

  • Add support for booting UKIs directly.
    • Boot path is shim.efi -> UKI, without any boot loader (grub, sd-boot) involved.
    • The UEFI boot configuration will get an entry for each kernel installed.
    • Newly installed kernels are configured to be booted once (via BootNext).
    • Successful boot of the system will make the kernel update permanent (update BootOrder).
  • Enable UKIs for aarch64.
    • Should be just flipping the switch, dependencies such as kernel zboot support are merged.
  • Add a UEFI-only cloud image variant which uses UKIs.
    • Also suitable for being used in confidential VMs.
    • Cover both x86_64 and aarch64.

Feedback

Benefit to Fedora

Scope

  • Proposal owners:
  • Other developers:
  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives:

Upgrade/compatibility impact

How To Test

Needs up-to-date Fedora 39 or Rawhide.

  • dnf install --enable-repo=updates-testing virt-firmware uki-direct
    • The uki-direct package contains the kernel-install plugin and systemd unit needed to automatically manage kernel updates.
    • You should have version 23.10 or newer.
  • sh /usr/share/doc/python3-virt-firmware/experimental/fixup-partitions-for-uki.sh
    • Workaround for bug 2160074 (anaconda not setting up discoverable partitions).
  • dnf install kernel-uki-virt
  • kernel-bootcfg --show
    • optional step, shows UEFI boot configuration, the new UKI should be added as BootNext
  • reboot
  • kernel-bootcfg --show
    • optional again, after successful boot the new kernel should be first in BootOrder.


User Experience

Dependencies

Contingency Plan

  • Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
  • Contingency deadline: N/A (not a System Wide Change)
  • Blocks release? N/A (not a System Wide Change), Yes/No


Documentation

N/A (not a System Wide Change)

Release Notes