Revisiting default initramfs compression
Mark Shuttleworth
mark.shuttleworth at canonical.com
Thu Dec 9 06:51:07 UTC 2021
On 08/12/2021 23:02, Julian Andres Klode wrote:
> I'd kind of like us to ship "default" initramfs in like
> linux-initrd-$uname-r
> and linux-initrd-generic and so on. Maybe even signed somehow so that
> the kernel can verify its integrity when booting. Such that booting with
> authenticated FDE is fully authenticated.
>
> But oh well, those are all long term wishes :)
That is in fact how Ubuntu Core handles this; initrd is fixed, and
signed. Since we want the same machinery for FDE in Classic that we have
in Core, its likely this is a reasonable wish :)
Mark
More information about the ubuntu-devel
mailing list