FS#65475 - Support Dracut Created Unified Kernel Images - Include Original Microcode in intel-ucode & amd-ucode

Attached to Project: Arch Linux
Opened by Neurognostic (Neurognostic) - Thursday, 13 February 2020, 01:41 GMT
Last edited by Eli Schwartz (eschwartz) - Thursday, 13 February 2020, 02:52 GMT
Task Type Feature Request
Category Packages: Extra
Status Closed
Assigned To No-one
Architecture x86_64
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:
Dracut is capable of creating a Unified Kernel image with its `--uefi` and `--early-microcode` options. This image combines the kernel command line, kernel, initrd, and *could* include the microcode image. However `dracut(8)` expects the microcode in their original format, rather than how Arch Linux packages them by first processing them with `iucode-tools`.

Without the original microcode files the user must rely on additional tools such as `objcopy(1)` to create a unified image manually, for example for a single file to sign for Secure Boot or for embedding kernel command line on UEFI implementation that don't support passing the kernel command line string from the firmware.

https://systemd.io/BOOT_LOADER_SPECIFICATION/#type-2-efi-unified-kernel-images
https://wiki.archlinux.org/index.php/Talk:Dracut#Early_microcode_loading_for_Intel_CPUs
https://jlk.fjfi.cvut.cz/arch/manpages/man/extra/dracut/dracut.8.en

Packages:
extra/dracut
extra/intel-ucode
core/amd-ucode

Solution:
I propose including the original microcode files with the intel-ucode and amd-ucode package in addition to the `iucode-tools` processed `/boot/intel-ucode.img` and `/boot/amd-ucode.img`. See Fedora's `microcode_ctl` for an example of what would support dracut creating unified uefi kernel images.

https://fedora.pkgs.org/31/fedora-x86_64/microcode_ctl-2.1-32.fc31.x86_64.rpm.html
This task depends upon

Closed by  Eli Schwartz (eschwartz)
Thursday, 13 February 2020, 02:52 GMT
Reason for closing:  Won't implement
Additional comments about closing:  dracut now supports our usage natively
Comment by Eli Schwartz (eschwartz) - Thursday, 13 February 2020, 02:51 GMT
As per  FS#59841  it is incorrect to put microcode there if it should not be used for late loading.

As of https://github.com/dracutdevs/dracut/pull/699 dracut supports the standard bootloader scheme in /boot/*.img

Loading...