On 18.10.23 20:50, Root Mailer wrote: > Why doesn't bg_gen_unified_kernel take the kernelargs variable? > Currently I need to know the root=/dev/xxx device when creating the > unified-kernel.efi, but can't change it dynamically via bg_setenv.
As the command line is under the protection of the UKI signature in case of secure boot, changing it dynamically does not work. We therefore have initramfs scripts that select the rootfs, see [1] and [2]. Jan [1] https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/15d0f975af69903bf18e9930c7e232ca156841b3/recipes-initramfs/initramfs-abrootfs-hook/files/abrootfs.script#L33 [2] https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/15d0f975af69903bf18e9930c7e232ca156841b3/recipes-initramfs/initramfs-verity-hook/files/verity.script.tmpl#L37 -- Siemens AG, Technology Linux Expert Center -- You received this message because you are subscribed to the Google Groups "EFI Boot Guard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/efibootguard-dev/a4a9a218-bdb7-45b0-adff-ce60e0a63d72%40siemens.com.
