On Fri, Jun 27, 2025 at 04:58:43PM +0100, Frediano Ziglio wrote: > On Fri, Jun 27, 2025 at 3:20 PM Marek Marczykowski-Górecki > <marma...@invisiblethingslab.com> wrote: > > So, it looks like major distributions use a patched grub version that > > changes behavior of "linux" command. IIUC many of those patches are > > about hardening SecureBoot, and shim-review kinda suggest using patched > > version (many of the submissions explicitly mention the at least patch > > grub for NX). So, I think this needs figuring out how to make your > > approach working with grub flavor that is actually used by SB-enabled > > distributions... > > > > We (xenserver) would like to provide booting using separate > hypervisor, kernel and initrd. > Using "linux" was an old discussed option which had a nice usage. > The merged patches allow to have a fully UKI file bundling kernel and > initrd loaded from no-ESP partition which is nice to have. > For the final solution I was thinking about using "xen_hypervisor" and > "xen_module" already present for ARM. From the user perspective is > surely less confusing than using "linux" to pass something which is > not Linux.
In which case, loading initrd using Linux-specific grub part doesn't make sense, no? Or is that xen_module going to use similar mechanism? -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab
signature.asc
Description: PGP signature
