redhat/kernel.spec: add uki_addons to create UKI kernel cmdline addons (!2917) · Merge requests · cki-project / kernel-ark

Emanuele Giuseppe Esposito requested to merge eesposit/kernel-ark:addons into os-build Feb 01, 2024

We want to enable kernel.spec to optionally ship UKI addons defined in a common config file in redhat folder. The folder redhat/uki_addons will contain all addons configs specifying the UKI kernel cmdline addons to be created in the next build. An addon config is simply a .addon plain text file, where any line is taken as kernel cmdline, except for the ones starting with '#', which will be automatically ignored.

redhat/scripts/uki_create_json.py will take care of parsing all configs and folders in redhat/uki_addons and produce a json file 'uki_addons.json' that is then added into the SRPM. When building the RPM, kernel.spec will then call uki_create_addons.py to parse the json and call 'ukify' for each addon matching the given distro, arch and uki provided in input.

The output addon filename will be a concatenation of all folders in redhat/uki_addons that are part of the addon config path.

The folder hierarchy inside of redhat/uki_addons is similar to redhat/configs: distro/UKI_NAME/%arch.

It is also possible to add .sbat to all the generated addons, by populating redhat/uki_addons/distro/UKI_NAME/%arch/sbat/sbat.conf. Syntax is same as the addons config.

As an example of this feature, add the fips addon to optionally enable fips (https://issues.redhat.com/browse/RHEL-23049).

Edited May 22, 2024 by Emanuele Giuseppe Esposito

redhat/kernel.spec: add uki_addons to create UKI kernel cmdline addons

Merge request reports