Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
how to use a custom initramfs and get a unified kernel image
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
zen_desu
n00b
n00b


Joined: 25 Oct 2024
Posts: 68

PostPosted: Mon Dec 23, 2024 9:40 pm    Post subject: Reply with quote

I'm pretty sure the busybox switch_root implementation is different, but I generally keep /dev mounted before switch_root so /dev/mapper/ is passed to the running system. That may be part of the issue.
_________________
µgRD dev
Wiki writer
Back to top
View user's profile Send private message
zen_desu
n00b
n00b


Joined: 25 Oct 2024
Posts: 68

PostPosted: Mon Dec 23, 2024 9:41 pm    Post subject: Reply with quote

Cheesyjuggler64 wrote:
Its the same mounting error (my nvme0n1p1 is my efi drive)
Code:

mount: /efi wrong FS type, bad option, bad superblock on /dev/nvme0n1p1, missing code page or helper program, or other error
       dmesg(1) may have more information after the failed mount call

Output of dmesg
Code:

FAT-fs (nvme0n1p1): IO charset iso8859-1 not found

Fstab has no mention of charsets.


do you have

Code:
CONFIG_NLS_ISO8859_1

_________________
µgRD dev
Wiki writer
Back to top
View user's profile Send private message
Cheesyjuggler64
n00b
n00b


Joined: 16 May 2024
Posts: 36

PostPosted: Mon Dec 23, 2024 10:03 pm    Post subject: Reply with quote

Okay I built that in and rebuilt the kernel and the issues fixed. Thanks.
Regarding the initramfs should they be rebuilt every time either busybox cryptsetup or btrfs is updated and if so how ? can I hook portage or use some install kernel parameter?
Back to top
View user's profile Send private message
zen_desu
n00b
n00b


Joined: 25 Oct 2024
Posts: 68

PostPosted: Mon Dec 23, 2024 10:17 pm    Post subject: Reply with quote

Cheesyjuggler64 wrote:
Okay I built that in and rebuilt the kernel and the issues fixed. Thanks.
Regarding the initramfs should they be rebuilt every time either busybox cryptsetup or btrfs is updated and if so how ? can I hook portage or use some install kernel parameter?


https://github.com/desultory/ugrd/blob/main/hooks/installkernel/52-ugrd.install

You can make an installkernel script like this.

If your initramfs doesn't have kmods, you don't really need to rebuild it unless you need new features/support from any of the tools you use.

If you generate it using a file list, so it pulls the files each time it builds the kernel, that rebuilds it every time you update the kernel, but you will have to use some tool to regenerate the file list to consider possible linking changes on new builds.

(ugrd does this all for you :P)

https://wiki.gentoo.org/wiki/Installkernel#initrd_generator
If you're using installkernel and have some script which regenerates the file list, you could possibly set that script as your "initrd generator" but if you don't, and simply install your hook, it will run unconditionally.

If you want the initramfs to be built into the kernel, you must build/generate that before the install phase, so installkernel won't be a great option there.

If you want to go the UKI route, you could have ukify (installkernel hook) pack an external initramfs into a single image with the kernel. One big advantage to this is that you do not need to re-compile your kernel whenever you change the initramfs.
_________________
µgRD dev
Wiki writer
Back to top
View user's profile Send private message
Cheesyjuggler64
n00b
n00b


Joined: 16 May 2024
Posts: 36

PostPosted: Tue Dec 24, 2024 12:00 am    Post subject: Reply with quote

okay so if I want to go the uki root is it possible to use my cpio file and the kernel's efi stub and then build a uki using that that way I wouldn't have to recompile the kernel each time the initramfs needs updating as well as only using the inbuilt kernels efistub. (https://www.rodsbooks.com/efi-bootloaders/efistub.html)
Back to top
View user's profile Send private message
zen_desu
n00b
n00b


Joined: 25 Oct 2024
Posts: 68

PostPosted: Tue Dec 24, 2024 12:05 am    Post subject: Reply with quote

Cheesyjuggler64 wrote:
okay so if I want to go the uki root can I pass in the cpio file to the kernel's own efi stub and then build a uki using that that way I wouldn't have to recompile the kernel each time the initramfs needs updating as well as only using the inbuilt kernels efistub. (https://www.rodsbooks.com/efi-bootloaders/efistub.html)



Technically, a UKI is a specific format and a single image. But yes, you can do something like that.

You can pass an "initrd=" arg to the kernel to have it load an initramfs image from the ESP. This is what I do.

uefi-mkconfig (efistub USE flag on installkernel) can help automate the config for you, as long as you copy the image to the working dir installkernel uses. It passes this as an argument.
_________________
µgRD dev
Wiki writer
Back to top
View user's profile Send private message
Cheesyjuggler64
n00b
n00b


Joined: 16 May 2024
Posts: 36

PostPosted: Tue Dec 24, 2024 12:07 am    Post subject: Reply with quote

right okay. So if I do that is there no way to then combine the initrd and bzImage into a single executable binary?
Back to top
View user's profile Send private message
zen_desu
n00b
n00b


Joined: 25 Oct 2024
Posts: 68

PostPosted: Tue Dec 24, 2024 12:12 am    Post subject: Reply with quote

Cheesyjuggler64 wrote:
right okay. So if I do that is there no way to then combine the initrd and bzImage into a single executable binary?


You can with ukify :D

ukify tapes a kernel + initramfs + ucode possibly + cmdline possibly etc.. into a single file. Similar to how you can build these into a kernel, but somewhat simpler.
_________________
µgRD dev
Wiki writer
Back to top
View user's profile Send private message
Cheesyjuggler64
n00b
n00b


Joined: 16 May 2024
Posts: 36

PostPosted: Tue Dec 24, 2024 1:29 am    Post subject: Reply with quote

if I Embed the initramfs with a file-list the compiled kernel will just be a single binary right ? if so can I then, if I need to change my initramfs, just run
Code:
rm /usr/src/linux/usr/initramfs_data.cpio*
then remake the kernel which will only modify the initramfs portion of the kernel without recompiling the entire thing? or will the entire kernel need to be rebuilt to incorporate the changes?
Back to top
View user's profile Send private message
zen_desu
n00b
n00b


Joined: 25 Oct 2024
Posts: 68

PostPosted: Tue Dec 24, 2024 1:41 am    Post subject: Reply with quote

Cheesyjuggler64 wrote:
if I Embed the initramfs with a file-list the compiled kernel will just be a single binary right ? if so can I then, if I need to change my initramfs, just run
Code:
rm /usr/src/linux/usr/initramfs_data.cpio*
then remake the kernel which will only modify the initramfs portion of the kernel without recompiling the entire thing? or will the entire kernel need to be rebuilt to incorporate the changes?


This can work, I'm not sure you even have to delete that file. I think it may have some mechanism to check if there were changes, or will just rebuild it each time.

I used to do that, and it works pretty nicely with custom kernels. It's a bit of a pain with dist-kernel as that does a clean build every time, so it recompiles things needlessly if the goal is just to update the initramfs.

While this works, I think it's best to keep the initramfs creation process somewhat separate from the kernel build.
_________________
µgRD dev
Wiki writer
Back to top
View user's profile Send private message
Cheesyjuggler64
n00b
n00b


Joined: 16 May 2024
Posts: 36

PostPosted: Tue Dec 24, 2024 1:54 am    Post subject: Reply with quote

okay. Speaking of dist kernel, can I just migrate my config from the gentoo sources over to the distkernel as I'm aware that theres a saved config option which helps automate the updating of the kernel. Do you think its worth having the initramfs and kernel separate and then secure boot signing them both and avoid the unnecessary compilation as opposed to doing what I said early which then makes the maintenance of the secure boot signings easier ?
Back to top
View user's profile Send private message
zen_desu
n00b
n00b


Joined: 25 Oct 2024
Posts: 68

PostPosted: Tue Dec 24, 2024 2:00 am    Post subject: Reply with quote

Cheesyjuggler64 wrote:
okay. Speaking of dist kernel, can I just migrate my config from the gentoo sources over to the distkernel as I'm aware that theres a saved config option which helps automate the updating of the kernel. Do you think its worth having the initramfs and kernel separate and then secure boot signing them both and avoid the unnecessary compilation as opposed to doing what I said early which then makes the maintenance of the secure boot signings easier ?


I don't think dist-kernel has a super straightforward way of working with a custom initramfs, but you can make it work.

If you don't have kmods in your initramfs, and have a single CPIO which can work across multiple kernel versions (possible, not guaranteed), you just need to configure the INITRAMFS_SOURCE to target that working CPIO.

I did this in the past, before ugrd was in ::gentoo, and my process was to build the kernel with the INITRAMFS_SOURCE configured to target the CPIO i generated. The first image is essentially junk because I use kmods in my initramfs, and it would pack the previously generated image.

Once new kmods are made, I regenerate the image, then rebuild the kernel. This time, it packs an image with kmods associated with that kernel version. If you don't have kmods in your initramfs, this second phase is not necessary.

Using a savedconfig still requires a bit of maintenance and testing. I would recommend using this method with dist-kernel so you can apply your custom changes over the upstream base config: https://wiki.gentoo.org/wiki/Project:Distribution_Kernel#Using_.2Fetc.2Fkernel.2Fconfig.d

Concerning secure boot, SB verifies code run by the UEFI. That includes the kernel but does not include an initramfs. If the initramfs is packed into whatever the UEFI executes, such as a kernel image with an embedded initramfs or UKI, then the initramfs is verified because it is part of the file being run by the UEFI. The UEFI doesn't really know/care that it's an initramfs (a data portion), just that it's verifying the entire bit of code being run. I believe in the case of a UKI, the CPIO exists as an object in the binary.

It's simpler to just not sign the initramfs, or use a UKI if your initramfs exists as a CPIO outside of the kernel image.
_________________
µgRD dev
Wiki writer
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum