[PATCH] rootfs: run kernel-install after update-initramfs
29 views
Skip to first unread message
srinuv...@siemens.com
Apr 15, 2026, 8:54:52 AM (3 days ago) Apr 15
to isar-...@googlegroups.com, srinuvasan, Shivaschandra KL
From: srinuvasan <srinuv...@siemens.com>
When efibootguard is used as the primary bootloader and
systemd-boot as secondary, the WIC plugin expects /boot/EFI/Linux
to contain a unified kernel image for first boot.
Run kernel-install after update-initramfs to ensure the unified
kernel image is generated and placed correctly.
Invoke kernel-install for UKI generation only when:
- ukify binary is available
- /usr/lib/kernel/install.conf exists
Signed-off-by: Shivaschandra KL <shivasch...@siemens.com>
Signed-off-by: srinuvasan <srinuv...@siemens.com>
---
meta/classes-recipe/rootfs.bbclass | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass
index a9233111..9024f006 100644
--- a/meta/classes-recipe/rootfs.bbclass
+++ b/meta/classes-recipe/rootfs.bbclass
@@ -14,10 +14,20 @@ ROOTFS_DISTRO ?= "${DISTRO}"
ROOTFS_USE_DRACUT ??= ""
def initramfs_generator_cmdline(d):
- rootfs_packages = d.getVar('ROOTFS_PACKAGES') or ''
+ rootfs_packages = d.getVar('ROOTFS_PACKAGES') or ''
+
if 'dracut' in rootfs_packages or bb.utils.to_boolean(d.getVar('ROOTFS_USE_DRACUT')):
- return "dracut --force --kver \"$kernel_version\""
- return "update-initramfs -u -v -k \"$kernel_version\""
+ return 'dracut --force --kver "$kernel_version"'
+
+ cmdline = 'update-initramfs -u -v -k "$kernel_version"'
+
+ cmdline += (
+ '; command -v ukify >/dev/null && [ -f /usr/lib/kernel/install.conf ] && '
+ 'kernel-install add "$kernel_version" "/boot/${kernel##*/}" '
+ '"/boot/initrd.img-$kernel_version" || :'
+ )
+
+ return cmdline
ROOTFS_PACKAGES ?= ""
ROOTFS_VARDEPS ?= ""
@@ -627,6 +637,10 @@ python do_generate_initramfs_setscene () {
}
rootfs_generate_initramfs[progress] = "custom:rootfs_progress.InitrdProgressHandler"
+rootfs_generate_initramfs:prepend() {
+ export kernel
+}
+
rootfs_generate_initramfs() {
if [ -n "$(sudo find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then
for kernel in ${ROOTFSDIR}/boot/vmlinu[xz]-*; do
--
2.39.5
When efibootguard is used as the primary bootloader and
systemd-boot as secondary, the WIC plugin expects /boot/EFI/Linux
to contain a unified kernel image for first boot.
Run kernel-install after update-initramfs to ensure the unified
kernel image is generated and placed correctly.
Invoke kernel-install for UKI generation only when:
- ukify binary is available
- /usr/lib/kernel/install.conf exists
Signed-off-by: Shivaschandra KL <shivasch...@siemens.com>
Signed-off-by: srinuvasan <srinuv...@siemens.com>
---
meta/classes-recipe/rootfs.bbclass | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/meta/classes-recipe/rootfs.bbclass b/meta/classes-recipe/rootfs.bbclass
index a9233111..9024f006 100644
--- a/meta/classes-recipe/rootfs.bbclass
+++ b/meta/classes-recipe/rootfs.bbclass
@@ -14,10 +14,20 @@ ROOTFS_DISTRO ?= "${DISTRO}"
ROOTFS_USE_DRACUT ??= ""
def initramfs_generator_cmdline(d):
- rootfs_packages = d.getVar('ROOTFS_PACKAGES') or ''
+ rootfs_packages = d.getVar('ROOTFS_PACKAGES') or ''
+
if 'dracut' in rootfs_packages or bb.utils.to_boolean(d.getVar('ROOTFS_USE_DRACUT')):
- return "dracut --force --kver \"$kernel_version\""
- return "update-initramfs -u -v -k \"$kernel_version\""
+ return 'dracut --force --kver "$kernel_version"'
+
+ cmdline = 'update-initramfs -u -v -k "$kernel_version"'
+
+ cmdline += (
+ '; command -v ukify >/dev/null && [ -f /usr/lib/kernel/install.conf ] && '
+ 'kernel-install add "$kernel_version" "/boot/${kernel##*/}" '
+ '"/boot/initrd.img-$kernel_version" || :'
+ )
+
+ return cmdline
ROOTFS_PACKAGES ?= ""
ROOTFS_VARDEPS ?= ""
@@ -627,6 +637,10 @@ python do_generate_initramfs_setscene () {
}
rootfs_generate_initramfs[progress] = "custom:rootfs_progress.InitrdProgressHandler"
+rootfs_generate_initramfs:prepend() {
+ export kernel
+}
+
rootfs_generate_initramfs() {
if [ -n "$(sudo find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then
for kernel in ${ROOTFSDIR}/boot/vmlinu[xz]-*; do
--
2.39.5
Jan Kiszka
Apr 15, 2026, 9:05:30 AM (3 days ago) Apr 15
to srinuv...@siemens.com, isar-...@googlegroups.com, Shivaschandra KL
On 15.04.26 14:55, srinuvasan.a via isar-users wrote:
> From: srinuvasan <srinuv...@siemens.com>
>
> When efibootguard is used as the primary bootloader and
> systemd-boot as secondary, the WIC plugin expects /boot/EFI/Linux
> to contain a unified kernel image for first boot.
>
Err, where/how do you define "primary" and "secondary" EFI bootloaders?
> From: srinuvasan <srinuv...@siemens.com>
>
> When efibootguard is used as the primary bootloader and
> systemd-boot as secondary, the WIC plugin expects /boot/EFI/Linux
> to contain a unified kernel image for first boot.
>
Note that EBG is isar-cip-core, and there we definitely do not have such
a concept. Can you elaborate what you want to achieve?
referring to an out-of-tree wic plugin with these changes?
In-tree (Isar), we still need to enable
meta/scripts/lib/wic/plugins/source/bootimg-efi-isar.py to generate
UKIs. But that would be systemd-boot UKI-only, no EBG then.
Jan
> + 'kernel-install add "$kernel_version" "/boot/${kernel##*/}" '
> + '"/boot/initrd.img-$kernel_version" || :'
> + )
> +
> + return cmdline
>
> ROOTFS_PACKAGES ?= ""
> ROOTFS_VARDEPS ?= ""
> @@ -627,6 +637,10 @@ python do_generate_initramfs_setscene () {
> }
>
> rootfs_generate_initramfs[progress] = "custom:rootfs_progress.InitrdProgressHandler"
> +rootfs_generate_initramfs:prepend() {
> + export kernel
> +}
> +
> rootfs_generate_initramfs() {
> if [ -n "$(sudo find '${ROOTFSDIR}/boot' -type f -name 'vmlinu[xz]*')" ]; then
> for kernel in ${ROOTFSDIR}/boot/vmlinu[xz]-*; do
--
Linux Expert Center
Arjunan, Srinu
Apr 17, 2026, 12:55:27 AM (yesterday) Apr 17
to Kiszka, Jan, isar-...@googlegroups.com, K L, Shivaschandra
> Err, where/how do you define "primary" and "secondary" EFI bootloaders?
> Note that EBG is isar-cip-core, and there we definitely do not have such a concept. Can you
> elaborate what you want to achieve?
In our downstream project, we use a combination of EBG and systemd-boot, along with UKI (ukify) images.
> Note that EBG is isar-cip-core, and there we definitely do not have such a concept. Can you
> elaborate what you want to achieve?
EBG acts as the primary bootloader to enable watchdog support during early boot,
while systemd-boot is used as a secondary bootloader to select the appropriate Btrfs snapshot along with its corresponding UKI image.
If the system fails to be successfully “blessed” (e.g., due to issues detected during validation of a newly created Btrfs snapshot),
we need a mechanism to fall back to a previously working snapshot and its associated UKI image. This fallback selection is handled by systemd-boot.
To support this flow, the WIC plugin expects /boot/EFI/Linux to contain the unified kernel image required for the first boot.
Therefore, we run kernel-install after update-initramfs to ensure that the unified kernel image is properly
generated and placed in the expected location.
Many thanks,
Srinu
Jan Kiszka
Apr 17, 2026, 3:27:38 AM (yesterday) Apr 17
to Arjunan, Srinu (FT FDS CES LX PBU 2), isar-...@googlegroups.com, K L, Shivaschandra (FT FDS CES LX PBU 1)
On 17.04.26 06:55, Arjunan, Srinu (FT FDS CES LX PBU 2) wrote:
>> Err, where/how do you define "primary" and "secondary" EFI bootloaders?
>> Note that EBG is isar-cip-core, and there we definitely do not have such a concept. Can you
>> elaborate what you want to achieve?
>
> In our downstream project, we use a combination of EBG and systemd-boot, along with UKI (ukify) images.
>
> EBG acts as the primary bootloader to enable watchdog support during early boot,
> while systemd-boot is used as a secondary bootloader to select the appropriate Btrfs snapshot along with its corresponding UKI image.
https://gitlab.com/cip-project/cip-core/isar-cip-core/-/commits/wip/abvar?ref_type=heads
>> Err, where/how do you define "primary" and "secondary" EFI bootloaders?
>> Note that EBG is isar-cip-core, and there we definitely do not have such a concept. Can you
>> elaborate what you want to achieve?
>
> In our downstream project, we use a combination of EBG and systemd-boot, along with UKI (ukify) images.
>
> EBG acts as the primary bootloader to enable watchdog support during early boot,
> while systemd-boot is used as a secondary bootloader to select the appropriate Btrfs snapshot along with its corresponding UKI image.
Please contribute/continue so that we can find a standard and robust
version is CIP. Last version I saw internally was just broken.
Jan
Quirin Gylstorff
Apr 17, 2026, 3:35:56 AM (yesterday) Apr 17
to isar-...@googlegroups.com
Quirin
Reply all
Reply to author
Forward
0 new messages