-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathREADME.update-kernel
More file actions
33 lines (26 loc) · 2.12 KB
/
README.update-kernel
File metadata and controls
33 lines (26 loc) · 2.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
update-kernel
Existing:
- Unpacks kernel and firmware (* or installs from custom build dir), and all specified packages new apk root in tmpdir dest.
- Copies host keys upon request (-K flag).
- Runs depmod -a against the specifed modules directory.
- Create a modloop squashfs at staging /boot/modloop-<flavor> containing ALL modules included with kernel as well as any firmware required by any module.
- Runs mkinitfs using the tmpdir dest as the root and output to staging /boot/initramfs-<flavor>.
- Copies kernel and associated files to staging /boot.
- If /.modloop is mounted, unmount it (and don't fail if we cant), remount it rw if it's still around.
- Moves files from staging to target root (with /boot appended to the path only if MEDIA is set).
- If device tree directory exists in tmpdir dest, cpio the dtbs to their output directory (handling media and rpi).
- If /.modloop exists, remount ro if mounted and loop mount new modloop.
- None of the resulting artifacts are currently signed or tracked to their source packages in any way.
mkimage update-kernel:
- Performs similar steps, but sequenced through mkimage builder.
- Does not attempt to modify running system (no mount/unmount).
Proposal:
- Reduce funtion of update-kernel to that of actual installation on running systems only.
- Replace stripped functionality with kernel/mkinitfs packager.
- Currently, there is no apparent reason to rebuild the modloop at update-kernel time as opposed to simply shipping on matching the kernel.
- Currently, there is no apparent reason why the initfs can't be shipped as an apk and the appropriate portions appended to the installed initramfs.
- Create wrapper tool for building modloops. Modules installed in modloop should become configurable.
- Kernel and modules should be signed when built.
- Maintain signed manifest of source and destination of all files, their initial hashes, and final hashes after any configuration is applied.
- Add kernel version to file names as needed and allow booting from one of multiple versions.
- Create wrapper tool for building bootloader configs and utilize to update running systems.